Merge branch 'main' into feature/pot-hook-filter

.github/workflows/phpstan.yml

@@ -25,7 +25,7 @@ jobs:
           coverage: "none"
           extensions: "intl, zip"
           ini-values: "memory_limit=-1"
-          php-version: "${{ matrix.php-versions }}"
+          php-version: "${{ matrix.php-version }}"
 
       - name: Get composer cache directory
         id: composer-cache

CHANGELOG-1.x.md

@@ -1,59 +1,5 @@
 # Changelog
 
-## [1.8.9 - 06.04.2026]
-### Added
-* Settings: Possibility to add custom HTML for the head and body tags like Google Analytics code etc. (https://github.com/slawkens/myaac/commit/108e83806df5686a06826931ed5e243c19cbe130)
-* Add command: give-admin (https://github.com/slawkens/myaac/commit/9fa9ec746c4b344387a21f21886c2251319806fc)
-  * Usage: php aac give:admin slawkens@gmail.com
-    Parameter: account email, name or id
-  * It's admin for the website, not the GM for the game! For that, go into the admin panel and change the group manually
-* Add page load time to an Admin Panel footer (https://github.com/slawkens/myaac/commit/4ae2fdd0dfcd56697612395c14aecc2dfd33b1c3)
-
-### Changed
-* Better character name validation, like in the original game website (#356)
-* Install: don't suggest deleting of install folder - it's not required (https://github.com/slawkens/myaac/commit/5fcde4708a39255cf68edc8c43f2ac6597e2601d)
-
-## [1.8.8 - 31.01.2026]
-### Added
-* Change Comment: Add missing hooks - patched from 0.8 (https://github.com/slawkens/myaac/commit/a60a23b84f61d41d1503073b52e01e3120f6d92a)
-
-### Changed
-* Account Manage: Change the last login to the correct login time – Instead of just "now" (https://github.com/slawkens/myaac/commit/5b841682cdc473b38ef1a5edfcfe1a020802e286)
-* Twig: Extract renderInline(content, context) as a method to $twig (https://github.com/slawkens/myaac/commit/5e4806f891f8c88c37d45b89bbede23afc2fa37b)
-* Mail: Remove HTML tags from the email function (https://github.com/slawkens/myaac/commit/6661c78dac69c6aa498b9c79fe7da4fe0150e5c8)
-
-### Fixed
-* Forum: Fix XSS in board name (https://github.com/slawkens/myaac/commit/e52d9e486f5bf1dea867f59287f70aef3d538189, https://github.com/slawkens/myaac/commit/6db738a87c44b8d96919191ba5e661c32ab47457)
-* Forum: Fix edit_post, despite being an author, edit didn't work (https://github.com/slawkens/myaac/commit/e8b47429e8c607c2662a78b65415dfa772aa0e48)
-* Forum: Fix a player link in the forum thread being not clickable (When outfits are enabled) (https://github.com/slawkens/myaac/commit/f640ca636f34cd2dfc1fa8de6fdbed0674908b30)
-* Settings: Fix variable overlapping if the same var name as in core (https://github.com/slawkens/myaac/commit/c2415e9df3a5ffaf768f6f9668bdd38b5efd0771)
-* Settings: fix show_if for the selects (https://github.com/slawkens/myaac/commit/8dcbb66753914322706216cfd01436eb1478a5ce)
-
-## [1.8.7 - 04.01.2026]
-
-### Fixed
-* Fixed [player/guild/house] bb code in forum (https://github.com/slawkens/myaac/commit/8ec9bf10682c73f1fe40967a106ccda2a5073ed0)
-
-### Changed
-* Settings: better responsiveness on mobile (https://github.com/slawkens/myaac/commit/c65d4e4b62ef26fb4e24ecb1d2bcc4556d746adf)
-* Signatures: Return 404 when the signature player is not found (https://github.com/slawkens/myaac/commit/7e6480b380799add7a2b1b7ce1d3c1f2b6819ff1)
-
-### Removed
-* Remove setting: outfit_images_wrong_looktypes - is obsolete, the bug doesn't exist in the latest outfit images (https://github.com/slawkens/myaac/commit/cc220bedc1f01535eaac23f6961135e2e7a6e310)
-
-## [1.8.6 - 14.12.2025]
-
-### Added
-* Added hook for adding custom rules to validate new character name (https://github.com/slawkens/myaac/commit/8e6749c59984631288e8e9803819b2f0ff389761)
-
-### Fixed
-* Highscores: Fix ordering by different skills (Adjust order by desc: skill_tries, manaspent, experience) - More exact results (https://github.com/slawkens/myaac/commit/c86257e6dacbad773aa09c0958eeaa106a967f2d)
-* Fix exception shown on first install, when there is no vendor - Before it displayed 500 white page, now it display the exception (https://github.com/slawkens/myaac/commit/18a1178e4b93607a350259679e0366cb83fb4126)
-* Fix typo $up -> $down, in migration nr 7, was failing due that (https://github.com/slawkens/myaac/commit/fd74f01291d0e9cdb92ee1b95021c9d7b591ad7c)
-
-### Changed
-* Ini set html_errors = 0, to show html code in exceptions (https://github.com/slawkens/myaac/commit/9ed06782e67772826d927ad847a077b99df5060d)
-
 ## [1.8.5 - 21.11.2025]
 
 ### Added

README.md

@@ -7,7 +7,7 @@ Official website: https://my-aac.org
 [![GitHub Workflow Status (with event)](https://img.shields.io/github/actions/workflow/status/slawkens/myaac/cypress.yml)](https://github.com/slawkens/myaac/actions)
 [![License: GPL-3.0](https://img.shields.io/github/license/slawkens/myaac)](https://opensource.org/licenses/gpl-license)
 [![Downloads Count](https://img.shields.io/github/downloads/slawkens/myaac/total)](https://github.com/slawkens/myaac/releases)
-[![MyAAC Discord](https://img.shields.io/discord/1468205461319848049)](https://discord.gg/aVagGPJt3g)
+[![OpenTibia Discord](https://img.shields.io/discord/288399552581468162)](https://discord.gg/2J39Wus)
 [![Closed Issues](https://img.shields.io/github/issues-closed-raw/slawkens/myaac)](https://github.com/slawkens/myaac/issues?q=is%3Aissue+is%3Aclosed)
 
 | Version | Status                 | Branch  | Requirements   |
@@ -86,6 +86,12 @@ Look: [Contributing](https://docs.my-aac.org/misc/contributing) in our wiki.
 
 If you have a great idea or want to contribute to the project - visit our website at https://www.my-aac.org
 
+## Project supported by JetBrains
+
+Many thanks to Jetbrains for kindly providing a license for me to work on this and other open-source projects.
+
+[![JetBrains](https://resources.jetbrains.com/storage/products/company/brand/logos/jb_beam.svg)](https://www.jetbrains.com/?from=https://github.com/slawkens)
+
 ### License
 
 This program and all associated files are released under the GNU Public License.  

admin/template/template.php

@@ -172,8 +172,7 @@
 			<div class="float-sm-right d-none d-sm-inline">
 				<span class="p-2 right badge badge-<?php echo((isset($status['online']) and $status['online']) ? 'success' : 'danger'); ?>"><?php echo $config['lua']['serverName'] ?></span>
 			</div>
-			<?= base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4='); ?>
-			<?= 'Load time: ' . round(microtime(true) - START_TIME, 4) . ' seconds.'; ?>
+			<?php echo base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4='); ?>
 		</footer>
 		<div id="sidebar-overlay"></div>
 	</div>

common.php

@@ -26,7 +26,7 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.8.10-dev';
+const MYAAC_VERSION = '1.8.6-dev';
 const DATABASE_VERSION = 46;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));

install/index.php

@@ -30,7 +30,7 @@ if(file_exists(CACHE . 'install.txt')) {
 	$install_status = unserialize(file_get_contents(CACHE . 'install.txt'));
 
 	if(!isset($_REQUEST['step'])) {
-		$step = $install_status['step'] ?? '';
+		$step = isset($install_status['step']) ? $install_status['step'] : '';
 	}
 }
 
@@ -53,7 +53,7 @@ if($step == 'finish' && (!isset($config['installed']) || !$config['installed']))
 
 // step verify
 $steps = array(1 => 'welcome', 2 => 'license', 3 => 'requirements', 4 => 'config', 5 => 'database', 6 => 'admin', 7 => 'finish');
-if(!in_array($step, $steps)) // check if a step is valid
+if(!in_array($step, $steps)) // check if step is valid
 	throw new RuntimeException('ERROR: Unknown step.');
 
 $install_status['step'] = $step;
@@ -61,7 +61,7 @@ $errors = array();
 
 if($step == 'database') {
 	foreach($_SESSION as $key => $value) {
-		if(!str_contains($key, 'var_')) {
+		if(strpos($key, 'var_') === false) {
 			continue;
 		}
 
@@ -182,7 +182,7 @@ $error = false;
 clearstatcache();
 if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
 	if(!file_exists(BASE . 'install/ip.txt')) {
-		$content = warning('AAC installation is disabled. To enable it make a file <b>ip.txt</b> in install/ directory and put there your IP.<br/>
+		$content = warning('AAC installation is disabled. To enable it make file <b>ip.txt</b> in install/ directory and put there your IP.<br/>
 		Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 	}
 	else {
@@ -198,7 +198,7 @@ if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
 		if(!$allow)
 		{
 			$content = warning('In file <b>install/ip.txt</b> must be your IP!<br/>
-			In the file is:<br /><b>' . nl2br($file_content) . '</b><br/>
+			In file is:<br /><b>' . nl2br($file_content) . '</b><br/>
 			Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 		}
 		else {

install/tools/7-finish.php

@@ -57,8 +57,6 @@ if ($db->hasTable('players')) {
 DataLoader::setLocale($locale);
 DataLoader::load();
 
-clearCache();
-
 // add menus entries
 require_once SYSTEM . 'migrations/17.php';
 $up();
@@ -107,10 +105,6 @@ if(file_exists(CACHE . 'install.txt')) {
 	unlink(CACHE . 'install.txt');
 }
 
-if(file_exists(BASE . 'install/ip.txt')) {
-	unlink(BASE . 'install/ip.txt');
-}
-
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);

login.php

@@ -93,9 +93,9 @@ switch ($action) {
 			$creatureBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_creature'))->fetchAll();
 			$bossBoost     = $db->query("SELECT * FROM " . $db->tableName('boosted_boss'))->fetchAll();
 			die(json_encode([
-				//'boostedcreature' => true,
-				'bossraceid'      => intval($bossBoost[0]['raceid']),
+				'boostedcreature' => true,
 				'creatureraceid'  => intval($creatureBoost[0]['raceid']),
+				'bossraceid'      => intval($bossBoost[0]['raceid'])
 			]));
 		}
 

package-lock.json

@@ -18,9 +18,9 @@
       }
     },
     "node_modules/@cypress/request": {
-      "version": "3.0.10",
-      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.10.tgz",
-      "integrity": "sha512-hauBrOdvu08vOsagkZ/Aju5XuiZx6ldsLfByg1htFeldhex+PeMrYauANzFsMJeAA0+dyPLbDoX2OYuvVoLDkQ==",
+      "version": "3.0.8",
+      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.8.tgz",
+      "integrity": "sha512-h0NFgh1mJmm1nr4jCwkGHwKneVYKghUyWe6TMNrk0B9zsjAJxpg8C4/+BAcmLgCPa1vj1V8rNUaILl+zYRUWBQ==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -30,14 +30,14 @@
         "combined-stream": "~1.0.6",
         "extend": "~3.0.2",
         "forever-agent": "~0.6.1",
-        "form-data": "~4.0.4",
+        "form-data": "~4.0.0",
         "http-signature": "~1.4.0",
         "is-typedarray": "~1.0.0",
         "isstream": "~0.1.2",
         "json-stringify-safe": "~5.0.1",
         "mime-types": "~2.1.19",
         "performance-now": "^2.1.0",
-        "qs": "~6.14.1",
+        "qs": "6.14.0",
         "safe-buffer": "^5.1.2",
         "tough-cookie": "^5.0.0",
         "tunnel-agent": "^0.6.0",
@@ -1431,9 +1431,9 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
-      "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==",
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
       "dev": true,
       "license": "MIT"
     },
@@ -1743,9 +1743,9 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.14.2",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
-      "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
+      "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
       "dev": true,
       "license": "BSD-3-Clause",
       "dependencies": {

system/compat/config.php

@@ -21,6 +21,7 @@ $deprecatedConfig = [
 	'visitors_counter_ttl',
 	'views_counter',
 	'outfit_images_url',
+	'outfit_images_wrong_looktypes',
 	'item_images_url',
 	'account_country',
 	'towns',
@@ -51,7 +52,6 @@ $deprecatedConfig = [
 	'online_skulls',
 	'online_outfit',
 	'online_afk',
-	'team_style',
 	'team_display_outfit' => 'team_outfit',
 	'team_display_status' => 'team_status',
 	'team_display_world' => 'team_world',

system/functions.php

@@ -21,6 +21,7 @@ use MyAAC\News;
 use MyAAC\Plugins;
 use MyAAC\Settings;
 use PHPMailer\PHPMailer\PHPMailer;
+use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
 function message($message, $type, $return)
 {
@@ -515,12 +516,7 @@ function template_place_holder($type): string
 			$ret .= $debugBarRenderer->renderHead();
 		}
 	}
-	elseif ($type === 'head_end') {
-		$ret .= setting('core.html_head');
-	}
 	elseif ($type === 'body_start') {
-		$ret .= setting('core.html_body');
-
 		$ret .= $twig->render('browsehappy.html.twig');
 
 		if (admin()) {
@@ -531,8 +527,6 @@ function template_place_holder($type): string
 		}
 	}
 	elseif($type === 'body_end') {
-		$ret .= setting('core.html_footer');
-
 		$ret .= template_ga_code();
 		if (isset($debugBar)) {
 			$ret .= $debugBarRenderer->render();
@@ -884,12 +878,11 @@ function getWorldName($id)
  *
  * @param string $to Recipient email address.
  * @param string $subject Subject of the message.
- * @param string $body Message body in HTML format.
+ * @param string $body Message body in html format.
  * @param string $altBody Alternative message body, plain text.
  * @return bool PHPMailer status returned (success/failure).
- * @throws \PHPMailer\PHPMailer\Exception
  */
-function _mail(string $to, string $subject, string $body, string $altBody = ''): bool
+function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
 {
 	global $mailer, $config;
 
@@ -907,6 +900,12 @@ function _mail(string $to, string $subject, string $body, string $altBody = ''):
 		$mailer->clearAllRecipients();
 	}
 
+	$signature_html = setting('core.mail_signature_html');
+	if($add_html_tags && isset($body[0]))
+		$tmp_body = '<html><head></head><body>' . $body . '<br/><br/>' . $signature_html . '</body></html>';
+	else
+		$tmp_body = $body . '<br/><br/>' . $signature_html;
+
 	$mailOption = setting('core.mail_option');
 	if($mailOption == MAIL_SMTP)
 	{
@@ -933,9 +932,6 @@ function _mail(string $to, string $subject, string $body, string $altBody = ''):
 		$mailer->isMail();
 	}
 
-	$signature_html = setting('core.mail_signature_html');
-	$tmp_body = $body . '<br/><br/>' . $signature_html;
-
 	$mailer->isHTML(isset($body[0]) > 0);
 	$mailer->From = setting('core.mail_address');
 	$mailer->Sender = setting('core.mail_address');
@@ -1385,7 +1381,17 @@ function getCustomPage($name, &$success): string
 			ob_end_clean();
 		}
 		else {
-			$content .= $twig->renderInline($page['body']);
+			$oldLoader = $twig->getLoader();
+
+			$twig_loader_array = new Twig_ArrayLoader(array(
+				'content.html' => $page['body']
+			));
+
+			$twig->setLoader($twig_loader_array);
+
+			$content .= $twig->render('content.html');
+
+			$twig->setLoader($oldLoader);
 		}
 	}
 

system/libs/pot/OTS.php

@@ -311,9 +311,18 @@ class POT
  */
 	public function loadClass($class)
 	{
-		if( preg_match('/^(I|E_)?OTS_/', $class) > 0)
-		{
-			include_once($this->path . $class . '.php');
+		if( preg_match('/^(I|E_)?OTS_/', $class) > 0) {
+			global $hooks;
+			$include = $this->path . $class . '.php';
+
+			if (isset($hooks)) {
+				$args = ['include' => $include, 'class' => $class];
+				$hooks->triggerFilter(HOOK_FILTER_POT, $args);
+
+				$include = $args['include'];
+			}
+
+			include_once($include);
 		}
 	}
 

system/locale/de/install.php

@@ -20,7 +20,7 @@ $locale['not_loaded'] = 'Nicht geladen';
 $locale['loading_spinner'] = 'Bitte warten, installieren...';
 $locale['importing_spinner'] = 'Bitte warte, Daten werden importiert...';
 $locale['please_fill_all'] = 'Bitte füllen Sie alle Felder aus!';
-$locale['already_installed'] = 'MyAAC wurde bereits installiert. Wenn Sie MyAAC neu installieren möchten, löschen Sie die Datei <strong>config.local.php</strong> aus dem Hauptverzeichnis und aktualisieren Sie die Seite.';
+$locale['already_installed'] = 'MyAAC wurde bereits installiert. Bitte löschen <b>install/</b> Verzeichnis. Wenn Sie MyAAC neu installieren möchten, löschen Sie die Datei <strong>config.local.php</strong> aus dem Hauptverzeichnis und aktualisieren Sie die Seite.';
 
 // welcome
 $locale['step_welcome'] = 'Willkommen';

system/locale/en/install.php

@@ -20,7 +20,7 @@ $locale['not_loaded'] = 'Not loaded';
 $locale['loading_spinner'] = 'Please wait, installing...';
 $locale['importing_spinner'] = 'Please wait, importing data...';
 $locale['please_fill_all'] = 'Please fill all inputs!';
-$locale['already_installed'] = 'MyAAC has been already installed. If you want to reinstall MyAAC - please delete <strong>config.local.php</strong> file from the main directory and refresh the page.';
+$locale['already_installed'] = 'MyAAC has been already installed. Please delete <b>install/</b> directory. If you want to reinstall MyAAC - please delete <strong>config.local.php</strong> file from the main directory and refresh the page.';
 
 // welcome
 $locale['step_welcome'] = 'Welcome';

system/locale/pl/install.php

@@ -20,7 +20,7 @@ $locale['not_loaded'] = 'Nie załadowane';
 $locale['loading_spinner'] = 'Proszę czekać, trwa instalacja...';
 $locale['importing_spinner'] = 'Proszę czekać, trwa importowanie danych...';
 $locale['please_fill_all'] = 'Proszę wypełnić wszystkie pola!';
-$locale['already_installed'] = 'MyAAC został już zainstalowany. Jeśli chcesz zainstalować MyAAC od nowa - proszę usuń plik <strong>config.local.php</strong> z katalogu głównego i odśwież stronę.';
+$locale['already_installed'] = 'MyAAC został już zainstalowany. Proszę usunąć katalog <b>install/</b>. Jeśli chcesz zainstalować MyAAC od nowa - proszę usuń plik <strong>config.local.php</strong> z katalogu głównego i odśwież stronę.';
 
 // welcome
 $locale['step_welcome'] = 'Witamy';

system/locale/pt_br/install.php

@@ -20,7 +20,7 @@ $locale['not_loaded'] = 'Não carregado';
 $locale['loading_spinner'] = 'Por favor aguarde, instalando...';
 $locale['importing_spinner'] = 'Por favor, aguarde, importando dados...';
 $locale['please_fill_all'] = 'Por favor, preencha todas as entradas!';
-$locale['already_installed'] = 'MyAAC já foi instalado. Se você quiser reinstalar o MyAAC - exclua o arquivo <strong> config.local.php </strong> do diretório principal e atualize a página.';
+$locale['already_installed'] = 'MyAAC já foi instalado. Por favor, apague o diretório <b> install/ <b/>. Se você quiser reinstalar o MyAAC - exclua o arquivo <strong> config.local.php </strong> do diretório principal e atualize a página.';
 
 // welcome
 $locale['step_welcome'] = 'Bem vindo';

system/locale/sv/install.php

@@ -18,7 +18,7 @@ $locale['loaded'] = 'Laddad';
 $locale['not_loaded'] = 'Inte Laddad';
 
 $locale['please_fill_all'] = 'Vänligen fyll i allt!';
-$locale['already_installed'] = 'MyAAC är redan installerat. Om du vill installera MyAAC igen - ta bort filen <strong>config.local.php</strong> från huvudkatalogen och uppdatera sidan.';
+$locale['already_installed'] = 'MyAAC är redan installerat. Vänligen ta bort <b>install/<b/> mappen. Om du vill installera MyAAC igen - ta bort filen <strong>config.local.php</strong> från huvudkatalogen och uppdatera sidan.';
 
 // welcome
 $locale['step_welcome'] = 'Välkommen';

system/pages/account/change-password.php

@@ -22,7 +22,7 @@ csrfProtect();
 $new_password = $_POST['new_password'] ?? null;
 $new_password_confirm = $_POST['new_password_confirm'] ?? null;
 $old_password = $_POST['old_password'] ?? null;
-if(is_null($new_password) && is_null($new_password_confirm) && is_null($old_password)) {
+if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
 	$twig->display('account.change-password.html.twig');
 }
 else {

system/pages/account/characters/change-comment.php

@@ -51,8 +51,6 @@ if($player_name != null) {
 						'description' => 'The character information has been changed.'
 					));
 					$show_form = false;
-
-					$hooks->trigger(HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_SUCCESS, ['player' => $player]);
 				}
 			}
 		} else {
@@ -72,11 +70,9 @@ if($show_form) {
 	}
 
 	if(isset($player) && $player) {
-		$_player = $player->toArray();
-		$_player['id'] = $player->id; // Hack, as it's somehow missing in the toArray() function
-
-		$twig->display('account.characters.change-comment.html.twig', [
-			'player' => $_player,
-		]);
+		$twig->display('account.characters.change-comment.html.twig', array(
+			'player' => $player->toArray()
+		));
 	}
 }
+?>

system/pages/account/create.php

@@ -160,7 +160,7 @@ if($save)
 	}
 
 	if(setting('core.account_create_character_create')) {
-		$character_name = isset($_POST['name']) ? trim(stripslashes($_POST['name'])) : null;
+		$character_name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : null;
 		$character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null;
 		$character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null;
 		$character_town = isset($_POST['town']) ? (int)$_POST['town'] : null;

system/pages/account/register-new.php

@@ -48,7 +48,7 @@ else
 					$account_logged->setCustomField('key', $new_rec_key);
 					$account_logged->setCustomField(setting('core.donate_column'), $account_logged->getCustomField(setting('core.donate_column')) - setting('core.account_generate_new_reckey_price'));
 					$account_logged->logAction('Generated new recovery key for ' . setting('core.account_generate_new_reckey_price') . ' premium points.');
-					$message = '<br />Your recovery key was sent on email address <b>'.$account_logged->getEMail().'</b> for '.setting('core.account_generate_new_reckey_price').' premium points.';
+					$message = '<br />Your recovery key were send on email address <b>'.$account_logged->getEMail().'</b> for '.setting('core.account_generate_new_reckey_price').' premium points.';
 				}
 				else
 					$message = '<br /><p class="error">An error occurred while sending email ( <b>'.$account_logged->getEMail().'</b> ) with recovery key! Recovery key not changed. Try again later. For Admin: More info can be found in system/logs/mailer-error.log</p>';

system/pages/forum/edit_post.php

@@ -36,9 +36,9 @@ if(Forum::canPost($account_logged)) {
 	$thread = $db->query("SELECT `author_guid`, `author_aid`, `first_post`, `post_topic`, `post_date`, `post_text`, `post_smile`, `post_html`, `id`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post_id." LIMIT 1")->fetch();
 	if(isset($thread['id'])) {
 		$first_post = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread['first_post']." LIMIT 1")->fetch();
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.escapeHtml($sections[$thread['section']]['name']).'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
 
-		if(Forum::hasAccess($thread['section']) && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())) {
+		if(Forum::hasAccess($thread['section'] && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator()))) {
 			$char_id = $post_topic = $text = $smile = $html = null;
 			$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 			$saved = false;

system/pages/forum/new_post.php

@@ -42,7 +42,7 @@ if(Forum::canPost($account_logged)) {
 	$thread = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." LIMIT 1")->fetch();
 
 	if(isset($thread['id']) && Forum::hasAccess($thread['section'])) {
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.escapeHtml($sections[$thread['section']]['name']).'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
 
 		$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
 		$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;

system/pages/forum/new_thread.php

@@ -34,7 +34,7 @@ if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
 	$section_id = $_REQUEST['section_id'] ?? null;
 	if($section_id !== null) {
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . escapeHtml($sections[$section_id]['name']) . '</a> >> <b>Post new thread</b><br />';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . $sections[$section_id]['name'] . '</a> >> <b>Post new thread</b><br />';
 
 		if(isset($sections[$section_id]['name']) && Forum::hasAccess($section_id)) {
 			if ($sections[$section_id]['closed'] && !Forum::isModerator())

system/pages/forum/show_board.php

@@ -42,7 +42,7 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 		$links_to_pages .= '<b>'.($i + 1).' </b>';
 }
 
-echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.escapeHtml($sections[$section_id]['name']).'</b>';
+echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_id]['name'].'</b>';
 
 if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />

system/pages/forum/show_thread.php

@@ -70,7 +70,7 @@ foreach($posts as &$post) {
 	}
 
 	$post['group'] = $groupName;
-	$post['player_link'] = '<a href="' . getPlayerLink($player, false) . '" style="position: relative;">' . $player->getName() . '</a>';
+	$post['player_link'] = getPlayerLink($player->getName());
 
 	$post['vocation'] = $player->getVocationName();
 

system/pages/highscores.php

@@ -249,7 +249,7 @@ foreach($highscores as $id => &$player)
 
 		$player['link'] = getPlayerLink($player['name'], false);
 		$player['flag'] = getFlagImage($player['country']);
-		$player['outfit'] = '<img style="position:absolute;margin-top:-50px;margin-left:-30px" src="' . $player['outfit_url'] . '" alt="" />';
+		$player['outfit'] = '<img style="position:absolute;margin-top:' . (in_array($player['looktype'], setting('core.outfit_images_wrong_looktypes')) ? '-15px;margin-left:5px' : '-45px;margin-left:-25px') . ';" src="' . $player['outfit_url'] . '" alt="" />';
 
 		if ($skill != POT::SKILL__LEVEL) {
 			if (isset($lastValue) && $lastValue == $player['value']) {

system/settings.php

@@ -156,7 +156,7 @@ return [
 		'footer' => [
 			'name' => 'Custom Text',
 			'type' => 'textarea',
-			'desc' => 'Text displayed in the footer.<br/>For example: <i>' . escapeHtml('<br/>') . 'Your Server &copy; ' . date("Y") . '. All rights reserved.</i>',
+			'desc' => 'Text displayed in the footer.<br/>For example: <i>' . escapeHtml('<br/>') . 'Your Server &copy; 2023. All rights reserved.</i>',
 			'default' => '',
 		],
 		'footer_load_time' => [
@@ -251,28 +251,6 @@ return [
 			'desc' => 'Allow MyAAC to report anonymous usage statistics to developers? The data is sent only once per 30 days and is fully confidential. It won\'t affect the performance of your website',
 			'default' => true,
 		],
-		[
-			'type' => 'section',
-			'title' => 'Custom HTML',
-		],
-		'html_head' => [
-			'name' => 'HTML Head',
-			'type' => 'textarea',
-			'desc' => escapeHtml('These scripts will be printed in the <head> section. Can be, for example, Google Analytics code.'),
-			'default' => '',
-		],
-		'html_body' => [
-			'name' => 'HTML Body',
-			'type' => 'textarea',
-			'desc' => escapeHtml('These scripts will be printed just below the opening <body> tag.'),
-			'default' => '',
-		],
-		'html_footer' => [
-			'name' => 'HTML Footer',
-			'type' => 'textarea',
-			'desc' => escapeHtml('These scripts will be printed above the closing </body> tag.'),
-			'default' => '',
-		],
 		[
 			'type' => 'category',
 			'title' => 'Game',
@@ -1504,6 +1482,17 @@ Sent by MyAAC,<br/>
 			'desc' => 'Set to animoutfit.php for animated outfit',
 			'default' => 'https://outfit-images.ots.me/latest/outfit.php',
 		],
+		'outfit_images_wrong_looktypes' => [
+			'name' => 'Outfit Images Wrong Looktypes',
+			'type' => 'text',
+			'desc' => 'This looktypes needs to have different margin-top and margin-left because they are wrong positioned',
+			'default' => '75, 126, 127, 266, 302',
+			'callbacks' => [
+				'get' => function ($value) {
+					return array_map('trim', explode(',', $value));
+				},
+			],
+		],
 		[
 			'type' => 'section',
 			'title' => 'Monster Images'

system/src/Commands/GiveAdminCommand.php

@@ -1,50 +0,0 @@
-<?php
-
-namespace MyAAC\Commands;
-
-use MyAAC\Plugins;
-use Symfony\Component\Console\Input\InputArgument;
-use Symfony\Component\Console\Input\InputInterface;
-use Symfony\Component\Console\Output\OutputInterface;
-use Symfony\Component\Console\Style\SymfonyStyle;
-
-class GiveAdminCommand extends Command
-{
-	protected function configure(): void
-	{
-		$this->setName('give:admin')
-			->setDescription('This command adds super admin privileges to selected user')
-			->addArgument('account', InputArgument::REQUIRED, 'Account E-Mail, name or id');
-	}
-
-	protected function execute(InputInterface $input, OutputInterface $output): int
-	{
-		require SYSTEM . 'init.php';
-
-		$io = new SymfonyStyle($input, $output);
-
-		$account = new \OTS_Account();
-
-		$accountParam = $input->getArgument('account');
-		if (str_contains($accountParam, '@')) {
-			$account->findByEMail($accountParam);
-		}
-		else {
-			if (USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER) {
-				$account->find($accountParam);
-			}
-			else {
-				$account->load($accountParam);
-			}
-		}
-
-		if (!$account->isLoaded()) {
-			$io->error('Cannot find account with supplied parameter: ' . $accountParam);
-			return self::FAILURE;
-		}
-
-		$account->setCustomField('web_flags', 3);
-		$io->success('Successfully added admin privileges to ' . $accountParam . ' (E-Mail: ' . $account->getEMail() . ')');
-		return self::SUCCESS;
-	}
-}

system/src/Forum.php

@@ -231,7 +231,6 @@ class Forum
 			if(!is_int($rows / 2)) { $bgcolor = 'ABED25'; } else { $bgcolor = '23ED25'; } $rows++;
 			$text = str_ireplace('[code]'.$code.'[/code]', '<i>Code:</i><br /><table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #CCCCCC; border-width: 2px"><tr><td>'.$code.'</td></tr></table>', $text);
 		}
-
 		$rows = 0;
 		while(stripos($text, '[quote]') !== false && stripos($text, '[/quote]') !== false )
 		{
@@ -239,31 +238,11 @@ class Forum
 			if(!is_int($rows / 2)) { $bgcolor = 'AAAAAA'; } else { $bgcolor = 'CCCCCC'; } $rows++;
 			$text = str_ireplace('[quote]'.$quote.'[/quote]', '<table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #007900; border-width: 2px"><tr><td>'.$quote.'</td></tr></table>', $text);
 		}
-
-		$tagsToParse = [
-			'url' => function ($str) {
-				return '<a href="'.$str.'" target="_blank">'.$str.'</a>';
-			},
-			'player' => function ($str) {
-				return generateLink(getPlayerLink($str, false), $str, true);
-			},
-			'guild' => function ($str) {
-				return generateLink(getGuildLink($str, false), $str, true);
-			},
-			'house' => function ($str) {
-				return generateLink(getHouseLink($str, false), $str, true);
-			}
-		];
-
-		foreach ($tagsToParse as $tag => $callback) {
-			while(stripos($text, "[$tag]") !== false && stripos($text, "[/$tag]") !== false
-				&& stripos($text, "[$tag]") < stripos($text, "[/$tag]"))
-			{
-				$length = strlen("[$tag]");
-				$substr = substr($text, stripos($text, "[$tag]") + $length, stripos($text, "[/$tag]") - stripos($text, "[$tag]") - $length);
-
-				$text = str_ireplace('[' . $tag . ']' . $substr . '[/' . $tag . ']', $callback($substr), $text);
-			}
+		$rows = 0;
+		while(stripos($text, '[url]') !== false && stripos($text, '[/url]') !== false )
+		{
+			$url = substr($text, stripos($text, '[url]')+5, stripos($text, '[/url]') - stripos($text, '[url]') - 5);
+			$text = str_ireplace('[url]'.$url.'[/url]', '<a href="'.$url.'" target="_blank">'.$url.'</a>', $text);
 		}
 
 		$xhtml = false;
@@ -273,6 +252,9 @@ class Forum
 			'#\[u\](.*?)\[/u\]#si' => ($xhtml ? '<span style="text-decoration: underline;">\\1</span>' : '<u>\\1</u>'),
 			'#\[s\](.*?)\[/s\]#si' => ($xhtml ? '<strike>\\1</strike>' : '<s>\\1</s>'),
 
+			'#\[guild\](.*?)\[/guild\]#si' => urldecode(generateLink(getGuildLink('$1', false), '$1', true)),
+			'#\[house\](.*?)\[/house\]#si' => urldecode(generateLink(getHouseLink('$1', false), '$1', true)),
+			'#\[player\](.*?)\[/player\]#si' => urldecode(generateLink(getPlayerLink('$1', false), '$1', true)),
 			// TODO: [poll] tag
 
 			'#\[color=(.*?)\](.*?)\[/color\]#si' => ($xhtml ? '<span style="color: \\1;">\\2</span>' : '<span style="color: \\1">\\2</span>'),

system/src/Hooks.php

@@ -14,26 +14,6 @@ class Hooks
 		self::$_hooks[$hook->type()][] = $hook;
 	}
 
-	public function unregister($name, $type, $file): void
-	{
-		if (is_string($type)) {
-			$type = constant($type);
-		}
-
-		if(!isset(self::$_hooks[$type])) {
-			return;
-		}
-
-		foreach(self::$_hooks[$type] as $id => $hook) {
-			if($name == $hook->name()
-				&& $type == $hook->type()
-				&& $file == $hook->file()
-			) {
-				unset(self::$_hooks[$type][$id]);
-			}
-		}
-	}
-
 	public function trigger($type, $params = []): bool
 	{
 		$ret = true;

system/src/Models/Account.php

@@ -18,15 +18,6 @@ class Account extends Model {
 
 	public $timestamps = false;
 
-	protected $fillable = [
-		'name', 'number', 'email', 'password',
-		'key', 'created', 'rlname', 'location', 'country',
-		'web_lastlogin', 'web_flags',
-		'email_new', 'email_new_time', 'email_code',
-		'premium_points', 'coins', 'coins_transferable',
-		'premium_ends_at', 'premend', 'lastday', 'premdays',
-	];
-
 	protected $casts = [
 		'lastday' => 'integer',
 		'premdays' => 'integer',

system/src/Models/AccountBan.php

@@ -1,18 +0,0 @@
-<?php
-
-namespace MyAAC\Models;
-use Illuminate\Database\Eloquent\Model;
-
-class AccountBan extends Model {
-
-	protected $table = TABLE_PREFIX . 'account_bans';
-
-	public $timestamps = false;
-
-	protected $fillable = [
-		'account_id',
-		'reason', 'banned_at',
-		'expires_at', 'banned_by'
-	];
-
-}

system/src/Models/BugTracker.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace MyAAC\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class BugTracker extends Model {
+
+	protected $table = TABLE_PREFIX . 'bugtracker';
+
+	public $timestamps = false;
+
+	protected $fillable = ['account', 'type', 'status', 'text', 'id', 'subject', 'reply', 'who', 'uid', 'tag'];
+
+}

system/src/Plugins.php

@@ -868,11 +868,6 @@ class Plugins {
 			}
 		}
 
-		global $hooks;
-		foreach($plugin_info['hooks'] ?? [] as $name => $info) {
-			$hooks->unregister($name, $info['type'], $info['file']);
-		}
-
 		clearCache();
 		return true;
 	}

system/src/Settings.php

@@ -122,21 +122,18 @@ class Settings implements \ArrayAccess
 	public static function display($plugin, $settings): array
 	{
 		$settingsDb = ModelsSettings::where('name', $plugin)->pluck('value', 'key')->toArray();
+		$config = [];
+		require BASE . 'config.local.php';
 
-		if ($plugin === 'core') {
-			$config = [];
-			require BASE . 'config.local.php';
-
-			foreach ($config as $key => $value) {
-				if (is_bool($value)) {
-					$settingsDb[$key] = $value ? 'true' : 'false';
-				}
-				elseif (is_array($value)) {
-					$settingsDb[$key] = $value;
-				}
-				else {
-					$settingsDb[$key] = (string)$value;
-				}
+		foreach ($config as $key => $value) {
+			if (is_bool($value)) {
+				$settingsDb[$key] = $value ? 'true' : 'false';
+			}
+			elseif (is_array($value)) {
+				$settingsDb[$key] = $value;
+			}
+			else {
+				$settingsDb[$key] = (string)$value;
 			}
 		}
 
@@ -187,11 +184,11 @@ class Settings implements \ArrayAccess
 					}
 					?>
 					<h3 id="row_<?= $key ?>" style="text-align: center"><strong><?= $setting['title']; ?></strong></h3>
-					<table class="table table-bordered table-striped table-responsive d-md-table">
+					<table class="table table-bordered table-striped">
 						<thead>
 							<tr>
 								<th style="width: 13%">Name</th>
-								<th style="width: 30%; min-width: 200px">Value</th>
+								<th style="width: 30%">Value</th>
 								<th>Description</th>
 							</tr>
 						</thead>

system/src/Twig/EnvironmentBridge.php

@@ -3,7 +3,6 @@
 namespace MyAAC\Twig;
 
 use Twig\Environment;
-use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
 class EnvironmentBridge extends Environment
 {
@@ -26,21 +25,4 @@ class EnvironmentBridge extends Environment
 
 		return parent::render($name, $context);
 	}
-
-	public function renderInline($content, array $context = []): string
-	{
-		$oldLoader = $this->getLoader();
-
-		$twig_loader_array = new Twig_ArrayLoader(array(
-			'content.html' => $content
-		));
-
-		$this->setLoader($twig_loader_array);
-
-		$ret = $this->render('content.html', $context);
-
-		$this->setLoader($oldLoader);
-
-		return $ret;
-	}
 }

system/src/Validator.php

@@ -183,7 +183,7 @@ class Validator
 			return false;
 		}
 
-		// installer doesn't know settings yet
+		// installer doesn't know config.php yet
 		// that's why we need to ignore the nulls
 		if(defined('MYAAC_INSTALL')) {
 			$minLength = 4;
@@ -207,15 +207,21 @@ class Validator
 			return false;
 		}
 
-		if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM ") != $length)
+		if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length)
 		{
-			self::$lastError = "This name contains invalid letters. Please use only A-Z, a-z and space!";
+			self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
 			return false;
 		}
 
 		if(preg_match('/ {2,}/', $name))
 		{
-			self::$lastError = 'Invalid character name format. Use only A-Z, a-z and no double spaces.';
+			self::$lastError = 'Invalid character name format. Use only A-Z and no double spaces.';
+			return false;
+		}
+
+		if(!preg_match("/[A-z ']/", $name))
+		{
+			self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
 			return false;
 		}
 
@@ -224,23 +230,17 @@ class Validator
 
 	/**
 	 * Validate new character name.
-	 * Name length must be 3-25 chars
+	 * Name lenght must be 3-25 chars
 	 *
 	 * @param  string $name Name to check
 	 * @return bool Is name valid?
 	 */
 	public static function newCharacterName($name)
 	{
-		global $db;
+		global $db, $config;
 
-		$name = trim($name);
 		$name_lower = strtolower($name);
 
-		if(strlen($name) < 1) {
-			self::$lastError = 'Please enter a name.';
-			return false;
-		}
-
 		$first_words_blocked = array_merge(["'", '-'], setting('core.create_character_name_blocked_prefix'));
 		foreach($first_words_blocked as $word) {
 			if($word == substr($name_lower, 0, strlen($word))) {
@@ -249,6 +249,11 @@ class Validator
 			}
 		}
 
+		if(str_ends_with($name_lower, "'") || str_ends_with($name_lower, "-")) {
+			self::$lastError = 'Your name contains illegal characters.';
+			return false;
+		}
+
 		if(substr($name_lower, 1, 1) == ' ') {
 			self::$lastError = 'Your name contains illegal space.';
 			return false;
@@ -260,36 +265,11 @@ class Validator
 		}
 
 		if(preg_match('/ {2,}/', $name)) {
-			self::$lastError = 'Invalid character name format. Use only A-Z and no double spaces.';
+			self::$lastError = 'Invalid character name format. Use only A-Z and numbers 0-9 and no double spaces.';
 			return false;
 		}
 
-		if (substr($name[0], 0, 1) !== strtoupper(substr($name[0], 0, 1))) {
-			self::$lastError = 'The first letter of a name has to be a capital letter.';
-			return false;
-		}
-
-		foreach (explode(' ', $name) as $word) {
-			$wordCut = substr($word, 1, strlen($word));
-			$hasUpperCase = preg_match('/[A-Z]/', $wordCut);
-			if ($hasUpperCase) {
-				self::$lastError = 'In names capital letters are only allowed at the beginning of a word.';
-				return false;
-			}
-
-			if (strlen($word) == 1) {
-				self::$lastError = 'This name contains a word with only one letter. Please use more than one letter for each word.';
-				return false;
-			}
-
-			$hasVowel = preg_match('/[aeiouAEIOU]/', $word);
-			if (!$hasVowel) {
-				self::$lastError = 'This name contains a word without vowels. Please choose another name.';
-				return false;
-			}
-		}
-
-		if(strtolower(configLua('serverName')) == $name_lower) {
+		if(strtolower($config['lua']['serverName']) == $name_lower) {
 			self::$lastError = 'Your name cannot be same as server name.';
 			return false;
 		}

system/src/global.php

@@ -28,10 +28,6 @@ define('HOOK_CHARACTERS_AFTER_CHARACTERS', ++$i);
 define('HOOK_LOGIN', ++$i);
 define('HOOK_LOGIN_ATTEMPT', ++$i);
 define('HOOK_LOGOUT', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_SUCCESS', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_NAME', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_HIDE_ACCOUNT', ++$i);
-define('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_COMMENT', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_OLD_PASSWORD', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_NEW_PASSWORD', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_POST', ++$i);
@@ -112,6 +108,7 @@ define('HOOK_FILTER_ROUTES', ++$i);
 define('HOOK_FILTER_TWIG_DISPLAY', ++$i);
 define('HOOK_FILTER_TWIG_RENDER', ++$i);
 define('HOOK_FILTER_THEME_FOOTER', ++$i);
+define('HOOK_FILTER_POT', ++$i);
 define('HOOK_FILTER_VALIDATE_CHARACTER_NEW_NAME', ++$i);
 
 const HOOK_FIRST = HOOK_INIT;

system/templates/account.change-email.html.twig

@@ -5,18 +5,18 @@ Please enter your password and the new email address. Make sure that you enter a
 	<table style="width:100%;">
 		<tr>
 			<td class="LabelV" >
-				<label for="new_email">New Email Address:</label>
+				<span>New Email Address:</span>
 			</td>
 			<td style="width:90%;">
-				<input form="form" id="new_email" name="new_email" value="{% if new_email is defined %}{{ new_email }}{% endif %}" size="30" maxlength="50" autofocus/>
+				<input form="form" name="new_email" value="{% if new_email is defined %}{{ new_email }}{% endif %}" size="30" maxlength="50" autofocus/>
 			</td>
 		</tr>
 		<tr>
 			<td class="LabelV">
-				<label for="password">Password:</label>
+				<span >Password:</span>
 			</td>
 			<td>
-				<input form="form" type="password" id="password" name="password" size="30" maxlength="29">
+				<input form="form" type="password" name="password" size="30" maxlength="29">
 			</td>
 		</tr>
 	</table>

system/templates/account.change-info.html.twig

@@ -4,26 +4,20 @@ Here you can tell other players about yourself. This information will be display
 {% set content %}
 <table style="width: 100%;" >
 	<tr>
-		<td class="LabelV">
-			<label for="info_rlname">Real Name:</label>
-		</td>
+		<td class="LabelV">Real Name:</td>
 		<td style="width:90%;" >
-			<input form="form" id="info_rlname" name="info_rlname" value="{{ account_rlname }}" size="30" maxlength="50" >
+			<input form="form" name="info_rlname" value="{{ account_rlname }}" size="30" maxlength="50" >
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="info_location">Location:</label>
-		</td>
+		<td class="LabelV" >Location:</td>
 		<td>
-			<input form="form" id="info_location" name="info_location" value="{{ account_location }}" size="30" maxlength="50" >
+			<input form="form" name="info_location" value="{{ account_location }}" size="30" maxlength="50" >
 		</td>
 	</tr>
 	{% if setting('core.account_country') %}
 	<tr>
-		<td class="LabelV">
-			<label for="account_country">Country:</label>
-		</td>
+		<td class="LabelV">Country:</td>
 		<td>
 			<select form="form" name="info_country" id="account_country">
 				{% for code, country in countries %}

system/templates/account.change-password.html.twig

@@ -6,7 +6,7 @@ Please enter your current password and a new password. For your security, please
 <table style="width:100%;">
 	<tr>
 		<td class="LabelV">
-			<label for="old_password">Current Password:</label>
+			<span>Current Password:</span>
 		</td>
 		<td>
 			<input form="form" type="password" id="old_password" name="old_password" size="30" maxlength="29">
@@ -17,7 +17,7 @@ Please enter your current password and a new password. For your security, please
 
 	<tr>
 		<td class="LabelV">
-			<label for="new_password">New Password:</label>
+			<span>New Password:</span>
 		</td>
 		<td style="width:90%;">
 			<input form="form" type="password" id="new_password" name="new_password" size="30" maxlength="29">
@@ -28,7 +28,7 @@ Please enter your current password and a new password. For your security, please
 
 	<tr>
 		<td class="LabelV">
-			<label for="new_password_confirm">New Password Again:</label>
+			<span>New Password Again:</span>
 		</td>
 		<td>
 			<input form="form" type="password" id="new_password_confirm" name="new_password_confirm" size="30" maxlength="29">

system/templates/account.characters.change-comment.html.twig

@@ -33,7 +33,6 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 													<td class="LabelV">Name:</td>
 													<td style="width:80%;" >{{ player.name }}</td>
 												</tr>
-												{{ hook('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_NAME') }}
 												<tr>
 													<td class="LabelV" >Hide Account:</td>
 													<td>
@@ -43,7 +42,6 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 														{% if player.group_id > 1 %} (you will be also hidden on the Team page!){% endif %}
 													</td>
 												</tr>
-												{{ hook('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_HIDE_ACCOUNT') }}
 											</table>
 										</div>
 									</div>
@@ -67,7 +65,6 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 													<td class="LabelV" ><span>Comment:</span></td>
 													<td style="width:80%;"><textarea name="comment" rows="10" cols="50" wrap="virtual">{{ player.comment|raw }}</textarea><br>[max. length: 2000 chars, 50 lines (ENTERs)]</td>
 												</tr>
-												{{ hook('HOOK_ACCOUNT_CHARACTERS_CHANGE_COMMENT_AFTER_COMMENT') }}
 											</table>
 										</div>
 									</div>

system/templates/account.characters.change-name.html.twig

@@ -1,4 +1,4 @@
-To change the name of a character, select a player and choose a new name.<br/>
+To change a name of character select player and choose a new name.<br/>
 <span style="color: red">Change name cost {{ setting('core.account_change_character_name_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}.</span><br/><br/>
 
 {% set title = 'Change Name' %}
@@ -6,11 +6,9 @@ To change the name of a character, select a player and choose a new name.<br/>
 {% set content %}
 <table style="width:100%;" >
 	<tr>
-		<td class="LabelV">
-			<label for="player_id">Character:</label>
-		</td>
+		<td class="LabelV" ><span>Character:</span></td>
 		<td style="width:90%;" >
-			<select form="form" id="player_id" name="player_id">
+			<select form="form" name="player_id">
 				{% for player in account_logged.getPlayersList(false) %}
 				<option value="{{ player.getId() }}">{{ player.getName() }}</option>
 				{% endfor %}
@@ -18,9 +16,7 @@ To change the name of a character, select a player and choose a new name.<br/>
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="character_name">New Name:</label>
-		</td>
+		<td class="LabelV" ><span>New Name:</span></td>
 		<td>
 			<input form="form" type="text" name="name" id="character_name" size="25" maxlength="25" >
 			<img id="character_indicator" src="images/global/general/{% if not save or errors|length > 0 %}n{% endif %}ok.gif" />

system/templates/account.characters.change-sex.html.twig

@@ -6,11 +6,9 @@ To change a sex of character select player and choose a new sex.<br/>
 {% set content %}
 <table style="width:100%;" >
 	<tr>
-		<td class="LabelV">
-			<label for="player_id">Character:</label>
-		</td>
+		<td class="LabelV" ><span>Character:</span></td>
 		<td style="width:90%;" >
-			<select form="form" id="player_id" name="player_id">
+			<select form="form" name="player_id">
 				{% for player in players %}
 				<option value="{{ player.getId() }}">{{ player.getName() }}</option>
 				{% endfor %}
@@ -18,11 +16,9 @@ To change a sex of character select player and choose a new sex.<br/>
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="new_sex">New Sex:</label>
-		</td>
+		<td class="LabelV" ><span>New Sex:</span></td>
 		<td>
-			<select form="form" id="new_sex" name="new_sex">
+			<select form="form" name="new_sex">
 				{% for id, gender in config.genders %}
 				<option value="{{ id }}"{% if player_sex == id %} selected{% endif %}>{{ gender }}</option>
 				{% endfor %}

system/templates/account.characters.delete.html.twig

@@ -4,19 +4,15 @@ To delete a character enter the name of the character and your password.<br/><br
 {% set content %}
 <table style="width:100%;">
 	<tr>
-		<td class="LabelV">
-			<label for="delete_name">Character Name:</label>
-		</td>
+		<td class="LabelV" ><span>Character Name:</span></td>
 		<td style="width:90%;">
-			<input form="form" id="delete_name" name="delete_name" value="" size="30" maxlength="29"/>
+			<input form="form" name="delete_name" value="" size="30" maxlength="29"/>
 		</td>
 	</tr>
 	<tr>
-		<td class="LabelV">
-			<label for="delete_password">Password:</label>
-		</td>
+		<td class="LabelV" ><span>Password:</span></td>
 		<td>
-			<input form="form" type="password" id="delete_password" name="delete_password" size="30" maxlength="29"/>
+			<input form="form" type="password" name="delete_password" size="30" maxlength="29"/>
 		</td>
 	</tr>
 </table>

system/templates/account.create.html.twig

@@ -48,7 +48,7 @@
 								</tr>
 
 								{% if setting('core.mail_enabled') and setting('core.account_mail_verify') %}
-									<tr><td></td><td><span><strong>Please use a real address!<br/>We will send a link to validate your Email.</strong></span></td></tr>
+									<tr><td></td><td><span><strong>Please use real address!<br/>We will send a link to validate your Email.</strong></span></td></tr>
 								{% endif %}
 
 								{{ hook('HOOK_ACCOUNT_CREATE_AFTER_EMAIL') }}

system/templates/account.generate_new_recovery_key.html.twig

@@ -1,15 +1,13 @@
-To generate a new recovery key for your account, please enter your password.<br/>
-<span style="color: red"><b>New recovery key cost {{ setting('core.account_change_character_name_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You will receive an e-mail with this recovery key.
+To generate new recovery key for your account please enter your password.<br/>
+<span style="color: red"><b>New recovery key cost {{ setting('core.account_generate_new_reckey_price') }} Premium Points</b>.</span> You have {{ points }} premium points. You will receive e-mail with this recovery key.
 <br/>
 {% set title = 'Generate recovery key' %}
 {% set background = config('darkborder') %}
 {% set content %}
 <table style="width:100%;">
 	<tr>
-		<td class="LabelV">
-			<label for="reg_password">Password:</label>
-		</td>
-		<td><input form="form" type="password" id="reg_password" name="reg_password" size="30" maxlength="29" ></td>
+		<td class="LabelV"><span>Password:</span></td>
+		<td><input form="form" type="password" name="reg_password" size="30" maxlength="29" ></td>
 	</tr>
 </table>
 {% endset %}
@@ -20,7 +18,7 @@ To generate a new recovery key for your account, please enter your password.<br/
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/register-new') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="registeraccountsave" value="1">
@@ -33,7 +31,7 @@ To generate a new recovery key for your account, please enter your password.<br/
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form action="{{ getLink('account/manage') }}" method="post">
 							{{ csrf() }}
 							{{ include('buttons.back.html.twig') }}

system/templates/account.generate_recovery_key.html.twig

@@ -5,10 +5,10 @@ To generate recovery key for your account please enter your password.<br/><br/>
 <table style="width:100%;" >
 	<tr>
 		<td class="LabelV">
-			<label for="reg_password">Password:</label>
+			<span>Password:</span>
 		</td>
 		<td>
-			<input form="form" type="password" id="reg_password" name="reg_password" size="30" maxlength="29" autofocus/>
+			<input form="form" type="password" name="reg_password" size="30" maxlength="29" autofocus/>
 		</td>
 	</tr>
 </table>
@@ -20,7 +20,7 @@ To generate recovery key for your account please enter your password.<br/><br/>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/register') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="registeraccountsave" value="1"/>

system/templates/account.management.html.twig

@@ -114,7 +114,7 @@
 			</tr>
 			<tr style="background-color: {{ config.darkborder }};" >
 				<td>Last Login:</td>
-				<td>{{ account_logged.getCustomField('web_lastlogin')|date("j F Y, G:i:s") }}</td>
+				<td>{{ "now"|date("j F Y, G:i:s") }}</td>
 			</tr>
 			{% autoescape false %}
 			<tr style="background-color: {{ config.lightborder }};" >
@@ -179,7 +179,7 @@
 				{% set i = i + 1 %}
 				<tr bgcolor="{{ getStyle(i) }}">
 					<td>
-						<a href="{{ getLink('characters/' ~ player.getName()|urlencode) }}">{{ player.getName() }}</a>{% if player.isDeleted() %}<span style="color: red"><b> [ DELETED ] </b></span>{% endif %}
+						<a href="{{ getLink('characters/' ~ player.getName()|urlencode) }}">{{ player.getName() }}</a>
 					</td>
 					<td>{{ player.getLevel() }}</td>
 					<td>{{ player.getVocationName() }}</td>

system/templates/admin.changelog.html.twig

@@ -1,6 +1,6 @@
 <div class="card card-info card-outline">
 	<div class="card-header">
-		<h5 class="m-0">Changelogs:
+		<h5 class="m-0">News:
 			<form method="post" class="float-right">
 				{{ csrf() }}
 				<input type="hidden" name="action" value="new" />

system/templates/admin.settings.html.twig

@@ -37,31 +37,21 @@
 {% for key, value in settings %}
 	{% if value.show_if is defined %}
 		$(function () {
-			{% set inputType = 'input' %}
-
-			{% if settings[value.show_if[0]]['type'] == 'options' %}
-				{% set inputType = 'select' %}
-			{% endif %}
-
-			$('{{ inputType }}[name="settings[{{ value.show_if[0] }}]"]').change(function () {
+			$('input[name="settings[{{ value.show_if[0] }}]"]').change(function () {
 				performChecks_{{ key }}(this);
 			});
 
 			{% if settings[value.show_if[0]]['type'] == 'boolean' %}
 			performChecks_{{ key }}('input[name="settings[{{ value.show_if[0] }}]"]:checked');
 			{% else %}
-			performChecks_{{ key }}('{{ inputType }}[name="settings[{{ value.show_if[0] }}]"]');
+			performChecks_{{ key }}('input[name="settings[{{ value.show_if[0] }}]"]');
 			{% endif %}
 		});
 
 		function performChecks_{{ key }}(el)
 		{
 			let success = false;
-
 			let thisVal = $(el).val();
-			{% if settings[value.show_if[0]]['type'] == 'options' %}
-			thisVal = $(el).find(":selected").val();
-			{% endif %}
 
 			let operator = '{{ value.show_if[1]|raw }}';
 			if (operator === '>') {

system/templates/characters.html.twig

@@ -17,7 +17,7 @@
 		{% endif %}
 		<table border="0" cellspacing="1" cellpadding="4" width="100%">
 			{% if config.characters.outfit %}
-			<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:-60px;margin-top:-60px;width:128px;height:128px;" src="{{ outfit }}" alt="player outfit"/></div>
+			<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:{% if player.getLookType() in setting('core.outfit_images_wrong_looktypes') %}-0px;margin-top:-0px;width:64px;height:64px;{% else %}-60px;margin-top:-60px;width:128px;height:128px;{% endif %}" src="{{ outfit }}" alt="player outfit"/></div>
 			{% endif %}
 
 			<tr bgcolor="{{ config.vdarkborder }}">

system/templates/forum.new_post.html.twig

@@ -1,7 +1,7 @@
 <form action="?" method="post">
 	{{ csrf() }}
 	<input type="hidden" name="action" value="new_post" />
-	<input type="hidden" name="thread_id" value="{{ thread_id }}" />
+	<input type="hidden" name="thread_id" value=" {{ thread_id }}" />
 	<input type="hidden" name="subtopic" value="forum" />
 	<input type="hidden" name="save" value="save" />
 	<table width="100%">
@@ -43,8 +43,7 @@
 		</tr>
 	</table>
 	<div style="text-align:center">
-		{% set button_name = 'Post Reply' %}
-		{{ include('buttons.base.html.twig') }}
+		<input type="submit" value="Post Reply" />
 	</div>
 </form>
 

system/templates/forum.new_thread.html.twig

@@ -44,7 +44,6 @@
 		</tr>
 	</table>
 	<div style="text-align:center">
-		{% set button_name = 'Post Thread' %}
-		{{ include('buttons.base.html.twig') }}
+		<input type="submit" value="Post Thread" />
 	</div>
 </form>

system/templates/forum.show_thread.html.twig

@@ -24,7 +24,7 @@ Page: {{ links_to_pages|raw }}<br/>
 		{% set i = i + 1 %}
 		<td valign="top">{{ post.player_link|raw }}<br/>
 			{% if post.outfit is defined %}
-			<img style="margin-left:-60px;margin-top:-60px;width:128px;height:128px;" src="{{ post.outfit }}" alt="player outfit"/>
+			<img style="margin-left:{% if post.player.getLookType() in setting('core.outfit_images_wrong_looktypes') %}-0px;margin-top:-0px;width:64px;height:64px;{% else %}-60px;margin-top:-60px;width:128px;height:128px;{% endif %}" src="{{ post.outfit }}" alt="player outfit"/>
 			<br />
 			{% endif %}
 			<span style="font-size: 10px">

system/templates/guilds.leave_guild.html.twig

@@ -6,7 +6,7 @@
 		<td class="white"><b>Leave guild</b></td></tr>
 	{% if players|length > 0 %}
 	<tr bgcolor="{{ config.lightborder }}">
-		<td width="100%">Select a character to leave the guild:</td>
+		<td width="100%">Select character to leave guild:</td>
 	</tr>
 	<tr bgcolor="{{ config.darkborder }}">
 		<td>

system/templates/guilds.manager.html.twig

@@ -105,8 +105,7 @@ Here you can change names of ranks, delete and add ranks, pass leadership to oth
 				<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=delete_rank" method="post" style="display: inline;">
 					{{ csrf() }}
 					<input type="hidden" name="rankid" value="{{ rank.getId() }}" />
-
-					<input type="submit" value="Delete" />
+					<input type="image" src="/images/news/delete.png" border="0" alt="Delete" />
 				</form>
 			</td>
 			<td>

system/templates/online.html.twig

@@ -4,35 +4,24 @@
 <br/>
 {% endif %}
 
-<br/>
-
 {# vocation statistics #}
 {% if setting('core.online_vocations') %}
-
-	{% set title = 'Vocation statistics' %}
-	{% set tableClass = 'Table3' %}
-	{% set background = config('darkborder') %}
-	{% set content %}
-
+<br/>
 	{% if setting('core.online_vocations_images') %}
-	<table width="200" cellspacing="1" cellpadding="0" border="0" align="center" class="myaac-table">
-		<thead>
-		<tr>
-			<td class="white" style="text-align: center;"><strong>Sorcerers</strong></td>
-			<td class="white" style="text-align: center;"><strong>Druids</strong></td>
-			<td class="white" style="text-align: center;"><strong>Paladins</strong></td>
-			<td class="white" style="text-align: center;"><strong>Knights</strong></td>
-		</tr>
-		</thead>
-
-		<tr>
+	<table width="200" cellspacing="1" cellpadding="0" border="0" align="center">
+		<tr bgcolor="{{ config.darkborder }}">
 			<td><img src="images/sorcerer.png" /></td>
 			<td><img src="images/druid.png" /></td>
 			<td><img src="images/paladin.png" /></td>
 			<td><img src="images/knight.png" /></td>
 		</tr>
-
-		<tr>
+		<tr bgcolor="{{ config.vdarkborder }}">
+			<td class="white" style="text-align: center;"><strong>Sorcerers</strong></td>
+			<td class="white" style="text-align: center;"><strong>Druids</strong></td>
+			<td class="white" style="text-align: center;"><strong>Paladins</strong></td>
+			<td class="white" style="text-align: center;"><strong>Knights</strong></td>
+		</tr>
+		<tr bgcolor="{{ config.lightborder }}">
 			<td style="text-align: center;">{{ vocs[1] }}</td>
 			<td style="text-align: center;">{{ vocs[2] }}</td>
 			<td style="text-align: center;">{{ vocs[3] }}</td>
@@ -40,30 +29,30 @@
 		</tr>
 	</table>
 	<div style="text-align: center;">&nbsp;</div>
-	{% else %}
-	<table border="0" cellspacing="1" cellpadding="4" width="100%" class="myaac-table">
+		{% else %}
+	<table border="0" cellspacing="1" cellpadding="4" width="100%">
+		<tr bgcolor="{{ config.vdarkborder }}">
+			<td class="white" colspan="2"><b>Vocation statistics</b></td>
+		</tr>
+
 		{% for i in 1..config.vocations_amount %}
-		<tr>
+		<tr bgcolor="{{ getStyle(i) }}">
 			<td width="25%">{{ config.vocations[i] }}</td>
 			<td width="75%">{{ vocs[i] }}</td>
 		</tr>
 		{% endfor %}
 	</table>
-	<br/>
+<br/>
 	{% endif %}
-
-{% endset %}
-{% include 'tables.headline.html.twig' %}
-
 {% endif %}
 
 <br/>
 
 {# show skulls #}
 {% if setting('core.online_skulls') %}
-<table width="100%" cellspacing="1" class="myaac-table">
+<table width="100%" cellspacing="1">
 	<tr>
-		<td align="center">
+		<td style="background: {{ config.darkborder }};" align="center">
 			<img src="images/white_skull.gif"/> - 1 - 6 Frags<br/>
 			<img src="images/red_skull.gif"/> - 6+ Frags or Red Skull<br/>
 			<img src="images/black_skull.gif"/> - 10+ Frags or Black Skull
@@ -136,24 +125,23 @@
 {% set title = 'Players Online' %}
 {% set tableClass = 'Table2' %}
 {% set content %}
-<table width="100%" class="myaac-table">
-
-	<tr class="LabelH" style="z-index: 20;">
+<table width="100%">
+	<tr class="LabelH" style="position: relative; z-index: 20;">
 		{% if setting('core.account_country') %}
-			<td style="width: 6px;"><a href="{{ getLink('online')}}?order=country_{{ order == 'country_asc' ? 'desc' : 'asc' }}">#&#160;&#160;</a>
+			<td width="11px"><a href="{{ getLink('online')}}?order=country_{{ order == 'country_asc' ? 'desc' : 'asc' }}">#&#160;&#160;</a>
 			</td>
 		{% endif %}
 		{% if setting('core.online_outfit') %}
-			<td style="width: 32px;"><b>Outfit</b></td>
+			<td><b>Outfit</b></td>
 		{% endif %}
-		<td style="text-align:left;">Name&#160;&#160;
+		<td style="text-align:left; width:50%">Name&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=name_{{ order == 'name_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'name_asc' ? 'order_desc' : (order == 'name_desc' ? 'order_asc' : 'news/blank') }}.gif"/></td>
-		<td style="text-align:left;width:10%">Level&#160;&#160;
+		<td style="text-align:left;width:30%">Level&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=level_{{ order == 'level_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'level_asc' ? 'order_desc' : (order == 'level_desc' ? 'order_asc' : 'news/blank') }}.gif"/>
 		</td>
-		<td style="text-align:left;width:20%">Vocation&#160;&#160;
+		<td style="text-align:left;width:50%">Vocation&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=vocation_{{ order == 'vocation_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'vocation_asc' ? 'order_desc' : (order == 'vocation_desc' ? 'order_asc' : 'news/blank') }}.gif"/>
 		</td>
@@ -163,20 +151,20 @@
 	{% for player in players %}
 		{% set i = i + 1 %}
 
-		<tr style="text-align: right; height: 40px;">
+		<tr style="background: {{ getStyle(i) }}; text-align: right; height: 40px;">
 			{% if setting('core.account_country') %}
 				<td>{{ player.country_image|raw }}</td>
 			{% endif %}
 
 			{% if setting('core.online_outfit') %}
-				<td><img style="position:absolute;margin-top:-48px;margin-left:-70px;" src="{{ player.outfit }}" alt="player outfit"/></td>
+				<td width="5%"><img style="position:absolute;margin-top:-48px;margin-left:-70px;" src="{{ player.outfit }}" alt="player outfit"/></td>
 			{% endif %}
 
-			<td style="text-align:left">
+			<td style="width:70%; text-align:left">
 				{{ player.name|raw }}{{ player.skull|raw }}
 			</td>
-			<td>{{ player.level }}</td>
-			<td>{{ player.vocation }}</td>
+			<td style="width:10%">{{ player.level }}</td>
+			<td style="width:20%">{{ player.vocation }}</td>
 		</tr>
 	{% endfor %}
 </table>

system/templates/team.html.twig

@@ -47,7 +47,7 @@
 
 					{% if setting('core.team_outfit') %}
 					<td>
-						<img style="position: absolute; margin-top: -50px; margin-left: -30px;" src="{{ member.outfit }}" alt="player outfit"/>
+						<img style="position: absolute; margin-top: {% if member.player.looktype in setting('core.outfit_images_wrong_looktypes') %}-16px;margin-left:-0px;{% else %} -45px; margin-left: -30px;{%  endif %}" src="{{ member.outfit }}" alt="player outfit"/>
 					</td>
 					{% endif %}
 
@@ -127,7 +127,7 @@
 				<tr bgcolor="{{ getStyle(i) }}" style="height: 32px;">
 				{% if setting('core.team_outfit') %}
 				<td>
-					<img style="position: absolute; margin-top: -50px; margin-left: -30px;" src="{{ member.outfit }}" alt="player outfit"/>
+					<img style="position: absolute; margin-top: {% if member.player.looktype in setting('core.outfit_images_wrong_looktypes') %}-16px;margin-left:-0px;{% else %} -45px; margin-left: -30px;{%  endif %}" src="{{ member.outfit }}" alt="player outfit"/>
 				</td>
 				{% endif %}
 

templates/kathrine/news.html.twig

@@ -2,9 +2,9 @@
 	<div class="NewsHeadline">
 		<div class="NewsHeadlineBackground" style="background-image:url({{template_path }}/images/news/newsheadline_background.gif)">
 			<img src="{{ constant('BASE_URL') }}images/news/icon_{{ icon }}.gif" class="NewsHeadlineIcon" />
-			<div class="NewsHeadlineDate">{{ date|date(setting('core.news_date_format')) }} - </div>
+			<div class="NewsHeadlineDate">{{ date|date(config.news_date_format) }} - </div>
 			<div class="NewsHeadlineText">{{ title }}</div>
-			{% if setting('core.news_author') and author is not empty %}
+			{% if author is not empty %}
 			<div class="NewsHeadlineAuthor"><b>Author: </b><i>{{ author }}</i></div>
 			{% endif %}
 		</div>

templates/tibiacom/account.management.html.twig

@@ -151,7 +151,7 @@
 						</tr>
 						<tr style="background-color: {{ config.darkborder }};" >
 							<td class="LabelV" >Last Login:</td>
-							<td>{{ account_logged.getCustomField('web_lastlogin')|date("j F Y, G:i:s") }}</td>
+							<td>{{ "now"|date("j F Y, G:i:s") }}</td>
 						</tr>
 						{% autoescape false %}
 						<tr style="background-color: {{ config.lightborder }};">

templates/tibiacom/boxes/templates/highscores.html.twig

@@ -46,7 +46,7 @@
     {% for player in topPlayers %}
 	    <div style="text-align:left"><a href="{{ getPlayerLink(player['name'], false) }} " class="topfont {% if player['online'] %}online{% else %}offline{% endif %}">
 			{% if setting('core.online_outfit') %}
-				<img style="position:absolute;margin-top:-45px;margin-left:-25px;" src="{{ player.outfit }}" alt="player outfit"/>
+				<img style="position:absolute;margin-top:{% if player.looktype in setting('core.outfit_images_wrong_looktypes') %}-20px;margin-left:-0px;{% else %}-45px;margin-left:-25px;{%  endif %}" src="{{ player.outfit }}" alt="player outfit"/>
 			{% endif %}
 				<span style="color: #CCC; margin-left: 40px">{{ player['rank'] }} - </span>
 				{{ player['name'] }}

tools/signature/index.php

@@ -35,14 +35,14 @@
 	if(!isset($_REQUEST['name']))
 		die('Please enter name as get or post parameter.');
 
+	$name = stripslashes(ucwords(strtolower(trim($_REQUEST['name']))));
 	$player = new OTS_Player();
-	$player->find($_REQUEST['name']);
+	$player->find($name);
 
 	if(!$player->isLoaded())
 	{
-		//header('Content-type: image/png');
-		//readfile(SIGNATURES_IMAGES.'nocharacter.png');
-		http_response_code(404);
+		header('Content-type: image/png');
+		readfile(SIGNATURES_IMAGES.'nocharacter.png');
 		exit;
 	}
 

tools/validate.php

@@ -63,7 +63,10 @@ else if(isset($_GET['email']))
 }
 else if(isset($_GET['name']))
 {
-	$name = trim(stripslashes($_GET['name']));
+	$name = $_GET['name'];
+	if(!admin()) {
+		$name = strtolower(stripslashes($name));
+	}
 
 	if(!Validator::characterName($name)) {
 		error_(Validator::getLastError());
@@ -78,12 +81,7 @@ else if(isset($_GET['name']))
 		error_($errors['name']);
 	}
 
-	$extraText = '';
-	if (admin()) {
-		$extraText = "<br/>Note: You are logged in as admin, so you can create almost any name without rules.";
-	}
-
-	success_("Good. Your name will be:<br /><b>$name</b>$extraText");
+	success_('Good. Your name will be:<br /><b>' . (admin() ? $name : ucwords($name)) . '</b>');
 }
 else if(isset($_GET['password']) && isset($_GET['password_confirm'])) {
 	$password = $_GET['password'];