Merge branch 'main' into feature/pot-hook-filter

.github/workflows/phpstan.yml

@@ -25,7 +25,7 @@ jobs:
           coverage: "none"
           extensions: "intl, zip"
           ini-values: "memory_limit=-1"
-          php-version: "${{ matrix.php-versions }}"
+          php-version: "${{ matrix.php-version }}"
 
       - name: Get composer cache directory
         id: composer-cache

CHANGELOG-1.x.md

@@ -1,46 +1,5 @@
 # Changelog
 
-## [1.8.8 - 31.01.2026]
-### Added
-* Change Comment: Add missing hooks - patched from 0.8 (https://github.com/slawkens/myaac/commit/a60a23b84f61d41d1503073b52e01e3120f6d92a)
-
-### Changed
-* Account Manage: Change the last login to the correct login time – Instead of just "now" (https://github.com/slawkens/myaac/commit/5b841682cdc473b38ef1a5edfcfe1a020802e286)
-* Twig: Extract renderInline(content, context) as a method to $twig (https://github.com/slawkens/myaac/commit/5e4806f891f8c88c37d45b89bbede23afc2fa37b)
-* Mail: Remove HTML tags from the email function (https://github.com/slawkens/myaac/commit/6661c78dac69c6aa498b9c79fe7da4fe0150e5c8)
-
-### Fixed
-* Forum: Fix XSS in board name (https://github.com/slawkens/myaac/commit/e52d9e486f5bf1dea867f59287f70aef3d538189, https://github.com/slawkens/myaac/commit/6db738a87c44b8d96919191ba5e661c32ab47457)
-* Forum: Fix edit_post, despite being an author, edit didn't work (https://github.com/slawkens/myaac/commit/e8b47429e8c607c2662a78b65415dfa772aa0e48)
-* Forum: Fix a player link in the forum thread being not clickable (When outfits are enabled) (https://github.com/slawkens/myaac/commit/f640ca636f34cd2dfc1fa8de6fdbed0674908b30)
-* Settings: Fix variable overlapping if the same var name as in core (https://github.com/slawkens/myaac/commit/c2415e9df3a5ffaf768f6f9668bdd38b5efd0771)
-* Settings: fix show_if for the selects (https://github.com/slawkens/myaac/commit/8dcbb66753914322706216cfd01436eb1478a5ce)
-
-## [1.8.7 - 04.01.2026]
-
-### Fixed
-* Fixed [player/guild/house] bb code in forum (https://github.com/slawkens/myaac/commit/8ec9bf10682c73f1fe40967a106ccda2a5073ed0)
-
-### Changed
-* Settings: better responsiveness on mobile (https://github.com/slawkens/myaac/commit/c65d4e4b62ef26fb4e24ecb1d2bcc4556d746adf)
-* Signatures: Return 404 when the signature player is not found (https://github.com/slawkens/myaac/commit/7e6480b380799add7a2b1b7ce1d3c1f2b6819ff1)
-
-### Removed
-* Remove setting: outfit_images_wrong_looktypes - is obsolete, the bug doesn't exist in the latest outfit images (https://github.com/slawkens/myaac/commit/cc220bedc1f01535eaac23f6961135e2e7a6e310)
-
-## [1.8.6 - 14.12.2025]
-
-### Added
-* Added hook for adding custom rules to validate new character name (https://github.com/slawkens/myaac/commit/8e6749c59984631288e8e9803819b2f0ff389761)
-
-### Fixed
-* Highscores: Fix ordering by different skills (Adjust order by desc: skill_tries, manaspent, experience) - More exact results (https://github.com/slawkens/myaac/commit/c86257e6dacbad773aa09c0958eeaa106a967f2d)
-* Fix exception shown on first install, when there is no vendor - Before it displayed 500 white page, now it display the exception (https://github.com/slawkens/myaac/commit/18a1178e4b93607a350259679e0366cb83fb4126)
-* Fix typo $up -> $down, in migration nr 7, was failing due that (https://github.com/slawkens/myaac/commit/fd74f01291d0e9cdb92ee1b95021c9d7b591ad7c)
-
-### Changed
-* Ini set html_errors = 0, to show html code in exceptions (https://github.com/slawkens/myaac/commit/9ed06782e67772826d927ad847a077b99df5060d)
-
 ## [1.8.5 - 21.11.2025]
 
 ### Added

common.php

@@ -26,7 +26,7 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.8.9-dev';
+const MYAAC_VERSION = '1.8.6-dev';
 const DATABASE_VERSION = 46;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));

package-lock.json

@@ -18,9 +18,9 @@
       }
     },
     "node_modules/@cypress/request": {
-      "version": "3.0.10",
-      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.10.tgz",
-      "integrity": "sha512-hauBrOdvu08vOsagkZ/Aju5XuiZx6ldsLfByg1htFeldhex+PeMrYauANzFsMJeAA0+dyPLbDoX2OYuvVoLDkQ==",
+      "version": "3.0.8",
+      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.8.tgz",
+      "integrity": "sha512-h0NFgh1mJmm1nr4jCwkGHwKneVYKghUyWe6TMNrk0B9zsjAJxpg8C4/+BAcmLgCPa1vj1V8rNUaILl+zYRUWBQ==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -30,14 +30,14 @@
         "combined-stream": "~1.0.6",
         "extend": "~3.0.2",
         "forever-agent": "~0.6.1",
-        "form-data": "~4.0.4",
+        "form-data": "~4.0.0",
         "http-signature": "~1.4.0",
         "is-typedarray": "~1.0.0",
         "isstream": "~0.1.2",
         "json-stringify-safe": "~5.0.1",
         "mime-types": "~2.1.19",
         "performance-now": "^2.1.0",
-        "qs": "~6.14.1",
+        "qs": "6.14.0",
         "safe-buffer": "^5.1.2",
         "tough-cookie": "^5.0.0",
         "tunnel-agent": "^0.6.0",
@@ -1431,9 +1431,9 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.23",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
-      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
       "dev": true,
       "license": "MIT"
     },
@@ -1743,9 +1743,9 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.14.1",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz",
-      "integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
+      "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
       "dev": true,
       "license": "BSD-3-Clause",
       "dependencies": {

system/compat/config.php

@@ -21,6 +21,7 @@ $deprecatedConfig = [
 	'visitors_counter_ttl',
 	'views_counter',
 	'outfit_images_url',
+	'outfit_images_wrong_looktypes',
 	'item_images_url',
 	'account_country',
 	'towns',
@@ -51,7 +52,6 @@ $deprecatedConfig = [
 	'online_skulls',
 	'online_outfit',
 	'online_afk',
-	'team_style',
 	'team_display_outfit' => 'team_outfit',
 	'team_display_status' => 'team_status',
 	'team_display_world' => 'team_world',

system/functions.php

@@ -21,6 +21,7 @@ use MyAAC\News;
 use MyAAC\Plugins;
 use MyAAC\Settings;
 use PHPMailer\PHPMailer\PHPMailer;
+use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
 function message($message, $type, $return)
 {
@@ -515,12 +516,7 @@ function template_place_holder($type): string
 			$ret .= $debugBarRenderer->renderHead();
 		}
 	}
-	elseif ($type === 'head_end') {
-		$ret .= setting('core.html_head');
-	}
 	elseif ($type === 'body_start') {
-		$ret .= setting('core.html_body');
-
 		$ret .= $twig->render('browsehappy.html.twig');
 
 		if (admin()) {
@@ -531,8 +527,6 @@ function template_place_holder($type): string
 		}
 	}
 	elseif($type === 'body_end') {
-		$ret .= setting('core.html_footer');
-
 		$ret .= template_ga_code();
 		if (isset($debugBar)) {
 			$ret .= $debugBarRenderer->render();
@@ -884,12 +878,11 @@ function getWorldName($id)
  *
  * @param string $to Recipient email address.
  * @param string $subject Subject of the message.
- * @param string $body Message body in HTML format.
+ * @param string $body Message body in html format.
  * @param string $altBody Alternative message body, plain text.
  * @return bool PHPMailer status returned (success/failure).
- * @throws \PHPMailer\PHPMailer\Exception
  */
-function _mail(string $to, string $subject, string $body, string $altBody = ''): bool
+function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
 {
 	global $mailer, $config;
 
@@ -907,6 +900,12 @@ function _mail(string $to, string $subject, string $body, string $altBody = ''):
 		$mailer->clearAllRecipients();
 	}
 
+	$signature_html = setting('core.mail_signature_html');
+	if($add_html_tags && isset($body[0]))
+		$tmp_body = '<html><head></head><body>' . $body . '<br/><br/>' . $signature_html . '</body></html>';
+	else
+		$tmp_body = $body . '<br/><br/>' . $signature_html;
+
 	$mailOption = setting('core.mail_option');
 	if($mailOption == MAIL_SMTP)
 	{
@@ -933,9 +932,6 @@ function _mail(string $to, string $subject, string $body, string $altBody = ''):
 		$mailer->isMail();
 	}
 
-	$signature_html = setting('core.mail_signature_html');
-	$tmp_body = $body . '<br/><br/>' . $signature_html;
-
 	$mailer->isHTML(isset($body[0]) > 0);
 	$mailer->From = setting('core.mail_address');
 	$mailer->Sender = setting('core.mail_address');
@@ -1385,7 +1381,17 @@ function getCustomPage($name, &$success): string
 			ob_end_clean();
 		}
 		else {
-			$content .= $twig->renderInline($page['body']);
+			$oldLoader = $twig->getLoader();
+
+			$twig_loader_array = new Twig_ArrayLoader(array(
+				'content.html' => $page['body']
+			));
+
+			$twig->setLoader($twig_loader_array);
+
+			$content .= $twig->render('content.html');
+
+			$twig->setLoader($oldLoader);
 		}
 	}
 

system/libs/pot/OTS.php

@@ -311,9 +311,18 @@ class POT
  */
 	public function loadClass($class)
 	{
-		if( preg_match('/^(I|E_)?OTS_/', $class) > 0)
-		{
-			include_once($this->path . $class . '.php');
+		if( preg_match('/^(I|E_)?OTS_/', $class) > 0) {
+			global $hooks;
+			$include = $this->path . $class . '.php';
+
+			if (isset($hooks)) {
+				$args = ['include' => $include, 'class' => $class];
+				$hooks->triggerFilter(HOOK_FILTER_POT, $args);
+
+				$include = $args['include'];
+			}
+
+			include_once($include);
 		}
 	}
 

system/pages/account/change-password.php

@@ -22,7 +22,7 @@ csrfProtect();
 $new_password = $_POST['new_password'] ?? null;
 $new_password_confirm = $_POST['new_password_confirm'] ?? null;
 $old_password = $_POST['old_password'] ?? null;
-if(is_null($new_password) && is_null($new_password_confirm) && is_null($old_password)) {
+if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
 	$twig->display('account.change-password.html.twig');
 }
 else {

system/pages/account/characters/change-comment.php

@@ -51,8 +51,6 @@ if($player_name != null) {
 						'description' => 'The character information has been changed.'
 					));
 					$show_form = false;
-
-					$hooks->trigger(HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_SUCCESS, ['player' => $player]);
 				}
 			}
 		} else {
@@ -72,11 +70,9 @@ if($show_form) {
 	}
 
 	if(isset($player) && $player) {
-		$_player = $player->toArray();
-		$_player['id'] = $player->id; // Hack, as it's somehow missing in the toArray() function
-
-		$twig->display('account.characters.change-comment.html.twig', [
-			'player' => $_player,
-		]);
+		$twig->display('account.characters.change-comment.html.twig', array(
+			'player' => $player->toArray()
+		));
 	}
 }
+?>

system/pages/account/register-new.php

@@ -48,7 +48,7 @@ else
 					$account_logged->setCustomField('key', $new_rec_key);
 					$account_logged->setCustomField(setting('core.donate_column'), $account_logged->getCustomField(setting('core.donate_column')) - setting('core.account_generate_new_reckey_price'));
 					$account_logged->logAction('Generated new recovery key for ' . setting('core.account_generate_new_reckey_price') . ' premium points.');
-					$message = '<br />Your recovery key was sent on email address <b>'.$account_logged->getEMail().'</b> for '.setting('core.account_generate_new_reckey_price').' premium points.';
+					$message = '<br />Your recovery key were send on email address <b>'.$account_logged->getEMail().'</b> for '.setting('core.account_generate_new_reckey_price').' premium points.';
 				}
 				else
 					$message = '<br /><p class="error">An error occurred while sending email ( <b>'.$account_logged->getEMail().'</b> ) with recovery key! Recovery key not changed. Try again later. For Admin: More info can be found in system/logs/mailer-error.log</p>';

system/pages/forum/edit_post.php

@@ -36,9 +36,9 @@ if(Forum::canPost($account_logged)) {
 	$thread = $db->query("SELECT `author_guid`, `author_aid`, `first_post`, `post_topic`, `post_date`, `post_text`, `post_smile`, `post_html`, `id`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post_id." LIMIT 1")->fetch();
 	if(isset($thread['id'])) {
 		$first_post = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread['first_post']." LIMIT 1")->fetch();
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.escapeHtml($sections[$thread['section']]['name']).'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
 
-		if(Forum::hasAccess($thread['section']) && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())) {
+		if(Forum::hasAccess($thread['section'] && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator()))) {
 			$char_id = $post_topic = $text = $smile = $html = null;
 			$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 			$saved = false;

system/pages/forum/new_post.php

@@ -42,7 +42,7 @@ if(Forum::canPost($account_logged)) {
 	$thread = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." LIMIT 1")->fetch();
 
 	if(isset($thread['id']) && Forum::hasAccess($thread['section'])) {
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.escapeHtml($sections[$thread['section']]['name']).'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
 
 		$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
 		$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;

system/pages/forum/new_thread.php

@@ -34,7 +34,7 @@ if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
 	$section_id = $_REQUEST['section_id'] ?? null;
 	if($section_id !== null) {
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . escapeHtml($sections[$section_id]['name']) . '</a> >> <b>Post new thread</b><br />';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . $sections[$section_id]['name'] . '</a> >> <b>Post new thread</b><br />';
 
 		if(isset($sections[$section_id]['name']) && Forum::hasAccess($section_id)) {
 			if ($sections[$section_id]['closed'] && !Forum::isModerator())

system/pages/forum/show_board.php

@@ -42,7 +42,7 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 		$links_to_pages .= '<b>'.($i + 1).' </b>';
 }
 
-echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.escapeHtml($sections[$section_id]['name']).'</b>';
+echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_id]['name'].'</b>';
 
 if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />

system/pages/forum/show_thread.php

@@ -70,7 +70,7 @@ foreach($posts as &$post) {
 	}
 
 	$post['group'] = $groupName;
-	$post['player_link'] = '<a href="' . getPlayerLink($player, false) . '" style="position: relative;">' . $player->getName() . '</a>';
+	$post['player_link'] = getPlayerLink($player->getName());
 
 	$post['vocation'] = $player->getVocationName();
 

system/pages/highscores.php

@@ -249,7 +249,7 @@ foreach($highscores as $id => &$player)
 
 		$player['link'] = getPlayerLink($player['name'], false);
 		$player['flag'] = getFlagImage($player['country']);
-		$player['outfit'] = '<img style="position:absolute;margin-top:-50px;margin-left:-30px" src="' . $player['outfit_url'] . '" alt="" />';
+		$player['outfit'] = '<img style="position:absolute;margin-top:' . (in_array($player['looktype'], setting('core.outfit_images_wrong_looktypes')) ? '-15px;margin-left:5px' : '-45px;margin-left:-25px') . ';" src="' . $player['outfit_url'] . '" alt="" />';
 
 		if ($skill != POT::SKILL__LEVEL) {
 			if (isset($lastValue) && $lastValue == $player['value']) {

system/settings.php

@@ -156,7 +156,7 @@ return [
 		'footer' => [
 			'name' => 'Custom Text',
 			'type' => 'textarea',
-			'desc' => 'Text displayed in the footer.<br/>For example: <i>' . escapeHtml('<br/>') . 'Your Server &copy; ' . date("Y") . '. All rights reserved.</i>',
+			'desc' => 'Text displayed in the footer.<br/>For example: <i>' . escapeHtml('<br/>') . 'Your Server &copy; 2023. All rights reserved.</i>',
 			'default' => '',
 		],
 		'footer_load_time' => [
@@ -251,28 +251,6 @@ return [
 			'desc' => 'Allow MyAAC to report anonymous usage statistics to developers? The data is sent only once per 30 days and is fully confidential. It won\'t affect the performance of your website',
 			'default' => true,
 		],
-		[
-			'type' => 'section',
-			'title' => 'Custom HTML',
-		],
-		'html_head' => [
-			'name' => 'HTML Head',
-			'type' => 'textarea',
-			'desc' => escapeHtml('These scripts will be printed in the <head> section. Can be, for example, Google Analytics code.'),
-			'default' => '',
-		],
-		'html_body' => [
-			'name' => 'HTML Body',
-			'type' => 'textarea',
-			'desc' => escapeHtml('These scripts will be printed just below the opening <body> tag.'),
-			'default' => '',
-		],
-		'html_footer' => [
-			'name' => 'HTML Footer',
-			'type' => 'textarea',
-			'desc' => escapeHtml('These scripts will be printed above the closing </body> tag.'),
-			'default' => '',
-		],
 		[
 			'type' => 'category',
 			'title' => 'Game',
@@ -1504,6 +1482,17 @@ Sent by MyAAC,<br/>
 			'desc' => 'Set to animoutfit.php for animated outfit',
 			'default' => 'https://outfit-images.ots.me/latest/outfit.php',
 		],
+		'outfit_images_wrong_looktypes' => [
+			'name' => 'Outfit Images Wrong Looktypes',
+			'type' => 'text',
+			'desc' => 'This looktypes needs to have different margin-top and margin-left because they are wrong positioned',
+			'default' => '75, 126, 127, 266, 302',
+			'callbacks' => [
+				'get' => function ($value) {
+					return array_map('trim', explode(',', $value));
+				},
+			],
+		],
 		[
 			'type' => 'section',
 			'title' => 'Monster Images'

system/src/Commands/GiveAdminCommand.php

@@ -1,50 +0,0 @@
-<?php
-
-namespace MyAAC\Commands;
-
-use MyAAC\Plugins;
-use Symfony\Component\Console\Input\InputArgument;
-use Symfony\Component\Console\Input\InputInterface;
-use Symfony\Component\Console\Output\OutputInterface;
-use Symfony\Component\Console\Style\SymfonyStyle;
-
-class GiveAdminCommand extends Command
-{
-	protected function configure(): void
-	{
-		$this->setName('give:admin')
-			->setDescription('This command adds super admin privileges to selected user')
-			->addArgument('account', InputArgument::REQUIRED, 'Account E-Mail, name or id');
-	}
-
-	protected function execute(InputInterface $input, OutputInterface $output): int
-	{
-		require SYSTEM . 'init.php';
-
-		$io = new SymfonyStyle($input, $output);
-
-		$account = new \OTS_Account();
-
-		$accountParam = $input->getArgument('account');
-		if (str_contains($accountParam, '@')) {
-			$account->findByEMail($accountParam);
-		}
-		else {
-			if (USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER) {
-				$account->find($accountParam);
-			}
-			else {
-				$account->load($accountParam);
-			}
-		}
-
-		if (!$account->isLoaded()) {
-			$io->error('Cannot find account mit supplied parameter: ' . $accountParam);
-			return self::FAILURE;
-		}
-
-		$account->setCustomField('web_flags', 3);
-		$io->success('Successfully added admin privileges to ' . $accountParam . ' (E-Mail: ' . $account->getEMail() . ')');
-		return self::SUCCESS;
-	}
-}

system/src/Forum.php

@@ -231,7 +231,6 @@ class Forum
 			if(!is_int($rows / 2)) { $bgcolor = 'ABED25'; } else { $bgcolor = '23ED25'; } $rows++;
 			$text = str_ireplace('[code]'.$code.'[/code]', '<i>Code:</i><br /><table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #CCCCCC; border-width: 2px"><tr><td>'.$code.'</td></tr></table>', $text);
 		}
-
 		$rows = 0;
 		while(stripos($text, '[quote]') !== false && stripos($text, '[/quote]') !== false )
 		{
@@ -239,31 +238,11 @@ class Forum
 			if(!is_int($rows / 2)) { $bgcolor = 'AAAAAA'; } else { $bgcolor = 'CCCCCC'; } $rows++;
 			$text = str_ireplace('[quote]'.$quote.'[/quote]', '<table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #007900; border-width: 2px"><tr><td>'.$quote.'</td></tr></table>', $text);
 		}
-
-		$tagsToParse = [
-			'url' => function ($str) {
-				return '<a href="'.$str.'" target="_blank">'.$str.'</a>';
-			},
-			'player' => function ($str) {
-				return generateLink(getPlayerLink($str, false), $str, true);
-			},
-			'guild' => function ($str) {
-				return generateLink(getGuildLink($str, false), $str, true);
-			},
-			'house' => function ($str) {
-				return generateLink(getHouseLink($str, false), $str, true);
-			}
-		];
-
-		foreach ($tagsToParse as $tag => $callback) {
-			while(stripos($text, "[$tag]") !== false && stripos($text, "[/$tag]") !== false
-				&& stripos($text, "[$tag]") < stripos($text, "[/$tag]"))
-			{
-				$length = strlen("[$tag]");
-				$substr = substr($text, stripos($text, "[$tag]") + $length, stripos($text, "[/$tag]") - stripos($text, "[$tag]") - $length);
-
-				$text = str_ireplace('[' . $tag . ']' . $substr . '[/' . $tag . ']', $callback($substr), $text);
-			}
+		$rows = 0;
+		while(stripos($text, '[url]') !== false && stripos($text, '[/url]') !== false )
+		{
+			$url = substr($text, stripos($text, '[url]')+5, stripos($text, '[/url]') - stripos($text, '[url]') - 5);
+			$text = str_ireplace('[url]'.$url.'[/url]', '<a href="'.$url.'" target="_blank">'.$url.'</a>', $text);
 		}
 
 		$xhtml = false;
@@ -273,6 +252,9 @@ class Forum
 			'#\[u\](.*?)\[/u\]#si' => ($xhtml ? '<span style="text-decoration: underline;">\\1</span>' : '<u>\\1</u>'),
 			'#\[s\](.*?)\[/s\]#si' => ($xhtml ? '<strike>\\1</strike>' : '<s>\\1</s>'),
 
+			'#\[guild\](.*?)\[/guild\]#si' => urldecode(generateLink(getGuildLink('$1', false), '$1', true)),
+			'#\[house\](.*?)\[/house\]#si' => urldecode(generateLink(getHouseLink('$1', false), '$1', true)),
+			'#\[player\](.*?)\[/player\]#si' => urldecode(generateLink(getPlayerLink('$1', false), '$1', true)),
 			// TODO: [poll] tag
 
 			'#\[color=(.*?)\](.*?)\[/color\]#si' => ($xhtml ? '<span style="color: \\1;">\\2</span>' : '<span style="color: \\1">\\2</span>'),

system/src/Models/AccountBan.php

@@ -1,18 +0,0 @@
-<?php
-
-namespace MyAAC\Models;
-use Illuminate\Database\Eloquent\Model;
-
-class AccountBan extends Model {
-
-	protected $table = TABLE_PREFIX . 'account_bans';
-
-	public $timestamps = false;
-
-	protected $fillable = [
-		'account_id',
-		'reason', 'banned_at',
-		'expires_at', 'banned_by'
-	];
-
-}

system/src/Settings.php

@@ -122,21 +122,18 @@ class Settings implements \ArrayAccess
 	public static function display($plugin, $settings): array
 	{
 		$settingsDb = ModelsSettings::where('name', $plugin)->pluck('value', 'key')->toArray();
+		$config = [];
+		require BASE . 'config.local.php';
 
-		if ($plugin === 'core') {
-			$config = [];
-			require BASE . 'config.local.php';
-
-			foreach ($config as $key => $value) {
-				if (is_bool($value)) {
-					$settingsDb[$key] = $value ? 'true' : 'false';
-				}
-				elseif (is_array($value)) {
-					$settingsDb[$key] = $value;
-				}
-				else {
-					$settingsDb[$key] = (string)$value;
-				}
+		foreach ($config as $key => $value) {
+			if (is_bool($value)) {
+				$settingsDb[$key] = $value ? 'true' : 'false';
+			}
+			elseif (is_array($value)) {
+				$settingsDb[$key] = $value;
+			}
+			else {
+				$settingsDb[$key] = (string)$value;
 			}
 		}
 
@@ -187,11 +184,11 @@ class Settings implements \ArrayAccess
 					}
 					?>
 					<h3 id="row_<?= $key ?>" style="text-align: center"><strong><?= $setting['title']; ?></strong></h3>
-					<table class="table table-bordered table-striped table-responsive d-md-table">
+					<table class="table table-bordered table-striped">
 						<thead>
 							<tr>
 								<th style="width: 13%">Name</th>
-								<th style="width: 30%; min-width: 200px">Value</th>
+								<th style="width: 30%">Value</th>
 								<th>Description</th>
 							</tr>
 						</thead>

system/src/Twig/EnvironmentBridge.php

@@ -3,7 +3,6 @@
 namespace MyAAC\Twig;
 
 use Twig\Environment;
-use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
 class EnvironmentBridge extends Environment
 {
@@ -26,21 +25,4 @@ class EnvironmentBridge extends Environment
 
 		return parent::render($name, $context);
 	}
-
-	public function renderInline($content, array $context = []): string
-	{
-		$oldLoader = $this->getLoader();
-
-		$twig_loader_array = new Twig_ArrayLoader(array(
-			'content.html' => $content
-		));
-
-		$this->setLoader($twig_loader_array);
-
-		$ret = $this->render('content.html', $context);
-
-		$this->setLoader($oldLoader);
-
-		return $ret;
-	}
 }

system/src/global.php

@@ -28,10 +28,6 @@ define('HOOK_CHARACTERS_AFTER_CHARACTERS', ++$i);
 define('HOOK_LOGIN', ++$i);
 define('HOOK_LOGIN_ATTEMPT', ++$i);
 define('HOOK_LOGOUT', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_SUCCESS', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_NAME', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_HIDE_ACCOUNT', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_COMMENT', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_OLD_PASSWORD', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_NEW_PASSWORD', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_POST', ++$i);
@@ -112,6 +108,7 @@ define('HOOK_FILTER_ROUTES', ++$i);
 define('HOOK_FILTER_TWIG_DISPLAY', ++$i);
 define('HOOK_FILTER_TWIG_RENDER', ++$i);
 define('HOOK_FILTER_THEME_FOOTER', ++$i);
+define('HOOK_FILTER_POT', ++$i);
 define('HOOK_FILTER_VALIDATE_CHARACTER_NEW_NAME', ++$i);
 
 const HOOK_FIRST = HOOK_INIT;

system/templates/account.change-email.html.twig

@@ -5,18 +5,18 @@ Please enter your password and the new email address. Make sure that you enter a
 	<table style="width:100%;">
 		<tr>
 			<td class="LabelV" >
-				<label for="new_email">New Email Address:</label>
+				<span>New Email Address:</span>
 			</td>
 			<td style="width:90%;">
-				<input form="form" id="new_email" name="new_email" value="{% if new_email is defined %}{{ new_email }}{% endif %}" size="30" maxlength="50" autofocus/>
+				<input form="form" name="new_email" value="{% if new_email is defined %}{{ new_email }}{% endif %}" size="30" maxlength="50" autofocus/>
 			</td>
 		</tr>
 		<tr>
 			<td class="LabelV">
-				<label for="password">Password:</label>
+				<span >Password:</span>
 			</td>
 			<td>
-				<input form="form" type="password" id="password" name="password" size="30" maxlength="29">
+				<input form="form" type="password" name="password" size="30" maxlength="29">
 			</td>
 		</tr>
 	</table>

system/templates/account.change-info.html.twig

@@ -4,26 +4,20 @@ Here you can tell other players about yourself. This information will be display
 {% set content %}
 <table style="width: 100%;" >
 	<tr>
-		<td class="LabelV">
-			<label for="info_rlname">Real Name:</label>
-		</td>
+		<td class="LabelV">Real Name:</td>
 		<td style="width:90%;" >
-			<input form="form" id="info_rlname" name="info_rlname" value="{{ account_rlname }}" size="30" maxlength="50" >
+			<input form="form" name="info_rlname" value="{{ account_rlname }}" size="30" maxlength="50" >
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="info_location">Location:</label>
-		</td>
+		<td class="LabelV" >Location:</td>
 		<td>
-			<input form="form" id="info_location" name="info_location" value="{{ account_location }}" size="30" maxlength="50" >
+			<input form="form" name="info_location" value="{{ account_location }}" size="30" maxlength="50" >
 		</td>
 	</tr>
 	{% if setting('core.account_country') %}
 	<tr>
-		<td class="LabelV">
-			<label for="account_country">Country:</label>
-		</td>
+		<td class="LabelV">Country:</td>
 		<td>
 			<select form="form" name="info_country" id="account_country">
 				{% for code, country in countries %}

system/templates/account.change-password.html.twig

@@ -6,7 +6,7 @@ Please enter your current password and a new password. For your security, please
 <table style="width:100%;">
 	<tr>
 		<td class="LabelV">
-			<label for="old_password">Current Password:</label>
+			<span>Current Password:</span>
 		</td>
 		<td>
 			<input form="form" type="password" id="old_password" name="old_password" size="30" maxlength="29">
@@ -17,7 +17,7 @@ Please enter your current password and a new password. For your security, please
 
 	<tr>
 		<td class="LabelV">
-			<label for="new_password">New Password:</label>
+			<span>New Password:</span>
 		</td>
 		<td style="width:90%;">
 			<input form="form" type="password" id="new_password" name="new_password" size="30" maxlength="29">
@@ -28,7 +28,7 @@ Please enter your current password and a new password. For your security, please
 
 	<tr>
 		<td class="LabelV">
-			<label for="new_password_confirm">New Password Again:</label>
+			<span>New Password Again:</span>
 		</td>
 		<td>
 			<input form="form" type="password" id="new_password_confirm" name="new_password_confirm" size="30" maxlength="29">

system/templates/account.characters.change-comment.html.twig

@@ -33,7 +33,6 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 													<td class="LabelV">Name:</td>
 													<td style="width:80%;" >{{ player.name }}</td>
 												</tr>
-												{{ hook('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_NAME') }}
 												<tr>
 													<td class="LabelV" >Hide Account:</td>
 													<td>
@@ -43,7 +42,6 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 														{% if player.group_id > 1 %} (you will be also hidden on the Team page!){% endif %}
 													</td>
 												</tr>
-												{{ hook('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_HIDE_ACCOUNT') }}
 											</table>
 										</div>
 									</div>
@@ -67,7 +65,6 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 													<td class="LabelV" ><span>Comment:</span></td>
 													<td style="width:80%;"><textarea name="comment" rows="10" cols="50" wrap="virtual">{{ player.comment|raw }}</textarea><br>[max. length: 2000 chars, 50 lines (ENTERs)]</td>
 												</tr>
-												{{ hook('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_COMMENT') }}
 											</table>
 										</div>
 									</div>

system/templates/account.characters.change-name.html.twig

@@ -1,4 +1,4 @@
-To change the name of a character, select a player and choose a new name.<br/>
+To change a name of character select player and choose a new name.<br/>
 <span style="color: red">Change name cost {{ setting('core.account_change_character_name_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}.</span><br/><br/>
 
 {% set title = 'Change Name' %}
@@ -6,11 +6,9 @@ To change the name of a character, select a player and choose a new name.<br/>
 {% set content %}
 <table style="width:100%;" >
 	<tr>
-		<td class="LabelV">
-			<label for="player_id">Character:</label>
-		</td>
+		<td class="LabelV" ><span>Character:</span></td>
 		<td style="width:90%;" >
-			<select form="form" id="player_id" name="player_id">
+			<select form="form" name="player_id">
 				{% for player in account_logged.getPlayersList(false) %}
 				<option value="{{ player.getId() }}">{{ player.getName() }}</option>
 				{% endfor %}
@@ -18,9 +16,7 @@ To change the name of a character, select a player and choose a new name.<br/>
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="character_name">New Name:</label>
-		</td>
+		<td class="LabelV" ><span>New Name:</span></td>
 		<td>
 			<input form="form" type="text" name="name" id="character_name" size="25" maxlength="25" >
 			<img id="character_indicator" src="images/global/general/{% if not save or errors|length > 0 %}n{% endif %}ok.gif" />

system/templates/account.characters.change-sex.html.twig

@@ -6,11 +6,9 @@ To change a sex of character select player and choose a new sex.<br/>
 {% set content %}
 <table style="width:100%;" >
 	<tr>
-		<td class="LabelV">
-			<label for="player_id">Character:</label>
-		</td>
+		<td class="LabelV" ><span>Character:</span></td>
 		<td style="width:90%;" >
-			<select form="form" id="player_id" name="player_id">
+			<select form="form" name="player_id">
 				{% for player in players %}
 				<option value="{{ player.getId() }}">{{ player.getName() }}</option>
 				{% endfor %}
@@ -18,11 +16,9 @@ To change a sex of character select player and choose a new sex.<br/>
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="new_sex">New Sex:</label>
-		</td>
+		<td class="LabelV" ><span>New Sex:</span></td>
 		<td>
-			<select form="form" id="new_sex" name="new_sex">
+			<select form="form" name="new_sex">
 				{% for id, gender in config.genders %}
 				<option value="{{ id }}"{% if player_sex == id %} selected{% endif %}>{{ gender }}</option>
 				{% endfor %}

system/templates/account.characters.delete.html.twig

@@ -4,19 +4,15 @@ To delete a character enter the name of the character and your password.<br/><br
 {% set content %}
 <table style="width:100%;">
 	<tr>
-		<td class="LabelV">
-			<label for="delete_name">Character Name:</label>
-		</td>
+		<td class="LabelV" ><span>Character Name:</span></td>
 		<td style="width:90%;">
-			<input form="form" id="delete_name" name="delete_name" value="" size="30" maxlength="29"/>
+			<input form="form" name="delete_name" value="" size="30" maxlength="29"/>
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="delete_password">Password:</label>
-		</td>
+		<td class="LabelV" ><span>Password:</span></td>
 		<td>
-			<input form="form" type="password" id="delete_password" name="delete_password" size="30" maxlength="29"/>
+			<input form="form" type="password" name="delete_password" size="30" maxlength="29"/>
 		</td>
 	</tr>
 </table>

system/templates/account.create.html.twig

@@ -48,7 +48,7 @@
 								</tr>
 
 								{% if setting('core.mail_enabled') and setting('core.account_mail_verify') %}
-									<tr><td></td><td><span><strong>Please use a real address!<br/>We will send a link to validate your Email.</strong></span></td></tr>
+									<tr><td></td><td><span><strong>Please use real address!<br/>We will send a link to validate your Email.</strong></span></td></tr>
 								{% endif %}
 
 								{{ hook('HOOK_ACCOUNT_CREATE_AFTER_EMAIL') }}

system/templates/account.generate_new_recovery_key.html.twig

@@ -1,15 +1,13 @@
-To generate a new recovery key for your account, please enter your password.<br/>
-<span style="color: red"><b>New recovery key cost {{ setting('core.account_change_character_name_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You will receive an e-mail with this recovery key.
+To generate new recovery key for your account please enter your password.<br/>
+<span style="color: red"><b>New recovery key cost {{ setting('core.account_generate_new_reckey_price') }} Premium Points</b>.</span> You have {{ points }} premium points. You will receive e-mail with this recovery key.
 <br/>
 {% set title = 'Generate recovery key' %}
 {% set background = config('darkborder') %}
 {% set content %}
 <table style="width:100%;">
 	<tr>
-		<td class="LabelV">
-			<label for="reg_password">Password:</label>
-		</td>
-		<td><input form="form" type="password" id="reg_password" name="reg_password" size="30" maxlength="29" ></td>
+		<td class="LabelV"><span>Password:</span></td>
+		<td><input form="form" type="password" name="reg_password" size="30" maxlength="29" ></td>
 	</tr>
 </table>
 {% endset %}
@@ -20,7 +18,7 @@ To generate a new recovery key for your account, please enter your password.<br/
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/register-new') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="registeraccountsave" value="1">
@@ -33,7 +31,7 @@ To generate a new recovery key for your account, please enter your password.<br/
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form action="{{ getLink('account/manage') }}" method="post">
 							{{ csrf() }}
 							{{ include('buttons.back.html.twig') }}

system/templates/account.generate_recovery_key.html.twig

@@ -5,10 +5,10 @@ To generate recovery key for your account please enter your password.<br/><br/>
 <table style="width:100%;" >
 	<tr>
 		<td class="LabelV">
-			<label for="reg_password">Password:</label>
+			<span>Password:</span>
 		</td>
 		<td>
-			<input form="form" type="password" id="reg_password" name="reg_password" size="30" maxlength="29" autofocus/>
+			<input form="form" type="password" name="reg_password" size="30" maxlength="29" autofocus/>
 		</td>
 	</tr>
 </table>
@@ -20,7 +20,7 @@ To generate recovery key for your account please enter your password.<br/><br/>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/register') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="registeraccountsave" value="1"/>

system/templates/account.management.html.twig

@@ -114,7 +114,7 @@
 			</tr>
 			<tr style="background-color: {{ config.darkborder }};" >
 				<td>Last Login:</td>
-				<td>{{ account_logged.getCustomField('web_lastlogin')|date("j F Y, G:i:s") }}</td>
+				<td>{{ "now"|date("j F Y, G:i:s") }}</td>
 			</tr>
 			{% autoescape false %}
 			<tr style="background-color: {{ config.lightborder }};" >
@@ -179,7 +179,7 @@
 				{% set i = i + 1 %}
 				<tr bgcolor="{{ getStyle(i) }}">
 					<td>
-						<a href="{{ getLink('characters/' ~ player.getName()|urlencode) }}">{{ player.getName() }}</a>{% if player.isDeleted() %}<span style="color: red"><b> [ DELETED ] </b></span>{% endif %}
+						<a href="{{ getLink('characters/' ~ player.getName()|urlencode) }}">{{ player.getName() }}</a>
 					</td>
 					<td>{{ player.getLevel() }}</td>
 					<td>{{ player.getVocationName() }}</td>

system/templates/admin.changelog.html.twig

@@ -1,6 +1,6 @@
 <div class="card card-info card-outline">
 	<div class="card-header">
-		<h5 class="m-0">Changelogs:
+		<h5 class="m-0">News:
 			<form method="post" class="float-right">
 				{{ csrf() }}
 				<input type="hidden" name="action" value="new" />

system/templates/admin.settings.html.twig

@@ -37,31 +37,21 @@
 {% for key, value in settings %}
 	{% if value.show_if is defined %}
 		$(function () {
-			{% set inputType = 'input' %}
-
-			{% if settings[value.show_if[0]]['type'] == 'options' %}
-				{% set inputType = 'select' %}
-			{% endif %}
-
-			$('{{ inputType }}[name="settings[{{ value.show_if[0] }}]"]').change(function () {
+			$('input[name="settings[{{ value.show_if[0] }}]"]').change(function () {
 				performChecks_{{ key }}(this);
 			});
 
 			{% if settings[value.show_if[0]]['type'] == 'boolean' %}
 			performChecks_{{ key }}('input[name="settings[{{ value.show_if[0] }}]"]:checked');
 			{% else %}
-			performChecks_{{ key }}('{{ inputType }}[name="settings[{{ value.show_if[0] }}]"]');
+			performChecks_{{ key }}('input[name="settings[{{ value.show_if[0] }}]"]');
 			{% endif %}
 		});
 
 		function performChecks_{{ key }}(el)
 		{
 			let success = false;
-
 			let thisVal = $(el).val();
-			{% if settings[value.show_if[0]]['type'] == 'options' %}
-			thisVal = $(el).find(":selected").val();
-			{% endif %}
 
 			let operator = '{{ value.show_if[1]|raw }}';
 			if (operator === '>') {

system/templates/characters.html.twig

@@ -17,7 +17,7 @@
 		{% endif %}
 		<table border="0" cellspacing="1" cellpadding="4" width="100%">
 			{% if config.characters.outfit %}
-			<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:-60px;margin-top:-60px;width:128px;height:128px;" src="{{ outfit }}" alt="player outfit"/></div>
+			<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:{% if player.getLookType() in setting('core.outfit_images_wrong_looktypes') %}-0px;margin-top:-0px;width:64px;height:64px;{% else %}-60px;margin-top:-60px;width:128px;height:128px;{% endif %}" src="{{ outfit }}" alt="player outfit"/></div>
 			{% endif %}
 
 			<tr bgcolor="{{ config.vdarkborder }}">

system/templates/forum.new_post.html.twig

@@ -1,7 +1,7 @@
 <form action="?" method="post">
 	{{ csrf() }}
 	<input type="hidden" name="action" value="new_post" />
-	<input type="hidden" name="thread_id" value="{{ thread_id }}" />
+	<input type="hidden" name="thread_id" value=" {{ thread_id }}" />
 	<input type="hidden" name="subtopic" value="forum" />
 	<input type="hidden" name="save" value="save" />
 	<table width="100%">
@@ -43,8 +43,7 @@
 		</tr>
 	</table>
 	<div style="text-align:center">
-		{% set button_name = 'Post Reply' %}
-		{{ include('buttons.base.html.twig') }}
+		<input type="submit" value="Post Reply" />
 	</div>
 </form>
 

system/templates/forum.new_thread.html.twig

@@ -44,7 +44,6 @@
 		</tr>
 	</table>
 	<div style="text-align:center">
-		{% set button_name = 'Post Thread' %}
-		{{ include('buttons.base.html.twig') }}
+		<input type="submit" value="Post Thread" />
 	</div>
 </form>

system/templates/forum.show_thread.html.twig

@@ -24,7 +24,7 @@ Page: {{ links_to_pages|raw }}<br/>
 		{% set i = i + 1 %}
 		<td valign="top">{{ post.player_link|raw }}<br/>
 			{% if post.outfit is defined %}
-			<img style="margin-left:-60px;margin-top:-60px;width:128px;height:128px;" src="{{ post.outfit }}" alt="player outfit"/>
+			<img style="margin-left:{% if post.player.getLookType() in setting('core.outfit_images_wrong_looktypes') %}-0px;margin-top:-0px;width:64px;height:64px;{% else %}-60px;margin-top:-60px;width:128px;height:128px;{% endif %}" src="{{ post.outfit }}" alt="player outfit"/>
 			<br />
 			{% endif %}
 			<span style="font-size: 10px">

system/templates/guilds.leave_guild.html.twig

@@ -6,7 +6,7 @@
 		<td class="white"><b>Leave guild</b></td></tr>
 	{% if players|length > 0 %}
 	<tr bgcolor="{{ config.lightborder }}">
-		<td width="100%">Select a character to leave the guild:</td>
+		<td width="100%">Select character to leave guild:</td>
 	</tr>
 	<tr bgcolor="{{ config.darkborder }}">
 		<td>

system/templates/guilds.manager.html.twig

@@ -105,8 +105,7 @@ Here you can change names of ranks, delete and add ranks, pass leadership to oth
 				<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=delete_rank" method="post" style="display: inline;">
 					{{ csrf() }}
 					<input type="hidden" name="rankid" value="{{ rank.getId() }}" />
-
-					<input type="submit" value="Delete" />
+					<input type="image" src="/images/news/delete.png" border="0" alt="Delete" />
 				</form>
 			</td>
 			<td>

system/templates/online.html.twig

@@ -4,35 +4,24 @@
 <br/>
 {% endif %}
 
-<br/>
-
 {# vocation statistics #}
 {% if setting('core.online_vocations') %}
-
-	{% set title = 'Vocation statistics' %}
-	{% set tableClass = 'Table3' %}
-	{% set background = config('darkborder') %}
-	{% set content %}
-
+<br/>
 	{% if setting('core.online_vocations_images') %}
-	<table width="200" cellspacing="1" cellpadding="0" border="0" align="center" class="myaac-table">
-		<thead>
-		<tr>
-			<td class="white" style="text-align: center;"><strong>Sorcerers</strong></td>
-			<td class="white" style="text-align: center;"><strong>Druids</strong></td>
-			<td class="white" style="text-align: center;"><strong>Paladins</strong></td>
-			<td class="white" style="text-align: center;"><strong>Knights</strong></td>
-		</tr>
-		</thead>
-
-		<tr>
+	<table width="200" cellspacing="1" cellpadding="0" border="0" align="center">
+		<tr bgcolor="{{ config.darkborder }}">
 			<td><img src="images/sorcerer.png" /></td>
 			<td><img src="images/druid.png" /></td>
 			<td><img src="images/paladin.png" /></td>
 			<td><img src="images/knight.png" /></td>
 		</tr>
-
-		<tr>
+		<tr bgcolor="{{ config.vdarkborder }}">
+			<td class="white" style="text-align: center;"><strong>Sorcerers</strong></td>
+			<td class="white" style="text-align: center;"><strong>Druids</strong></td>
+			<td class="white" style="text-align: center;"><strong>Paladins</strong></td>
+			<td class="white" style="text-align: center;"><strong>Knights</strong></td>
+		</tr>
+		<tr bgcolor="{{ config.lightborder }}">
 			<td style="text-align: center;">{{ vocs[1] }}</td>
 			<td style="text-align: center;">{{ vocs[2] }}</td>
 			<td style="text-align: center;">{{ vocs[3] }}</td>
@@ -40,30 +29,30 @@
 		</tr>
 	</table>
 	<div style="text-align: center;">&nbsp;</div>
-	{% else %}
-	<table border="0" cellspacing="1" cellpadding="4" width="100%" class="myaac-table">
+		{% else %}
+	<table border="0" cellspacing="1" cellpadding="4" width="100%">
+		<tr bgcolor="{{ config.vdarkborder }}">
+			<td class="white" colspan="2"><b>Vocation statistics</b></td>
+		</tr>
+
 		{% for i in 1..config.vocations_amount %}
-		<tr>
+		<tr bgcolor="{{ getStyle(i) }}">
 			<td width="25%">{{ config.vocations[i] }}</td>
 			<td width="75%">{{ vocs[i] }}</td>
 		</tr>
 		{% endfor %}
 	</table>
-	<br/>
+<br/>
 	{% endif %}
-
-{% endset %}
-{% include 'tables.headline.html.twig' %}
-
 {% endif %}
 
 <br/>
 
 {# show skulls #}
 {% if setting('core.online_skulls') %}
-<table width="100%" cellspacing="1" class="myaac-table">
+<table width="100%" cellspacing="1">
 	<tr>
-		<td align="center">
+		<td style="background: {{ config.darkborder }};" align="center">
 			<img src="images/white_skull.gif"/> - 1 - 6 Frags<br/>
 			<img src="images/red_skull.gif"/> - 6+ Frags or Red Skull<br/>
 			<img src="images/black_skull.gif"/> - 10+ Frags or Black Skull
@@ -136,24 +125,23 @@
 {% set title = 'Players Online' %}
 {% set tableClass = 'Table2' %}
 {% set content %}
-<table width="100%" class="myaac-table">
-
-	<tr class="LabelH" style="z-index: 20;">
+<table width="100%">
+	<tr class="LabelH" style="position: relative; z-index: 20;">
 		{% if setting('core.account_country') %}
-			<td style="width: 6px;"><a href="{{ getLink('online')}}?order=country_{{ order == 'country_asc' ? 'desc' : 'asc' }}">#&#160;&#160;</a>
+			<td width="11px"><a href="{{ getLink('online')}}?order=country_{{ order == 'country_asc' ? 'desc' : 'asc' }}">#&#160;&#160;</a>
 			</td>
 		{% endif %}
 		{% if setting('core.online_outfit') %}
-			<td style="width: 32px;"><b>Outfit</b></td>
+			<td><b>Outfit</b></td>
 		{% endif %}
-		<td style="text-align:left;">Name&#160;&#160;
+		<td style="text-align:left; width:50%">Name&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=name_{{ order == 'name_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'name_asc' ? 'order_desc' : (order == 'name_desc' ? 'order_asc' : 'news/blank') }}.gif"/></td>
-		<td style="text-align:left;width:10%">Level&#160;&#160;
+		<td style="text-align:left;width:30%">Level&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=level_{{ order == 'level_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'level_asc' ? 'order_desc' : (order == 'level_desc' ? 'order_asc' : 'news/blank') }}.gif"/>
 		</td>
-		<td style="text-align:left;width:20%">Vocation&#160;&#160;
+		<td style="text-align:left;width:50%">Vocation&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=vocation_{{ order == 'vocation_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'vocation_asc' ? 'order_desc' : (order == 'vocation_desc' ? 'order_asc' : 'news/blank') }}.gif"/>
 		</td>
@@ -163,20 +151,20 @@
 	{% for player in players %}
 		{% set i = i + 1 %}
 
-		<tr style="text-align: right; height: 40px;">
+		<tr style="background: {{ getStyle(i) }}; text-align: right; height: 40px;">
 			{% if setting('core.account_country') %}
 				<td>{{ player.country_image|raw }}</td>
 			{% endif %}
 
 			{% if setting('core.online_outfit') %}
-				<td><img style="position:absolute;margin-top:-48px;margin-left:-70px;" src="{{ player.outfit }}" alt="player outfit"/></td>
+				<td width="5%"><img style="position:absolute;margin-top:-48px;margin-left:-70px;" src="{{ player.outfit }}" alt="player outfit"/></td>
 			{% endif %}
 
-			<td style="text-align:left">
+			<td style="width:70%; text-align:left">
 				{{ player.name|raw }}{{ player.skull|raw }}
 			</td>
-			<td>{{ player.level }}</td>
-			<td>{{ player.vocation }}</td>
+			<td style="width:10%">{{ player.level }}</td>
+			<td style="width:20%">{{ player.vocation }}</td>
 		</tr>
 	{% endfor %}
 </table>

system/templates/team.html.twig

@@ -47,7 +47,7 @@
 
 					{% if setting('core.team_outfit') %}
 					<td>
-						<img style="position: absolute; margin-top: -50px; margin-left: -30px;" src="{{ member.outfit }}" alt="player outfit"/>
+						<img style="position: absolute; margin-top: {% if member.player.looktype in setting('core.outfit_images_wrong_looktypes') %}-16px;margin-left:-0px;{% else %} -45px; margin-left: -30px;{%  endif %}" src="{{ member.outfit }}" alt="player outfit"/>
 					</td>
 					{% endif %}
 
@@ -127,7 +127,7 @@
 				<tr bgcolor="{{ getStyle(i) }}" style="height: 32px;">
 				{% if setting('core.team_outfit') %}
 				<td>
-					<img style="position: absolute; margin-top: -50px; margin-left: -30px;" src="{{ member.outfit }}" alt="player outfit"/>
+					<img style="position: absolute; margin-top: {% if member.player.looktype in setting('core.outfit_images_wrong_looktypes') %}-16px;margin-left:-0px;{% else %} -45px; margin-left: -30px;{%  endif %}" src="{{ member.outfit }}" alt="player outfit"/>
 				</td>
 				{% endif %}
 

templates/kathrine/news.html.twig

@@ -2,9 +2,9 @@
 	<div class="NewsHeadline">
 		<div class="NewsHeadlineBackground" style="background-image:url({{template_path }}/images/news/newsheadline_background.gif)">
 			<img src="{{ constant('BASE_URL') }}images/news/icon_{{ icon }}.gif" class="NewsHeadlineIcon" />
-			<div class="NewsHeadlineDate">{{ date|date(setting('core.news_date_format')) }} - </div>
+			<div class="NewsHeadlineDate">{{ date|date(config.news_date_format) }} - </div>
 			<div class="NewsHeadlineText">{{ title }}</div>
-			{% if setting('core.news_author') and author is not empty %}
+			{% if author is not empty %}
 			<div class="NewsHeadlineAuthor"><b>Author: </b><i>{{ author }}</i></div>
 			{% endif %}
 		</div>

templates/tibiacom/account.management.html.twig

@@ -151,7 +151,7 @@
 						</tr>
 						<tr style="background-color: {{ config.darkborder }};" >
 							<td class="LabelV" >Last Login:</td>
-							<td>{{ account_logged.getCustomField('web_lastlogin')|date("j F Y, G:i:s") }}</td>
+							<td>{{ "now"|date("j F Y, G:i:s") }}</td>
 						</tr>
 						{% autoescape false %}
 						<tr style="background-color: {{ config.lightborder }};">

templates/tibiacom/boxes/templates/highscores.html.twig

@@ -46,7 +46,7 @@
     {% for player in topPlayers %}
 	    <div style="text-align:left"><a href="{{ getPlayerLink(player['name'], false) }} " class="topfont {% if player['online'] %}online{% else %}offline{% endif %}">
 			{% if setting('core.online_outfit') %}
-				<img style="position:absolute;margin-top:-45px;margin-left:-25px;" src="{{ player.outfit }}" alt="player outfit"/>
+				<img style="position:absolute;margin-top:{% if player.looktype in setting('core.outfit_images_wrong_looktypes') %}-20px;margin-left:-0px;{% else %}-45px;margin-left:-25px;{%  endif %}" src="{{ player.outfit }}" alt="player outfit"/>
 			{% endif %}
 				<span style="color: #CCC; margin-left: 40px">{{ player['rank'] }} - </span>
 				{{ player['name'] }}

tools/signature/index.php

@@ -35,14 +35,14 @@
 	if(!isset($_REQUEST['name']))
 		die('Please enter name as get or post parameter.');
 
+	$name = stripslashes(ucwords(strtolower(trim($_REQUEST['name']))));
 	$player = new OTS_Player();
-	$player->find($_REQUEST['name']);
+	$player->find($name);
 
 	if(!$player->isLoaded())
 	{
-		//header('Content-type: image/png');
-		//readfile(SIGNATURES_IMAGES.'nocharacter.png');
-		http_response_code(404);
+		header('Content-type: image/png');
+		readfile(SIGNATURES_IMAGES.'nocharacter.png');
 		exit;
 	}