2025-07-09 21:38:31 +02:00
52 changed files with 496 additions and 1345 deletions
--- a/CHANGELOG-1.x.md
+++ b/CHANGELOG-1.x.md
@ -1,43 +1,5 @@
 # Changelog
 ## [1.7.1 - 27.06.2025]
 ### Changed
 * Rename plugin:install:install to plugin:setup, also add alias to previous command (https://github.com/slawkens/myaac/commit/13d33822b59df349199e885a78a3d6beb0863d0b)
 ### Fixed
 * Fix commands: setup + cache:clear (https://github.com/slawkens/myaac/commit/0da524fefe93b3028392e9014550eea3324d3a22, https://github.com/slawkens/myaac/commit/fe8281594e989f00280ba1adc734a9198c6b5cc1)
 * Fix polls link in tibiacom template (https://github.com/slawkens/myaac/commit/d90fa323d7c77d81768df60feeb1c374b1650a0c)
 ## [1.7 - 22.06.2025]
 ### Added
 * Feature: plugins versions check (#310)
 * New hooks: HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS, HOOK_GUILDS_AFTER_MANAGE_BUTTON (https://github.com/slawkens/myaac/commit/c074a48f245df55646b6705737f667b6a84149b2, https://github.com/slawkens/myaac/commit/e6100a1b72de8695bba1dae9ba4e28bfdce47b10)
 * Add OTS_Toolbox::getVocationName(id, promotion) + OTS_Player->isNameLocked() (https://github.com/slawkens/myaac/commit/e222957893c4a1de0dc8dbba55bce1a43418d275, https://github.com/slawkens/myaac/commit/522f6c11d835afd36fd07a07074d96d7e219b488)
 * Add missing csrf in more places, causing white page with error about Request (https://github.com/slawkens/myaac/commit/dca904e61d21d856bf809070e7652803a2df0f58, https://github.com/slawkens/myaac/commit/c720ccc451ff90ef40b2a1595468d061ffd7e1e4)
 ### Changed
 * Revamped online page (https://github.com/slawkens/myaac/commit/9a90e4aae280e607430511c6727d9a714b11f4c5, https://github.com/slawkens/myaac/commit/4767120043b09141870383e249f3729638d53dc2)
 * Better $title inventing (https://github.com/slawkens/myaac/commit/0c95bcfd06b68b21512e477646ef7bd3a0d4912b)
 ### Fixed
 * Use apcu cache clear (https://github.com/slawkens/myaac/commit/b329da52aae9d0e21120a6444d3caf442420ce50, https://github.com/slawkens/myaac/commit/566c2a9151ab6392286f74e26853faa19a1b4f24)
 * fix: boostedcreatures for 13.40 (by @GooseWithAKnife) (#307)
 ## [1.6.1 - 11.06.2025]
 ### Fixed
 * Fixed "Request has been cancelled due to security reasons", cause of missing csrf() in twig files (https://github.com/slawkens/myaac/commit/10cd71a6630ffec91b43a26a6d685b66c5836a6a)
 * Fix: Ignore duplicated route exception (https://github.com/slawkens/myaac/commit/9d8e9d27bd87167d8d4005942a6af62bfe4c0892)
 ### Changed
 * Move counter & visitors code before router (In case someone wants to include that info on page) (https://github.com/slawkens/myaac/commit/f78285030708ad3c74ab048711f73bbf3ee5281e)
 * Set TinyMCE license key to gpl (Avoid warning message in browser console) (https://github.com/slawkens/myaac/commit/8d29fdb98b92dbc3d2853ef88a185c67036b4a77)
 ### Removed
 * Remove deprecated TinyMCE plugin - template (https://github.com/slawkens/myaac/commit/309c1fb715b882e67cb673b1544a03befbf64a22)
 ## [1.6 - 03.06.2025]
 ### Added
--- a/admin/pages/accounts.php
+++ b/admin/pages/accounts.php
@ -27,13 +27,6 @@ $nameOrNumberColumn = getAccountIdentityColumn();
 $hasSecretColumn = $db->hasColumn('accounts', 'secret');
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
 $hasCoinsTransferableColumn = $db->hasColumn('accounts', 'coins_transferable');
 $hasTransferableCoinsColumn = $db->hasColumn('accounts', 'transferable_coins');
 $coinsTransferableColumn =
 	$hasTransferableCoinsColumn ?
 		'transferable_coins' : 'coins_transferable';
 $hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
 $hasTypeColumn = $db->hasColumn('accounts', 'type');
 $hasGroupColumn = $db->hasColumn('accounts', 'group_id');
@ -148,13 +141,6 @@ else if (isset($_REQUEST['search'])) {
 				$t_coins = $_POST['t_coins'];
 				verify_number($t_coins, 'Tibia coins', 12);
 			}
 			// transferable tibia coins
 			if ($hasCoinsTransferableColumn || $hasTransferableCoinsColumn) {
 				$t_coins_transferable = $_POST['t_coins_transferable'];
 				verify_number($t_coins_transferable, 'Transferable Tibia coins', 12);
 			}
 			// prem days
 			$p_days = (int)$_POST['p_days'];
 			verify_number($p_days, 'Prem days', 11);
@ -199,18 +185,12 @@ else if (isset($_REQUEST['search'])) {
 				if ($hasSecretColumn) {
 					$account->setCustomField('secret', $secret);
 				}
 				$account->setCustomField('key', $key);
 				$account->setEMail($email);
 				if ($hasCoinsColumn) {
 					$account->setCustomField('coins', $t_coins);
 				}
 				if ($hasCoinsTransferableColumn || $hasTransferableCoinsColumn) {
 					$account->setCustomField($coinsTransferableColumn, $t_coins_transferable);
 				}
 				$lastDay = 0;
 				if($p_days != 0 && $p_days != OTS_Account::GRATIS_PREMIUM_DAYS) {
 					$lastDay = time();
@ -421,12 +401,6 @@ else if (isset($_REQUEST['search'])) {
 											<input type="text" class="form-control" id="t_coins" name="t_coins" autocomplete="off" maxlength="11" value="<?php echo $account->getCustomField('coins') ?>"/>
 										</div>
 									<?php endif; ?>
 									<?php if ($hasCoinsTransferableColumn || $hasTransferableCoinsColumn): ?>
 										<div class="col-12 col-sm-12 col-lg-6">
 											<label for="t_coins_transferable">Transferable Tibia Coins:</label>
 											<input type="text" class="form-control" id="t_coins_transferable" name="t_coins_transferable" autocomplete="off" maxlength="11" value="<?php echo $account->getCustomField($coinsTransferableColumn) ?>"/>
 										</div>
 									<?php endif; ?>
 									<div class="col-12 col-sm-12 col-lg-6">
 										<label for="p_days">Premium Days:</label>
 										<input type="text" class="form-control" id="p_days" name="p_days" autocomplete="off" maxlength="11" value="<?php echo $account->getPremDays(); ?>"/>
--- a/admin/pages/plugins.php
+++ b/admin/pages/plugins.php
@ -51,56 +51,6 @@ else {
 		} else {
 			error('Error while disabling plugin ' . $disable . ': ' . Plugins::getError());
 		}
 	}
 	else if (isset($_GET['check-updates'])) {
 		$repoUri = $config['admin_plugins_api_uri'] ?? 'https://plugins.my-aac.org/api/';
 		success("Fetching latest info from $repoUri..");
 		$adminPlugins = new \MyAAC\Admin\Plugins();
 		$adminPlugins->setApiBaseUri($repoUri);
 		try {
 			$plugins = $adminPlugins->getLatestVersions();
 		}
 		catch (Exception $e) {
 			error($e->getMessage());
 		}
 		if (isset($plugins) && count($plugins) > 0) {
 			$outdated = [];
 			foreach (get_plugins(true) as $plugin) {
 				$string = file_get_contents(BASE . 'plugins/' . $plugin . '.json');
 				$plugin_info = json_decode($string, true);
 				if (!$plugin_info) {
 					continue;
 				}
 				$disabled = (str_contains($plugin, 'disabled.'));
 				$pluginOriginal = ($disabled ? str_replace('disabled.', '', $plugin) : $plugin);
 				$info = $plugins[$pluginOriginal] ?? false;
 				if ($info && version_compare($info['version'], $plugin_info['version'], '>')) {
 					$outdated[] = [
 						'name' => $pluginOriginal,
 						'yourVersion' => $plugin_info['version'],
 						'latestVersion' => $info['version'],
 						'link' => $info['link'] ?? 'Unknown',
 						'download_link' => $info['download_link'] ?? 'Unknown',
 					];
 				}
 			}
 			if (count($outdated) > 0) {
 				info('Following updates have been found for your plugins:');
 				$twig->display('admin.plugins.outdated.html.twig', ['plugins' => $outdated]);
 			}
 			else {
 				success('All plugins up to date!');
 			}
 		}
 	} else if (isset($_FILES['plugin']['name'])) {
 		$file = $_FILES['plugin'];
 		$filename = $file['name'];
--- a/admin/pages/visitors.php
+++ b/admin/pages/visitors.php
@ -19,7 +19,8 @@ $use_datatable = true;
 if (!setting('core.visitors_counter')): ?>
 	Visitors counter is disabled.<br/>
-	You can enable it in Settings -> General -> Visitors Counter.<br/>
+	You can enable it by editing this configurable in <b>config.local.php</b> file:<br/>
 	<p style="margin-left: 3em;"><b>$config['visitors_counter'] = true;</b></p>
 	<?php
 	return;
 endif;
@ -45,7 +46,7 @@ foreach ($tmp as &$visitor) {
 		if ($dd->isBot()) {
 			$bot = $dd->getBot();
 			$message = '(Bot) %s, <a href="%s" target="_blank">%s</a>';
-			$browser = sprintf($message, $bot['category'] ?? 'Unknown', $bot['url'] ?? '', $bot['name'] ?? 'Unknown name');
+			$browser = sprintf($message, $bot['category'], $bot['url'], $bot['name']);
 		}
 		else {
 			$osFamily = OperatingSystem::getOsFamily($dd->getOs('name'));
--- a/admin/tools/settings_save.php
+++ b/admin/tools/settings_save.php
@ -1,5 +1,6 @@
 <?php
 use MyAAC\Hooks;
 use MyAAC\Settings;
 const MYAAC_ADMIN = true;
--- a/common.php
+++ b/common.php
@ -26,7 +26,7 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 const MYAAC = true;
-const MYAAC_VERSION = '1.7.2-dev';
+const MYAAC_VERSION = '1.6';
 const DATABASE_VERSION = 45;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
--- a/composer.json
+++ b/composer.json
@ -18,8 +18,7 @@
        "symfony/string": "^6.4",
        "symfony/var-dumper": "^6.4",
        "filp/whoops": "^2.15",
-        "maximebf/debugbar": "1.*",
+        "maximebf/debugbar": "1.*"
        "guzzlehttp/guzzle": "7.9.3"
    },
    "require-dev": {
        "phpstan/phpstan": "^1.10"
--- a/composer.lock
+++ b/composer.lock
@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "5317e97a5025ebc2a977214bd3fa964c",
+    "content-hash": "be4d1489a53a9cd8eec6bcaa7a096f30",
    "packages": [
        {
            "name": "brick/math",
@ -493,331 +493,6 @@
            ],
            "time": "2024-09-25T12:00:00+00:00"
        },
        {
            "name": "guzzlehttp/guzzle",
            "version": "7.9.3",
            "source": {
                "type": "git",
                "url": "https://github.com/guzzle/guzzle.git",
                "reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/7b2f29fe81dc4da0ca0ea7d42107a0845946ea77",
                "reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "guzzlehttp/promises": "^1.5.3 || ^2.0.3",
                "guzzlehttp/psr7": "^2.7.0",
                "php": "^7.2.5 || ^8.0",
                "psr/http-client": "^1.0",
                "symfony/deprecation-contracts": "^2.2 || ^3.0"
            },
            "provide": {
                "psr/http-client-implementation": "1.0"
            },
            "require-dev": {
                "bamarni/composer-bin-plugin": "^1.8.2",
                "ext-curl": "*",
                "guzzle/client-integration-tests": "3.0.2",
                "php-http/message-factory": "^1.1",
                "phpunit/phpunit": "^8.5.39 || ^9.6.20",
                "psr/log": "^1.1 || ^2.0 || ^3.0"
            },
            "suggest": {
                "ext-curl": "Required for CURL handler support",
                "ext-intl": "Required for Internationalized Domain Name (IDN) support",
                "psr/log": "Required for using the Log middleware"
            },
            "type": "library",
            "extra": {
                "bamarni-bin": {
                    "bin-links": true,
                    "forward-command": false
                }
            },
            "autoload": {
                "files": [
                    "src/functions_include.php"
                ],
                "psr-4": {
                    "GuzzleHttp\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Graham Campbell",
                    "email": "hello@gjcampbell.co.uk",
                    "homepage": "https://github.com/GrahamCampbell"
                },
                {
                    "name": "Michael Dowling",
                    "email": "mtdowling@gmail.com",
                    "homepage": "https://github.com/mtdowling"
                },
                {
                    "name": "Jeremy Lindblom",
                    "email": "jeremeamia@gmail.com",
                    "homepage": "https://github.com/jeremeamia"
                },
                {
                    "name": "George Mponos",
                    "email": "gmponos@gmail.com",
                    "homepage": "https://github.com/gmponos"
                },
                {
                    "name": "Tobias Nyholm",
                    "email": "tobias.nyholm@gmail.com",
                    "homepage": "https://github.com/Nyholm"
                },
                {
                    "name": "Márk Sági-Kazár",
                    "email": "mark.sagikazar@gmail.com",
                    "homepage": "https://github.com/sagikazarmark"
                },
                {
                    "name": "Tobias Schultze",
                    "email": "webmaster@tubo-world.de",
                    "homepage": "https://github.com/Tobion"
                }
            ],
            "description": "Guzzle is a PHP HTTP client library",
            "keywords": [
                "client",
                "curl",
                "framework",
                "http",
                "http client",
                "psr-18",
                "psr-7",
                "rest",
                "web service"
            ],
            "support": {
                "issues": "https://github.com/guzzle/guzzle/issues",
                "source": "https://github.com/guzzle/guzzle/tree/7.9.3"
            },
            "funding": [
                {
                    "url": "https://github.com/GrahamCampbell",
                    "type": "github"
                },
                {
                    "url": "https://github.com/Nyholm",
                    "type": "github"
                },
                {
                    "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle",
                    "type": "tidelift"
                }
            ],
            "time": "2025-03-27T13:37:11+00:00"
        },
        {
            "name": "guzzlehttp/promises",
            "version": "2.2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/guzzle/promises.git",
                "reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/guzzle/promises/zipball/7c69f28996b0a6920945dd20b3857e499d9ca96c",
                "reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c",
                "shasum": ""
            },
            "require": {
                "php": "^7.2.5 || ^8.0"
            },
            "require-dev": {
                "bamarni/composer-bin-plugin": "^1.8.2",
                "phpunit/phpunit": "^8.5.39 || ^9.6.20"
            },
            "type": "library",
            "extra": {
                "bamarni-bin": {
                    "bin-links": true,
                    "forward-command": false
                }
            },
            "autoload": {
                "psr-4": {
                    "GuzzleHttp\\Promise\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Graham Campbell",
                    "email": "hello@gjcampbell.co.uk",
                    "homepage": "https://github.com/GrahamCampbell"
                },
                {
                    "name": "Michael Dowling",
                    "email": "mtdowling@gmail.com",
                    "homepage": "https://github.com/mtdowling"
                },
                {
                    "name": "Tobias Nyholm",
                    "email": "tobias.nyholm@gmail.com",
                    "homepage": "https://github.com/Nyholm"
                },
                {
                    "name": "Tobias Schultze",
                    "email": "webmaster@tubo-world.de",
                    "homepage": "https://github.com/Tobion"
                }
            ],
            "description": "Guzzle promises library",
            "keywords": [
                "promise"
            ],
            "support": {
                "issues": "https://github.com/guzzle/promises/issues",
                "source": "https://github.com/guzzle/promises/tree/2.2.0"
            },
            "funding": [
                {
                    "url": "https://github.com/GrahamCampbell",
                    "type": "github"
                },
                {
                    "url": "https://github.com/Nyholm",
                    "type": "github"
                },
                {
                    "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises",
                    "type": "tidelift"
                }
            ],
            "time": "2025-03-27T13:27:01+00:00"
        },
        {
            "name": "guzzlehttp/psr7",
            "version": "2.7.1",
            "source": {
                "type": "git",
                "url": "https://github.com/guzzle/psr7.git",
                "reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/guzzle/psr7/zipball/c2270caaabe631b3b44c85f99e5a04bbb8060d16",
                "reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16",
                "shasum": ""
            },
            "require": {
                "php": "^7.2.5 || ^8.0",
                "psr/http-factory": "^1.0",
                "psr/http-message": "^1.1 || ^2.0",
                "ralouphie/getallheaders": "^3.0"
            },
            "provide": {
                "psr/http-factory-implementation": "1.0",
                "psr/http-message-implementation": "1.0"
            },
            "require-dev": {
                "bamarni/composer-bin-plugin": "^1.8.2",
                "http-interop/http-factory-tests": "0.9.0",
                "phpunit/phpunit": "^8.5.39 || ^9.6.20"
            },
            "suggest": {
                "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
            },
            "type": "library",
            "extra": {
                "bamarni-bin": {
                    "bin-links": true,
                    "forward-command": false
                }
            },
            "autoload": {
                "psr-4": {
                    "GuzzleHttp\\Psr7\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Graham Campbell",
                    "email": "hello@gjcampbell.co.uk",
                    "homepage": "https://github.com/GrahamCampbell"
                },
                {
                    "name": "Michael Dowling",
                    "email": "mtdowling@gmail.com",
                    "homepage": "https://github.com/mtdowling"
                },
                {
                    "name": "George Mponos",
                    "email": "gmponos@gmail.com",
                    "homepage": "https://github.com/gmponos"
                },
                {
                    "name": "Tobias Nyholm",
                    "email": "tobias.nyholm@gmail.com",
                    "homepage": "https://github.com/Nyholm"
                },
                {
                    "name": "Márk Sági-Kazár",
                    "email": "mark.sagikazar@gmail.com",
                    "homepage": "https://github.com/sagikazarmark"
                },
                {
                    "name": "Tobias Schultze",
                    "email": "webmaster@tubo-world.de",
                    "homepage": "https://github.com/Tobion"
                },
                {
                    "name": "Márk Sági-Kazár",
                    "email": "mark.sagikazar@gmail.com",
                    "homepage": "https://sagikazarmark.hu"
                }
            ],
            "description": "PSR-7 message implementation that also provides common utility methods",
            "keywords": [
                "http",
                "message",
                "psr-7",
                "request",
                "response",
                "stream",
                "uri",
                "url"
            ],
            "support": {
                "issues": "https://github.com/guzzle/psr7/issues",
                "source": "https://github.com/guzzle/psr7/tree/2.7.1"
            },
            "funding": [
                {
                    "url": "https://github.com/GrahamCampbell",
                    "type": "github"
                },
                {
                    "url": "https://github.com/Nyholm",
                    "type": "github"
                },
                {
                    "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7",
                    "type": "tidelift"
                }
            ],
            "time": "2025-03-27T12:30:47+00:00"
        },
        {
            "name": "illuminate/collections",
            "version": "v10.48.25",
@ -1797,166 +1472,6 @@
            },
            "time": "2021-11-05T16:47:00+00:00"
        },
        {
            "name": "psr/http-client",
            "version": "1.0.3",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/http-client.git",
                "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90",
                "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90",
                "shasum": ""
            },
            "require": {
                "php": "^7.0 || ^8.0",
                "psr/http-message": "^1.0 || ^2.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
                    "dev-master": "1.0.x-dev"
                }
            },
            "autoload": {
                "psr-4": {
                    "Psr\\Http\\Client\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "PHP-FIG",
                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interface for HTTP clients",
            "homepage": "https://github.com/php-fig/http-client",
            "keywords": [
                "http",
                "http-client",
                "psr",
                "psr-18"
            ],
            "support": {
                "source": "https://github.com/php-fig/http-client"
            },
            "time": "2023-09-23T14:17:50+00:00"
        },
        {
            "name": "psr/http-factory",
            "version": "1.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/http-factory.git",
                "reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/php-fig/http-factory/zipball/2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
                "reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1",
                "psr/http-message": "^1.0 || ^2.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
                    "dev-master": "1.0.x-dev"
                }
            },
            "autoload": {
                "psr-4": {
                    "Psr\\Http\\Message\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "PHP-FIG",
                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "PSR-17: Common interfaces for PSR-7 HTTP message factories",
            "keywords": [
                "factory",
                "http",
                "message",
                "psr",
                "psr-17",
                "psr-7",
                "request",
                "response"
            ],
            "support": {
                "source": "https://github.com/php-fig/http-factory"
            },
            "time": "2024-04-15T12:06:14+00:00"
        },
        {
            "name": "psr/http-message",
            "version": "2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/http-message.git",
                "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71",
                "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71",
                "shasum": ""
            },
            "require": {
                "php": "^7.2 || ^8.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
                    "dev-master": "2.0.x-dev"
                }
            },
            "autoload": {
                "psr-4": {
                    "Psr\\Http\\Message\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "PHP-FIG",
                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interface for HTTP messages",
            "homepage": "https://github.com/php-fig/http-message",
            "keywords": [
                "http",
                "http-message",
                "psr",
                "psr-7",
                "request",
                "response"
            ],
            "support": {
                "source": "https://github.com/php-fig/http-message/tree/2.0"
            },
            "time": "2023-04-04T09:54:51+00:00"
        },
        {
            "name": "psr/log",
            "version": "3.0.2",
@ -2058,50 +1573,6 @@
            },
            "time": "2021-10-29T13:26:27+00:00"
        },
        {
            "name": "ralouphie/getallheaders",
            "version": "3.0.3",
            "source": {
                "type": "git",
                "url": "https://github.com/ralouphie/getallheaders.git",
                "reference": "120b605dfeb996808c31b6477290a714d356e822"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822",
                "reference": "120b605dfeb996808c31b6477290a714d356e822",
                "shasum": ""
            },
            "require": {
                "php": ">=5.6"
            },
            "require-dev": {
                "php-coveralls/php-coveralls": "^2.1",
                "phpunit/phpunit": "^5 || ^6.5"
            },
            "type": "library",
            "autoload": {
                "files": [
                    "src/getallheaders.php"
                ]
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Ralph Khattar",
                    "email": "ralph.khattar@gmail.com"
                }
            ],
            "description": "A polyfill for getallheaders.",
            "support": {
                "issues": "https://github.com/ralouphie/getallheaders/issues",
                "source": "https://github.com/ralouphie/getallheaders/tree/develop"
            },
            "time": "2019-03-08T08:55:37+00:00"
        },
        {
            "name": "symfony/console",
            "version": "v6.4.17",
@ -3439,7 +2910,7 @@
    ],
    "aliases": [],
    "minimum-stability": "stable",
-    "stability-flags": {},
+    "stability-flags": [],
    "prefer-stable": false,
    "prefer-lowest": false,
    "platform": {
@ -3450,6 +2921,6 @@
        "ext-xml": "*",
        "ext-dom": "*"
    },
-    "platform-dev": {},
+    "platform-dev": [],
-    "plugin-api-version": "2.6.0"
+    "plugin-api-version": "2.3.0"
 }
--- a/images/order_asc.gif
+++ b/images/order_asc.gif
--- a/images/order_desc.gif
+++ b/images/order_desc.gif
--- a/index.php
+++ b/index.php
@ -93,7 +93,6 @@ if(setting('core.backward_support')) {
 	if($logged && $account_logged)
 		$group_id_of_acc_logged = $account_logged->getGroupId();
 	$config['serverPath'] = $config['server_path'];
 	$config['site'] = &$config;
 	$config['server'] = &$config['lua'];
 	$config['site']['shop_system'] = setting('core.gifts_system');
@ -118,14 +117,6 @@ if(setting('core.backward_support')) {
 		$config['status']['serverStatus_' . $key] = $value;
 }
 if(setting('core.views_counter')) {
 	require_once SYSTEM . 'counter.php';
 }
 if(setting('core.visitors_counter')) {
 	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
 }
 require_once SYSTEM . 'router.php';
 // anonymous usage statistics
@ -162,6 +153,22 @@ if(setting('core.anonymous_usage_statistics')) {
 	}
 }
 if(setting('core.views_counter'))
 	require_once SYSTEM . 'counter.php';
 if(setting('core.visitors_counter')) {
 	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
 }
 /**
 * @var OTS_Account $account_logged
 */
 if ($logged && admin()) {
 	$content .= $twig->render('admin-bar.html.twig', [
 		'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
 	]);
 }
 $title_full =  (isset($title) ? $title . ' - ' : '') . $config['lua']['serverName'];
 require $template_path . '/' . $template_index;
--- a/login.php
+++ b/login.php
@ -88,8 +88,8 @@ switch ($action) {
 	case 'boostedcreature':
 		$clientVersion = (int)setting('core.client');
-		// 13.40 and up
+		// 14.00 and up
-		if ($clientVersion >= 1340) {
+		if ($clientVersion >= 1400) {
 			$creatureBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_creature'))->fetchAll();
 			$bossBoost     = $db->query("SELECT * FROM " . $db->tableName('boosted_boss'))->fetchAll();
 			die(json_encode([
--- a/plugins/example.json
+++ b/plugins/example.json
@ -51,8 +51,5 @@
 		"themes": true,
 		"admin-pages": true,
 		"admin-pages-sub-folders": true,
 		"settings": true,
 		"install": true,
 		"init": false
 	}
 }
--- a/system/functions.php
+++ b/system/functions.php
@ -512,13 +512,6 @@ function template_place_holder($type): string
 	}
 	elseif ($type === 'body_start') {
 		$ret .= $twig->render('browsehappy.html.twig');
 		if (admin()) {
 			global $account_logged;
 			$ret .= $twig->render('admin-bar.html.twig', [
 				'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
 			]);
 		}
 	}
 	elseif($type === 'body_end') {
 		$ret .= template_ga_code();
@ -989,12 +982,11 @@ function load_config_lua($filename)
 		foreach($lines as $ln => $line)
 		{
 			$line = trim($line);
-			if(isset($line[0]) && ($line[0] === '{' || $line[0] === '}')) {
+			if(@$line[0] === '{' || @$line[0] === '}') {
 				// arrays are not supported yet
 				// just ignore the error
 				continue;
 			}
 			$tmp_exp = explode('=', $line, 2);
 			if(str_contains($line, 'dofile')) {
 				$delimiter = '"';
@ -1273,15 +1265,14 @@ function clearCache()
 		$db->setClearCacheAfter(true);
 	}
 	if (function_exists('apcu_clear_cache')) {
 		apcu_clear_cache();
 	}
 	deleteDirectory(CACHE . 'signatures', ['index.html'], true);
 	deleteDirectory(CACHE . 'twig', ['index.html'], true);
 	deleteDirectory(CACHE . 'plugins', ['index.html'], true);
 	deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html', 'persistent'], true);
 	// routes cache
 	clearRouteCache();
 	global $hooks;
 	$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);
--- a/system/libs/pot/OTS_Player.php
+++ b/system/libs/pot/OTS_Player.php
@ -2919,32 +2919,6 @@ class OTS_Player extends OTS_Row_DAO
 		$this->data['banned'] = $ban['active'];
 		$this->data['banned_time'] = $ban['expires'];
 	}
 	public function isNameLocked(): bool
 	{
 		// nothing can't be banned
 		if( !$this->isLoaded() ) {
 			throw new E_OTS_NotLoaded();
 		}
 		if($this->db->hasTable('player_namelocks')) {
 			$ban = $this->db->query('SELECT 1 FROM `player_namelocks` WHERE `player_id` = ' . $this->data['id'])->fetch(PDO::FETCH_ASSOC);
 			return (isset($ban['1']));
 		}
 		else if($this->db->hasTable('bans')) {
 			if($this->db->hasColumn('bans', 'active')) {
 				$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE `type` = 2 AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
 				return isset($ban['active']);
 			}
 			else { // tfs 0.2
 				$ban = $this->db->query('SELECT `time` FROM `bans` WHERE `type` = 2 AND `account` = ' . $this->data['account_id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
 				return isset($ban['time']) && ($ban['time'] == -1 || $ban['time'] > 0);
 			}
 		}
 		return false;
 	}
 /**
 * Deletes player.
 *
@ -2979,14 +2953,21 @@ class OTS_Player extends OTS_Row_DAO
 * @return string Player proffesion name.
 * @throws E_OTS_NotLoaded If player is not loaded or global vocations list is not loaded.
 */
-	public function getVocationName(): string
+	public function getVocationName()
 	{
 		if( !isset($this->data['vocation']) )
 		{
 			throw new E_OTS_NotLoaded();
 		}
-		return OTS_Toolbox::getVocationName($this->data['vocation'], $this->data['promotion'] ?? 0);
+		global $config;
 		$voc = $this->getVocation();
 		if(!isset($config['vocations'][$voc])) {
 			return 'Unknown';
 		}
 		return $config['vocations'][$voc];
 		//return POT::getInstance()->getVocationsList()->getVocationName($this->data['vocation']);
 	}
 /**
--- a/system/libs/pot/OTS_Toolbox.php
+++ b/system/libs/pot/OTS_Toolbox.php
@ -110,15 +110,6 @@ class OTS_Toolbox
        $list->setFilter($filter);
        return $list;
    }
 	public static function getVocationName($id, $promotion = 0): string
 	{
 		if($promotion > 0) {
 			$id = ($id + ($promotion * config('vocations_amount')));
 		}
 		return config('vocations')[$id] ?? 'Unknown';
 	}
 }
 /**#@-*/
--- a/system/pages/404.php
+++ b/system/pages/404.php
@ -8,7 +8,7 @@
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Not Found';
+$title = '404 Not Found';
 header('HTTP/1.0 404 Not Found');
 ?>
--- a/system/pages/405.php
+++ b/system/pages/405.php
@ -8,7 +8,7 @@
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Method Not Allowed';
+$title = '405 Method Not Allowed';
 header('HTTP/1.0 405 Method Not Allowed');
 ?>
--- a/system/pages/account/change-email.php
+++ b/system/pages/account/change-email.php
@ -166,7 +166,7 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
 	$account_logged->setCustomField("email_new", "");
 	$account_logged->setCustomField("email_new_time", 0);
-	$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" >' . csrf(true) . '<tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
+	$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
 	$twig->display('success.html.twig', array(
 		'title' => 'Email Address Change Cancelled',
--- a/system/pages/account/redirect.php
+++ b/system/pages/account/redirect.php
@ -0,0 +1,23 @@
 <?php
 /**
 * Change comment
 *
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $redirect = urldecode($_REQUEST['redirect']);
 // should never happen, unless hacker modify the URL
 if (!str_contains($redirect, BASE_URL)) {
 	error('Fatal error: Cannot redirect outside the website.');
 	return;
 }
 $twig->display('account.redirect.html.twig', array(
 	'redirect' => $redirect
 ));
--- a/system/pages/guilds/list.php
+++ b/system/pages/guilds/list.php
@ -36,9 +36,10 @@ if(count($guilds_list) > 0) {
 		$guildName = $guild->getName();
 		$guilds[] = array('name' => $guildName, 'logo' => $guild_logo, 'link' => getGuildLink($guildName, false), 'description' => $description);
 	}
-}
+};
 $twig->display('guilds.list.html.twig', array(
 	'guilds' => $guilds,
 	'logged' => $logged ?? false,
 	'isAdmin' => admin(),
 ));
--- a/system/pages/online.php
+++ b/system/pages/online.php
@ -22,16 +22,13 @@ $promotion = '';
 if($db->hasColumn('players', 'promotion'))
 	$promotion = '`promotion`,';
-$order = $_GET['order'] ?? 'name_asc';
+$order = $_GET['order'] ?? 'name';
-if(!in_array($order, ['country_asc', 'country_desc', 'name_asc', 'name_desc', 'level_asc', 'level_desc', 'vocation_asc', 'vocation_desc'])) {
+if(!in_array($order, array('country', 'name', 'level', 'vocation')))
-	$order = 'name_asc';
+	$order = $db->fieldName('name');
-}
+else if($order == 'country')
-else if($order == 'vocation_asc' || $order == 'vocation_desc') {
+	$order = $db->tableName('accounts') . '.' . $db->fieldName('country');
-	$order = $promotion . 'vocation_' . (str_contains($order, 'asc') ? 'asc' : 'desc');
+else if($order == 'vocation')
-}
+	$order = $promotion . 'vocation ASC';
 $orderExplode = explode('_', $order);
 $orderSql = $orderExplode[0] . ' ' . $orderExplode[1];
 $skull_type = 'skull';
 if($db->hasColumn('players', 'skull_type')) {
@ -61,11 +58,11 @@ if (setting('core.online_vocations')) {
 }
 if($db->hasTable('players_online')) // tfs 1.0
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $orderSql);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 else
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $orderSql);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
-$players_data = [];
+$players_data = array();
 $players = 0;
 $data = '';
 foreach($playersOnline as $player) {
@ -118,7 +115,7 @@ if(count($players_data) > 0) {
 		}
 		if($result) {
-			$record = $result['record'] . ' player' . ($result['record'] > 1 ? 's' : '') . ($timestamp ? ' (on ' . date("M d Y, H:i:s", $result['timestamp']) . ')' : '');
+			$record = 'The maximum on this game world was ' . $result['record'] . ' players' . ($timestamp ? ' on ' . date("M d Y, H:i:s", $result['timestamp']) . '.' : '.');
 		}
 	}
 }
@ -127,9 +124,8 @@ $twig->display('online.html.twig', array(
 	'players' => $players_data,
 	'record' => $record,
 	'vocs' => $vocs,
 	'order' => $order,
 ));
 //search bar
-$twig->display('characters.form.html.twig');
+$twig->display('online.form.html.twig');
 ?>
--- a/system/router.php
+++ b/system/router.php
@ -174,13 +174,8 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 		// apply aliases
 		$route[1] = str_replace($aliases[0], $aliases[1], $route[1]);
 		try {
 		$r->addRoute($route[0], $route[1], $route[2]);
 	}
 		catch (\Exception $e) {
 			// duplicated route, just ignore
 		}
 	}
 	if (config('env') === 'dev') {
 		foreach(Plugins::getWarnings() as $warning) {
@ -326,9 +321,7 @@ if (isset($_REQUEST['_page_only'])) {
 if(!isset($title)) {
 	$title = str_replace('index.php/', '', $page);
-	$title = str_replace(['_', '-', '/'], ' ', $page);
+	$title = ucfirst($title);
 	$title = ucwords($title);
 }
 if(setting('core.backward_support')) {
--- a/system/routes.php
+++ b/system/routes.php
@ -22,11 +22,11 @@ return [
 	['GET', 'account/confirm-email/{hash:alphanum}', 'account/confirm-email.php'],
 	['GET', 'bans/{page:int}', 'bans.php'],
-	[['GET', 'POST'], 'characters/{name:[A-Za-z0-9-_%+\' \[\]]+}', 'characters.php'],
+	[['GET', 'POST'], 'characters[/{name:[A-Za-z0-9-_%+\' \[\]]+}]', 'characters.php'],
-	['GET', 'changelog/{page:int}', 'changelog.php'],
+	['GET', 'changelog[/{page:int}]', 'changelog.php'],
-	[['GET', 'POST'], 'monsters/{name:string}', 'monsters.php'],
+	[['GET', 'POST'], 'monsters[/{name:string}]', 'monsters.php'],
-	[['GET', 'POST'], 'faq/{action:string}', 'faq.php'],
+	[['GET', 'POST'], 'faq[/{action:string}]', 'faq.php'],
 	[['GET', 'POST'], 'forum/{action:string}', 'forum.php'],
 	['GET', 'forum/board/{id:int}', 'forum/show_board.php'],
--- a/system/settings.php
+++ b/system/settings.php
@ -1062,12 +1062,6 @@ Sent by MyAAC,<br/>
 			'desc' => 'How often to update highscores from database in minutes. Too low may slow down your website.<br/>0 to disable.',
 			'default' => 15,
 		],
 		'highscores_skills_box' => [
 			'name' => 'Display Skills Box',
 			'type' => 'boolean',
 			'desc' => 'show "Choose a skill" box on the highscores (allowing peoples to sort highscores by skill)?',
 			'default' => true,
 		],
 		'highscores_vocation_box' => [
 			'name' => 'Display Vocation Box',
 			'type' => 'boolean',
@ -1270,12 +1264,6 @@ Sent by MyAAC,<br/>
 			'desc' => '',
 			'default' => false,
 		],
 		'online_datacenter' => [
 			'name' => 'Data Center',
 			'type' => 'text',
 			'desc' => 'Server Location, will be shown on online page',
 			'default' => 'Frankfurt - Germany',
 		],
 		[
 			'type' => 'section',
 			'title' => 'Team Page'
--- a/system/src/Admin/Plugins.php
+++ b/system/src/Admin/Plugins.php
@ -1,49 +0,0 @@
 <?php
 namespace MyAAC\Admin;
 use GuzzleHttp\Client;
 class Plugins
 {
 	private string $api_base_uri = 'https://plugins.my-aac.org/api/';
 	public function getLatestVersions(): array
 	{
 		$client = new Client([
 			// Base URI is used with relative requests
 			'base_uri' => $this->api_base_uri,
 			// You can set any number of default request options.
 			'timeout'  => 3.0,
 		]);
 		$plugins = get_plugins(true);
 		foreach ($plugins as &$plugin) {
 			if (str_contains($plugin, 'disabled.')) {
 				$plugin = str_replace('disabled.', '', $plugin);
 			}
 		}
 		try {
 			$response = $client->get('get-latest-versions', [
 				'json' => ['plugins' => $plugins],
 			]);
 		}
 		catch (\Exception $e) {
 			error('API Error. Please try again later.');
 			return [];
 		}
 		$statusCode = $response->getStatusCode();
 		if ($statusCode != 200) {
 			throw new \Exception('Error getting info from plugins repository. Please try again later.');
 		}
 		$data = $response->getBody();
 		return json_decode($data, true);
 	}
 	public function setApiBaseUri(string $uri): void {
 		$this->api_base_uri = $uri;
 	}
 }
--- a/system/src/Commands/CacheClearCommand.php
+++ b/system/src/Commands/CacheClearCommand.php
@ -17,7 +17,10 @@ class CacheClearCommand extends Command
 	protected function execute(InputInterface $input, OutputInterface $output): int
 	{
-		require SYSTEM . 'init.php';
+		global $hooks;
 		$hooks = new Hooks();
 		$hooks->load();
 		$hooks->trigger(HOOK_INIT);
 		$io = new SymfonyStyle($input, $output);
--- a/system/src/Commands/MailSendCommand.php
+++ b/system/src/Commands/MailSendCommand.php
@ -12,10 +12,9 @@ class MailSendCommand extends Command
 {
 	protected function configure(): void
 	{
-		$this->setName('email:send')
+		$this->setName('mail:send')
 			->setAliases(['mail:send'])
 			->setDescription('This command sends E-Mail to single user. Message can be provided as follows: ' . PHP_EOL
-				. '  echo "Hello World" | php aac email:send --subject="This is the subject" test@test.com')
+				. '  echo "Hello World" | php sa email:send --subject="This is the subject" test@test.com')
 			->addArgument('recipient', InputArgument::REQUIRED, 'Email, Account Name, Account id or Player Name')
 			->addOption('subject', 's', InputOption::VALUE_REQUIRED, 'Subject');
 	}
--- a/system/src/Commands/PluginInstallInstallCommand.php
+++ b/system/src/Commands/PluginInstallInstallCommand.php
@ -12,8 +12,7 @@ class PluginInstallInstallCommand extends Command
 {
 	protected function configure(): void
 	{
-		$this->setName('plugin:setup')
+		$this->setName('plugin:install:install')
 			->setAliases(['plugin:install:install'])
 			->setDescription('This command executes the "install" part of the plugin')
 			->addArgument('plugin', InputArgument::REQUIRED, 'Plugin name');
 	}
--- a/system/src/Plugins.php
+++ b/system/src/Plugins.php
@ -532,9 +532,8 @@ class Plugins {
 		self::$plugin_json = $plugin_json;
 		if ($plugin_json == null) {
 			self::$warnings[] = 'Cannot load ' . $file_name . '. File might be not a valid json code.';
 			return false;
 		}
-
+		else {
 			$continue = true;
 			if(!isset($plugin_json['name']) || empty(trim($plugin_json['name']))) {
@ -690,10 +689,7 @@ class Plugins {
 				}
 			}
-		if(!$continue) {
+			if($continue) {
 			return false;
 		}
 				if(!$zip->extractTo(BASE)) { // "Real" Install
 					self::$error = 'There was a problem with extracting zip archive to base directory.';
 					$zip->close();
@ -717,8 +713,13 @@ class Plugins {
 				}
 				clearCache();
 				return true;
 			}
 		}
 		return false;
 	}
 	public static function isEnabled($pluginFileName): bool
 	{
@ -780,20 +781,15 @@ class Plugins {
 			return false;
 		}
-		$install = $plugin_json['install'] ?? '';
+		if(!isset($plugin_json['install'])) {
-		if (self::getAutoLoadOption($plugin_json, 'install', true) && is_file(PLUGINS . $plugin_name . '/install.php')) {
+			self::$error = "Plugin doesn't have install options defined. Skipping...";
 			$install = 'plugins/' . $plugin_name . '/install.php';
 		}
 		if (empty($install)) {
 			self::$error = "This plugin doesn't seem to have install script defined.";
 			return false;
 		}
 		global $db;
-		if (file_exists(BASE . $install)) {
+		if (file_exists(BASE . $plugin_json['install'])) {
 			$db->revalidateCache();
-			require BASE . $install;
+			require BASE . $plugin_json['install'];
 			$db->revalidateCache();
 		}
 		else {
--- a/system/src/global.php
+++ b/system/src/global.php
@ -54,7 +54,6 @@ define('HOOK_ACCOUNT_MANAGE_BEFORE_GENERAL_INFORMATION', ++$i);
 define('HOOK_ACCOUNT_MANAGE_BEFORE_PUBLIC_INFORMATION', ++$i);
 define('HOOK_ACCOUNT_MANAGE_BEFORE_ACCOUNT_LOGS', ++$i);
 define('HOOK_ACCOUNT_MANAGE_BEFORE_CHARACTERS', ++$i);
 define('HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS', ++$i);
 define('HOOK_ACCOUNT_LOGIN_BEFORE_PAGE', ++$i);
 define('HOOK_ACCOUNT_LOGIN_BEFORE_ACCOUNT', ++$i);
 define('HOOK_ACCOUNT_LOGIN_AFTER_ACCOUNT', ++$i);
@ -93,7 +92,6 @@ define('HOOK_EMAIL_CONFIRMED', ++$i);
 define('HOOK_GUILDS_BEFORE_GUILD_HEADER', ++$i);
 define('HOOK_GUILDS_AFTER_GUILD_HEADER', ++$i);
 define('HOOK_GUILDS_AFTER_GUILD_INFORMATION', ++$i);
 define('HOOK_GUILDS_AFTER_MANAGE_BUTTON', ++$i);
 define('HOOK_GUILDS_AFTER_GUILD_MEMBERS', ++$i);
 define('HOOK_GUILDS_AFTER_INVITED_CHARACTERS', ++$i);
 define('HOOK_TWIG', ++$i);
--- a/system/template.php
+++ b/system/template.php
@ -91,7 +91,7 @@ else {
 			$file = BASE . $template_path . '/layout_config.ini';
 		}
-		$template_ini = parse_ini_file($file, true);
+		$template_ini = parse_ini_file($file);
 		unset($file);
 		if ($cache->enabled()) {
--- a/system/templates/account.change-email.html.twig
+++ b/system/templates/account.change-email.html.twig
@ -28,7 +28,7 @@ Please enter your password and the new email address. Make sure that you enter a
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/change-email') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="changeemailsave" value="1"/>
@ -40,14 +40,14 @@ Please enter your password and the new email address. Make sure that you enter a
 		</td>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
 					<td style="border:0;">
 				<form action="{{ getLink('account/manage') }}" method="post">
 					{{ csrf() }}
 					<tr>
 						<td style="border:0px;">
 							{{ include('buttons.back.html.twig') }}
 						</td>
 					</tr>
 				</form>
 					</td>
 				</tr>
 			</table>
 		</td>
 	</tr>
--- a/system/templates/account.characters.change-comment.html.twig
+++ b/system/templates/account.characters.change-comment.html.twig
@ -88,7 +88,7 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 			<td>
 				<table border="0" cellspacing="0" cellpadding="0">
 					<tr>
-						<td style="border:0;">
+						<td style="border:0px;">
 							<input type="hidden" name="name" value="{{ player.name }}">
 							<input type="hidden" name="changecommentsave" value="1">
 							{{ include('buttons.submit.html.twig') }}
@ -99,14 +99,14 @@ If you do not want to specify a certain field, just leave it blank.<br/><br/>
 			</td>
 			<td>
 				<table border="0" cellspacing="0" cellpadding="0">
 					<tr>
 						<td style="border:0;">
 					<form action="{{ getLink('account/manage') }}" method="post">
 						{{ csrf() }}
 						<tr>
 							<td style="border:0px;">
 								{{ include('buttons.back.html.twig') }}
 							</td>
 						</tr>
 					</form>
 						</td>
 					</tr>
 				</table>
 			</td>
 		</tr>
--- a/system/templates/account.characters.delete.html.twig
+++ b/system/templates/account.characters.delete.html.twig
@ -24,7 +24,7 @@ To delete a character enter the name of the character and your password.<br/><br
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/characters/delete') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="deletecharactersave" value="1"/>
@ -36,14 +36,14 @@ To delete a character enter the name of the character and your password.<br/><br
 		</td>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
 					<td style="border:0;">
 				<form action="{{ getLink('account/manage') }}" method="post">
 					{{ csrf() }}
 					<tr>
 						<td style="border:0px;">
 							{{ include('buttons.back.html.twig') }}
 						</td>
 					</tr>
 				</form>
 					</td>
 				</tr>
 			</table>
 		</td>
 	</tr>
--- a/system/templates/account.generate_recovery_key.html.twig
+++ b/system/templates/account.generate_recovery_key.html.twig
@ -32,14 +32,14 @@ To generate recovery key for your account please enter your password.<br/><br/>
 		</td>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
 					<td style="border: 0;">
 				<form action="{{ getLink('account/manage') }}" method="post">
 					{{ csrf() }}
 					<tr>
 						<td style="border: 0;">
 							{{ include('buttons.back.html.twig') }}
 						</td>
 					</tr>
 				</form>
 					</td>
 				</tr>
 			</table>
 		</td>
 	</tr>
--- a/system/templates/account.management.html.twig
+++ b/system/templates/account.management.html.twig
@ -228,7 +228,5 @@
 				</td>
 			</tr>
 		</table>
 		<br/>
 		{{ hook('HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS') }}
 	</div>
 </div>
--- a/system/templates/admin.plugins.form.html.twig
+++ b/system/templates/admin.plugins.form.html.twig
@ -1,9 +1,7 @@
 <div id="install_plugin">
 	<div class="card card-info card-outline">
 		<div class="card-header">
-			<h5 class="m-0">Install plugin
+			<h5 class="m-0">Install plugin</h5>
 				<a href="?p=plugins&check-updates" class="btn btn-primary float-right">Check for updates</a>
 			</h5>
 		</div>
 		<form enctype="multipart/form-data" method="post" action="{{ constant('ADMIN_URL') }}?p=plugins">
 			{{ csrf() }}
--- a/system/templates/admin.plugins.outdated.html.twig
+++ b/system/templates/admin.plugins.outdated.html.twig
@ -1,18 +0,0 @@
 <table class="table table-bordered table-striped">
 	<thead>
 	<tr>
 		<th>Plugin Name</th>
 		<th>Your Version</th>
 		<th>Latest Version</th>
 		<th>Download Link</th>
 	</tr>
 	</thead>
 	{% for plugin in plugins %}
 		<tr>
 			<td>{{ plugin.name }}</td>
 			<td>{{ plugin.yourVersion }}</td>
 			<td>{{ plugin.latestVersion }}</td>
 			<td><a href="{{ plugin.download_link }}" target="_blank">{{ plugin.download_link }}</a></td>
 		</tr>
 	{% endfor %}
 </table>
--- a/system/templates/characters.form.html.twig
+++ b/system/templates/characters.form.html.twig
@ -1,23 +1,17 @@
-<br/>
+<form action="{{ link }}" method="post">
-<form action="{{ getLink('characters') }}" method="post">
+	<table width="100%" border="0" cellspacing="1" cellpadding="4">
-	{% set title = 'Search Character' %}
+		<tr><td bgcolor="{{ config.vdarkborder }}" class="white"><B>Search Character</B></TD></TR>
 	{% set tableClass = 'Table1' %}
 	{% set background = config('darkborder') %}
 	{% set content %}
 		<table width="100%">
 		<tr>
-				<td style="vertical-align:middle" class="LabelV150">
+			<td bgcolor="{{ config.darkborder }}">
-					Character Name:
+				<table border="0" cellpadding="1">
-				</td>
+					<tr>
-				<td style="width:170px">
+						<td>Name:</td><td><input name="name" value="" size="29" maxlength="29"{% if autofocus %} autofocus{% endif %}></TD>
 					<input style="width:165px" name="name" value="" size="29" maxlength="29"/>
 				</td>
 						<td>
-					{% set button_name = 'Submit' %}
+							{{ include('buttons.submit.html.twig') }}
-					{{ include('buttons.base.html.twig') }}
+						</td>
 					</tr>
 				</table>
 			</td>
 		</tr>
 	</table>
 	{% endset %}
 	{{ include('tables.headline.html.twig') }}
 </form>
--- a/system/templates/guilds.view.html.twig
+++ b/system/templates/guilds.view.html.twig
@ -49,7 +49,6 @@
 									{% include('buttons.base.html.twig') %}
 								</a>
 							{% endif %}
 							{{ hook('HOOK_GUILDS_AFTER_MANAGE_BUTTON') }}
 						</div>
 					</td>
 				</tr>
@ -62,7 +61,6 @@
 			{{ hook('HOOK_GUILDS_AFTER_GUILD_INFORMATION') }}
 			{% set title = 'Guild Members' %}
 			{% set background = config('lightborder') %}
 			{% set content %}
 			<table style="width:100%;">
 				<tbody>
@ -153,7 +151,6 @@
 			{{ hook('HOOK_GUILDS_AFTER_GUILD_MEMBERS') }}
 			{% set title = 'Invited Characters' %}
 			{% set background = config('lightborder') %}
 			{% set content %}
 			<table style="width:100%;">
 				<tbody>
--- a/system/templates/highscores.html.twig
+++ b/system/templates/highscores.html.twig
@ -94,10 +94,8 @@
 				{% endif %}
 			</table>
 		</td>
 		{% if setting('core.highscores_skills_box') or setting('core.highscores_vocation_box') %}
 		<td width="5%"></td>
 		<td width="15%" valign="top" align="right">
 			{% if setting('core.highscores_skills_box') %}
 			<table style="border: 0; width: 100%" cellpadding="4" cellspacing="1">
 				<tr bgcolor="{{ config.vdarkborder }}">
 					<td class="white"><B>Choose a skill</B></TD>
@ -111,8 +109,7 @@
 				</tr>
 			</table>
 			<br/>
-			{% endif %}
+			{% if config.highscores_vocation_box %}
 			{% if setting('core.highscores_vocation_box') %}
 			<table border="0" width="100%" cellpadding="4" cellspacing="1">
 				<tr bgcolor="{{ config.vdarkborder }}">
 					<td class="white"><b>Choose a vocation</b></td>
@ -129,6 +126,5 @@
 			{% endif %}
 		</td>
 		<td style="width: 18px"></td>
 		{% endif %}
 	</tr>
 </table>
--- a/system/templates/online.form.html.twig
+++ b/system/templates/online.form.html.twig
@ -0,0 +1,25 @@
 <br/>
 <form action="{{ getLink('characters') }}" method=post>
 	<table width="100%" border="0" cellspacing="1" cellpadding="4">
 		<tr>
 			<td bgcolor="{{ config.vdarkborder }}" class="white">
 				<b>Search Character</b>
 			</td>
 		</tr>
 		<tr>
 			<td bgcolor="{{ config.darkborder }}">
 				<table border="0" cellpadding="1">
 					<tr>
 						<td>Name:</td>
 						<td>
 							<input name="name" value=""size=29 maxlength=29>
 						</td>
 						<td>
 							{{ include('buttons.submit.html.twig') }}
 						</td>
 					</tr>
 				</table>
 			</td>
 		</tr>
 	</table>
 </form>
--- a/system/templates/online.html.twig
+++ b/system/templates/online.html.twig
@ -1,3 +1,35 @@
 <table border="0" cellspacing="1" cellpadding="4" width="100%">
 	<tr bgcolor="{{ config.vdarkborder }}">
 		<td class="white"><b>Server Status</b></td>
 	</tr>
 {% if players|length == 0 %}
 	<tr bgcolor="{{ config.darkborder }}"><td>Currently no one is playing on {{ config.lua.serverName }}.</td></tr></table>
 {% else %}
 	<tr bgcolor="{{ config.darkborder }}">
 		<td>
 			{% if not status.online %}
 			Server is offline.<br/>
 			{% else %}
 				{% if setting('core.online_afk') %}
 					{% set players_count = players|length %}
 					{% set afk = players_count - status.players %}
 					{% if afk < 0 %}
 						{% set players_count = players_count + afk|abs %}
 						{% set afk = 0 %}
 					{% endif %}
 					Currently there are <b>{{ status.players }}</b> active and <b>{{ afk }}</b> AFK players.<br/>
 					Total number of players: <b>{{ players_count }}</b>.<br/>
 				{% else %}
 					Currently {{ players|length }} players are online.<br/>
 				{% endif %}
 			{% endif %}
 			{% if setting('core.online_record') %}
 				{{ record }}
 			{% endif %}
 		</td>
 	</tr>
 </table>
 <br/>
 	{# vocation statistics #}
 	{% if setting('core.online_vocations') %}
 <br/>
@ -40,8 +72,6 @@
 		{% endif %}
 	{% endif %}
 <br/>
 	{# show skulls #}
 	{% if setting('core.online_skulls') %}
 <table width="100%" cellspacing="1">
@ -55,112 +85,32 @@
 </table>
 	{% endif %}
-<br/>
+<table border="0" cellspacing="1" cellpadding="4" width="100%">
-
+	<tr bgcolor="{{ config.vdarkborder }}">
 {% set title = 'World Information' %}
 {% set tableClass = 'Table3' %}
 {% set background = config('darkborder') %}
 {% set content %}
 <table width="100%">
 	<tr>
 		<td class="LabelV150"><b>Status:</b></td>
 		<td>{% if not status.online %}Offline{% else %}Online{% endif %}</td>
 	</tr>
 	<tr>
 		<td class="LabelV150"><b>Players Online:</b></td>
 		<td>
 			{% if setting('core.online_afk') %}
 				{% set players_count = players|length %}
 				{% set afk = players_count - status.players %}
 				{% if afk < 0 %}
 					{% set players_count = players_count + afk|abs %}
 					{% set afk = 0 %}
 				{% endif %}
 				Currently there are <b>{{ status.players }}</b> active and <b>{{ afk }}</b> AFK players.<br/>
 				Total number of players: <b>{{ players_count }}</b>.<br/>
 			{% else %}
 				{{ players|length }}
 			{% endif %}
 		</td>
 	</tr>
 	{% if setting('core.online_record') %}
 	<tr>
 		<td class="LabelV150"><b>Online Record:</b></td>
 		<td>
 			{{ record }}
 		</td>
 	</tr>
 	{% endif %}
 	<tr>
 		<td class="LabelV150"><b>Location Datacenter:</b></td>
 		<td>{{ setting('core.online_datacenter') }} <small>(Server date & time: - {{ "now"|date("d/m/Y H:i:s") }})</small></td>
 	</tr>
 	<tr>
 		<td class="LabelV150"><b>PvP Type:</b></td>
 		<td>
 			{% set worldType = config('lua')['worldType']|lower %}
 			{% if worldType in ['pvp','2','normal','open','openpvp'] %}
 			Open PvP
 			{% elseif worldType in ['no-pvp','nopvp','non-pvp','nonpvp','1','safe','optional','optionalpvp'] %}
 			Optional PvP
 			{% elseif worldType in ['pvp-enforced','pvpenforced','pvp-enfo','pvpenfo','pvpe','enforced','enfo','3','war','hardcore','hardcorepvp'] %}
 			Hardcore PvP
 			{% endif %}
 		</td>
 	</tr>
 </table>
 {% endset %}
 {% include 'tables.headline.html.twig' %}
 <br/>
 <br/>
 {% set title = 'Players Online' %}
 {% set tableClass = 'Table2' %}
 {% set content %}
 <table width="100%">
 	<tr class="LabelH" style="position: relative; z-index: 20;">
 		{% if setting('core.account_country') %}
-			<td width="11px"><a href="{{ getLink('online')}}?order=country_{{ order == 'country_asc' ? 'desc' : 'asc' }}">#&#160;&#160;</a>
+		<td width="11px"><a href="{{ getLink('online?order=country') }}" class="white">#</A></td>
 			</td>
 		{% endif %}
 		{% if setting('core.online_outfit') %}
-			<td><b>Outfit</b></td>
+		<td class="white"><b>Outfit</b></td>
 		{% endif %}
-		<td style="text-align:left; width:50%">Name&#160;&#160;
+		<td width="60%"><a href="{{ getLink('online?order=name') }}" class="white">Name</A></td>
-			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=name_{{ order == 'name_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
+		<td width="20%"><a href="{{ getLink('online?order=level') }}" class="white">Level</A></td>
-			<img class="sortarrow" src="images/{{ order == 'name_asc' ? 'order_desc' : (order == 'name_desc' ? 'order_asc' : 'news/blank') }}.gif"/></td>
+		<td width="20%"><a href="{{ getLink('online?order=vocation') }}" class="white">Vocation</td>
 		<td style="text-align:left;width:30%">Level&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=level_{{ order == 'level_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'level_asc' ? 'order_desc' : (order == 'level_desc' ? 'order_asc' : 'news/blank') }}.gif"/>
 		</td>
 		<td style="text-align:left;width:50%">Vocation&#160;&#160;
 			<small style="font-weight:normal">[<a href="{{ getLink('online')}}?order=vocation_{{ order == 'vocation_asc' ? 'desc' : 'asc' }}">sort</a>]</small>
 			<img class="sortarrow" src="images/{{ order == 'vocation_asc' ? 'order_desc' : (order == 'vocation_desc' ? 'order_asc' : 'news/blank') }}.gif"/>
 		</td>
 	</tr>
 	{% set i = 0 %}
 	{% for player in players %}
 		{% set i = i + 1 %}
-
+		<tr bgcolor="{{ getStyle(i) }}">
 		<tr style="background: {{ getStyle(i) }}; text-align: right; height: 40px;">
 		{% if setting('core.account_country') %}
 			<td>{{ player.country_image|raw }}</td>
 		{% endif %}
 		{% if setting('core.online_outfit') %}
-				<td width="5%"><img style="position:absolute;margin-top:-48px;margin-left:-70px;" src="{{ player.outfit }}" alt="player outfit"/></td>
+			<td width="5%"><img style="position:absolute;margin-top:{% if player.player.looktype in setting('core.outfit_images_wrong_looktypes') %}-20px;margin-left:-0px;{% else %}-45px;margin-left:-25px;{%  endif %}" src="{{ player.outfit }}" alt="player outfit"/></td>
 		{% endif %}
-
+			<td>{{ player.name|raw }}{{ player.skull }}</td>
-			<td style="width:70%; text-align:left">
+			<td>{{ player.level }}</td>
-				{{ player.name|raw }}{{ player.skull }}
+			<td>{{ player.vocation }}</td>
 			</td>
 			<td style="width:10%">{{ player.level }}</td>
 			<td style="width:20%">{{ player.vocation }}</td>
 		</tr>
 	{% endfor %}
 </table>
-{% endset %}
+{% endif %}
 {{ include('tables.headline.html.twig') }}
--- a/system/templates/success.html.twig
+++ b/system/templates/success.html.twig
@ -18,14 +18,13 @@
 {% else %}
 <div style="text-align:center">
 	<table border="0" cellspacing="0" cellpadding="0">
 		<tr>
 			<td style="border:0;">
 		<form action="{{ getLink('account/manage') }}" method="post">
-					{{ csrf() }}
+			<tr>
 				<td style="border:0px;">
 					{{ include('buttons.back.html.twig') }}
 				</form>
 				</td>
 			</tr>
 		</form>
 	</table>
 </div>
 {% endif %}
--- a/system/templates/tinymce.html.twig
+++ b/system/templates/tinymce.html.twig
@ -8,7 +8,7 @@
 			selector: "#editor",
 			content_css: '{{ constant('ADMIN_URL') }}template/style.css',
 			theme: "silver",
-			plugins: 'preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media codesample table charmap pagebreak nonbreaking anchor insertdatetime advlist lists wordcount help code emoticons',
+			plugins: 'preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap pagebreak nonbreaking anchor insertdatetime advlist lists wordcount help code emoticons',
 			toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | emoticons link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
 			resize: 'both',
 			image_advtab: true,
@ -23,8 +23,6 @@
 				{title: 'Colored Table', value: 'myaac-table'},
 			],
 			license_key: 'gpl',
 			setup: function (ed) {
 				ed.on('NodeChange', function (e) {
 					if (ed.getContent() !== lastContent) {
--- a/templates/kathrine/style.css
+++ b/templates/kathrine/style.css
@ -453,27 +453,6 @@ a:hover
  white-space: nowrap;
  vertical-align: top;
 }
 .LabelV120 {
 	font-weight: bold;
 	padding-right: 10px;
 	white-space: nowrap;
 	vertical-align: top;
 	width: 120px;
 }
 .LabelV150 {
 	font-weight: bold;
 	padding-right: 10px;
 	white-space: nowrap;
 	vertical-align: top;
 	width: 150px;
 }
 .LabelV200 {
 	font-weight: bold;
 	padding-right: 10px;
 	white-space: nowrap;
 	vertical-align: top;
 	width: 200px;
 }
 .LabelH {
  font-weight: bold;
  padding-right: 10px;
--- a/templates/tibiacom/account.management.html.twig
+++ b/templates/tibiacom/account.management.html.twig
@ -11,14 +11,13 @@
 					<td width="100%"></td>
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
 								<td style="border:0;">
 							<form action="{{ getLink('account/logout') }}" method="post" >
-										{{ csrf() }}
+								<tr>
 									<td style="border:0px;">
 										{{ include('buttons.logout.html.twig') }}
 									</form>
 									</td>
 								</tr>
 							</form>
 						</table>
 					</td>
 				</tr>
@ -60,14 +59,13 @@
 			</table>
 			<div style="text-align:center">
 				<table border="0" cellspacing="0" cellpadding="0" style="margin-left: auto; margin-right: auto;">
 					<form action="{{ getLink('account/register') }}" method="post">
 						<tr>
 							<td style="border:0;">
 							<form action="{{ getLink('account/register') }}" method="post">
 								{{ csrf() }}
 								{{ include('buttons.register_account.html.twig') }}
 							</form>
 							</td>
 						</tr>
 					</form>
 				</table>
 			</div>
 		</div>
@ -96,14 +94,13 @@
 			</table>
 			<div style="text-align:center">
 				<table border="0" cellspacing="0" cellpadding="0">
 					<tr>
 						<td style="border:0;">
 					<form action="{{ getLink('account/change-email') }}" method="post">
-								{{ csrf() }}
+						<tr>
 							<td style="border:0px;">
 								{{ include('buttons.edit.html.twig') }}
 							</form>
 							</td>
 						</tr>
 					</form>
 				</table>
 			</div>
 		</div>
@ -180,29 +177,26 @@
 				<tr>
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
 							<tr>
 								<td style="border:0;" >
 							<form action="{{ getLink('account/change-password') }}" method="post">
-										{{ csrf() }}
+								<tr>
 									<td style="border:0px;" >
 										{{ include('buttons.change_password.html.twig') }}
 									</form>
 									</td>
 								</tr>
 							</form>
 						</table>
 					</td>
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
 							<tr>
 								<td style="border:0;">
 							<form action="{{ getLink('account/change-email') }}" method="post">
-										{{ csrf() }}
+								<tr>
-
+									<td style="border:0px;">
 										<input type="hidden" name="newemail" value=""/>
 										<input type="hidden" name="newemaildate" value="0">
 										{{ include('buttons.change_email.html.twig') }}
 									</form>
 									</td>
 								</tr>
 							</form>
 						</table>
 					</td>
 					<td width="100%"></td>
@ -210,14 +204,13 @@
 					{% if recovery_key is empty %}
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
 							<tr>
 								<td style="border:0;">
 							<form action="{{ getLink('account/register') }}" method="post">
-										{{ csrf() }}
+								<tr>
 									<td style="border:0px;">
 										{{ include('buttons.register_account.html.twig') }}
 									</form>
 									</td>
 								</tr>
 							</form>
 						</table>
 					</td>
 					{% endif %}
@ -265,14 +258,13 @@
 							</td>
 							<td align=right>
 								<table border="0" cellspacing="0" cellpadding="0">
 									<tr>
 										<td style="border:0;">
 									<form action="{{ getLink('account/change-info') }}" method="post">
-												{{ csrf() }}
+										<tr>
 											<td style="border:0px;">
 												{{ include('buttons.edit.html.twig') }}
 											</form>
 											</td>
 										</tr>
 									</form>
 								</table>
 							</td>
 						</tr>
@ -406,9 +398,8 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
-								<td style="border:0;">
+								<td style="border:0px;">
 									<form action="{{ getLink('account/characters/create') }}" method="post" >
 										{{ csrf() }}
 										{{ include('buttons.create_character.html.twig') }}
 									</form>
 								</td>
@ -419,9 +410,8 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
-								<td style="border:0;">
+								<td style="border:0px;">
 									<form action="{{ getLink('account/characters/change-name') }}" method="post" >
 										{{ csrf() }}
 										{{ include('buttons.change_name.html.twig') }}
 									</form>
 								</td>
@ -433,9 +423,8 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
-								<td style="border:0;">
+								<td style="border:0px;">
 									<form action="{{ getLink('account/characters/change-sex') }}" method="post">
 										{{ csrf() }}
 										{{ include('buttons.change_sex.html.twig') }}
 									</form>
 								</td>
@ -447,9 +436,8 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
 							<tr>
-								<td style="border: 0;">
+								<td style="border: 0px;">
 									<form action="{{ getLink('account/characters/delete') }}" method="post">
 										{{ csrf() }}
 										{{ include('buttons.delete_character.html.twig') }}
 									</form>
 								</td>
@ -463,7 +451,4 @@
 </table>
 {% endset %}
 {% include 'tables.headline.html.twig' %}
-<br/>
+<br/><br/>
 {{ hook('HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS') }}
 <br/>
--- a/templates/tibiacom/basic.css
+++ b/templates/tibiacom/basic.css
@ -1446,27 +1446,6 @@ img {
  white-space: nowrap;
  vertical-align: top;
 }
 .LabelV120 {
 	font-weight: bold;
 	padding-right: 10px;
 	white-space: nowrap;
 	vertical-align: top;
 	width: 120px;
 }
 .LabelV150 {
 	font-weight: bold;
 	padding-right: 10px;
 	white-space: nowrap;
 	vertical-align: top;
 	width: 150px;
 }
 .LabelV200 {
 	font-weight: bold;
 	padding-right: 10px;
 	white-space: nowrap;
 	vertical-align: top;
 	width: 200px;
 }
 .LabelH {
  font-weight: bold;
  padding-right: 10px;
--- a/templates/tibiacom/boxes/templates/poll.html.twig
+++ b/templates/tibiacom/boxes/templates/poll.html.twig
@ -1,6 +1,6 @@
 <div id="CurrentPollBox" class="Themebox" style="background-image:url({{ template_path }}/images/themeboxes/current-poll/currentpollbox.gif);">
 	<div id="CurrentPollText">{{ poll.question }}</div>
-	<a class="ThemeboxButton" href="{{ getLink('polls') }}?ìd={{ poll.id }}" onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" style="background-image:url({{ template_path }}/images/global/buttons/sbutton.gif);"><div class="BigButtonOver" style="background-image:url({{ template_path }}/images/global/buttons/sbutton_over.gif);"></div><div class="ButtonText" style="background-image:url({{ template_path }}/images/global/buttons/_sbutton_votenow.gif);"></div>
+	<a class="ThemeboxButton" href="{{ getLink('polls') }}/{{ poll.id }}" onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" style="background-image:url({{ template_path }}/images/global/buttons/sbutton.gif);"><div class="BigButtonOver" style="background-image:url({{ template_path }}/images/global/buttons/sbutton_over.gif);"></div><div class="ButtonText" style="background-image:url({{ template_path }}/images/global/buttons/_sbutton_votenow.gif);"></div>
 	</a>
 	<div class="Bottom" style="background-image:url({{ template_path }}/images/general/box-bottom.gif);"></div>
 </div>
--- a/templates/tibiacom/index.php
+++ b/templates/tibiacom/index.php
@ -454,7 +454,7 @@ foreach($config['menu_categories'] as $id => $cat) {
 			foreach($config['boxes'] as $box) {
 				/** @var string $template_name */
-				$file = __DIR__ . '/boxes/' . $box . '.php';
+				$file = TEMPLATES . $template_name . '/boxes/' . $box . '.php';
 				if(file_exists($file)) {
 					include($file); ?>
 				<?php
--- a/templates/tibiacom/success.html.twig
+++ b/templates/tibiacom/success.html.twig
@ -35,7 +35,6 @@
 		<tr>
 			<td style="border:0;">
 				<form action="{{ getLink('account/manage') }}" method="post">
 					{{ csrf() }}
 					{{ include('buttons.back.html.twig') }}
 				</form>
 			</td>