update to 0.2.4

fixed when there are spaces at beginning of the file
fixed when file is unable to parse

.htaccess.dist

@@ -6,8 +6,7 @@ RewriteEngine On
 # Page parser
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
-RewriteRule ^([A-Za-z0-9-_']+)\.png/?$ tools/signature/index.php?name=$1 [L]
+RewriteRule ^([A-Za-z0-9-_+']+)\.png/?$ tools/signature/index.php?name=$1 [L]
-RewriteRule ^images/items/([0-9]+)\.gif$ tools/item.php?id=$1
 RewriteRule ^characters/([A-Za-z0-9-_+']+)$ index.php?subtopic=characters&name=$1
 RewriteRule ^guilds/([A-Za-z0-9-_+']+)$ index.php?subtopic=guilds&action=show&guild=$1
 RewriteRule ^forum/board/([0-9]+)$ index.php?subtopic=forum&action=show_board&id=$1
@@ -19,10 +18,11 @@ RewriteRule ^account/manage$ index.php?subtopic=accountmanagement
 RewriteRule ^account/create$ index.php?subtopic=createaccount
 RewriteRule ^account/lost$ index.php?subtopic=lostaccount
 RewriteRule ^account/logout$ index.php?subtopic=accountmanagement&action=logout
-RewriteRule ^news/archive/([0-9]+)$ index.php?subtopic=news&archive=true&id=$1
+RewriteRule ^news/archive/([0-9]+)$ index.php?subtopic=newsarchive&id=$1
-RewriteRule ^news/archive$ index.php?subtopic=news&archive=true
+RewriteRule ^news/archive$ index.php?subtopic=newsarchive
 RewriteRule ^highscores/([A-Za-z0-9-_]+)/([A-Za-z0-9-_]+)?$ index.php?subtopic=highscores&list=$1&vocation=$2
 RewriteRule ^highscores/([A-Za-z0-9-_']+)$ index.php?subtopic=highscores&list=$1
+RewriteRule ^polls/([0-9]+)$ index.php?subtopic=polls&id=$1
 RewriteRule ^admin/$ admin/index.php
 RewriteRule ^install/$ install/index.php
 

CHANGELOG

@@ -0,0 +1,140 @@
+[0.2.4 - 09.06.2017]
+	- fixed invite to guild
+	- added id field on monsters, so you can delete them in phpmyadmin
+	- fixed adding some creatures with ' and "
+	- fixed when there are spaces at beginning of the file (creatures)
+	- fixed when file is unable to parse (creatures)
+	- fixed typo loss_items => loss_containers
+	- more elegant way of showing message on reload creatures and spells
+[0.2.3 - 31.05.2017]
+	- fixed guild management on OTHire 0.0.3
+	- set default skills to 10 when creating new character
+	- fixed displaying of "Create forum thread" in newses
+	- fixed deleting guild on servers that use players.rank_id field
+	- fixed phpmailer class loading (https://otland.net/threads/myaac-v0-0-1.251454/page-8#post-2445222)
+	- fixed displaying vocation amount on online page
+	- better support for custom vocations, you just need to set in config vocations_amount to yours.
+	- fixed huge space in player name (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444328)
+	- fixed Undefined variable (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444034)
+	- fixed Undefined offset (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444035)
+
+[0.2.2 - 22.05.2017]
+	- added missing cache/signature directory
+	- fixed https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2443868
+
+[0.2.1 - 21.05.2017]
+	- added Swedish translation by Sizaro
+	- fixed some bugs with installlation & characters & houses
+
+[0.2.0 - 21.05.2017]
+	- added option to change character sex for premium points
+	- moved site_closed to database, now you can close your site through admin panel
+	- added option to admin panel: clear cache
+	- added experiencetable_rows configurable
+	- optimized OTS_Account->getGroupId(), now its using like 20 queries less
+	- optimized OTS_Player->load($id) function, should be much faster now
+	- fixed displaying on highscores special outfits
+	- fixed skull images displaying
+	- fixed displaying unlimited premium account
+	- fixed bug where players.lookaddons doesn't exist (OTHire etc.) (https://otland.net/threads/myaac-v0-0-1.251454/page-6#post-2442407)
+	- fixed signature tibian for OTHire and other servers that doesnt use accounts.premdays field
+	- fixed when player name in signature containst space
+	- don't show "Create forum thread" when editing
+	- fixed red color table after create account
+	- updated download links, as clients.halfaway.net isn't working anymore
+	- fixed some bugs while installing when field `email_next` or `hidden` already exist
+	- fixed movies unexpected comment
+	- added template_place_holder('center_top') to kathrine template
+
+[0.1.5 - 13.05.2017]
+	- fixed bug with "Integrity constraint violation: 1048 Column 'ip' cannot be null"
+
+[0.1.4 - 13.05.2017]
+	- added outfit shower, in characters, online, and highscores
+	- updated database to version 2
+	- fixed item images (now using item-images.ots.me host by default)
+	- fixed news ticket and posting long newses (https://otland.net/threads/myaac-v0-0-1.251454/page-5#post-2442026)
+	- news body limit increased to 65535 (mysql text field)
+	- removed some unused code from my old server
+	- added spells & monsters to kathrine template
+
+[0.1.3 - 11.05.2017]
+	- this is just release to update version number
+
+[0.1.2 - 11.05.2017]
+	- forgot to update CHANGELOG and MYAAC_VERSION
+
+[0.1.1 - 11.05.2017]
+	- fixed updating myaac_config with database_version to 1
+	- fixed database updater
+
+[0.1.0 - 11.05.2017]
+	- added new feature: change character name for premium points (disabled by default, you can enable it in config under account_change_character_name in config.php)
+	- added automatic database updater (data migrations)
+	- renamed events to hooks
+	- moved hooks to database
+	- now you can use hooks in plugins
+	- set account.type field to 5 on install, if TFS 1.0+
+	- added example plugin
+	- new, latest google analytics code
+	- fixed bug with loading account.name that has numbers in it
+	- fixed many bugs in player editor in admin panel
+	- added error handling to plugin manager and some more verification in
+	- file has been correctly unpacked/uploaded
+	- fixed Statistics page in admin panel when using account.number
+	- fixed bug when creating/recovering account on servers with
+	- account.salt field (TFS 0.3 for example)
+	- fixed forum showing thread with html tags (added from news manager)
+	- new, latest code for youtube videos in movies page
+	- fixed showing vocation images when using $config['online_vocations_images']
+	- many fixes in polls (also importing proper schema)
+	- fixed hovering on buttons in kathrine template (on accountmanagement page)
+	- fixed signatures (many fixes)
+	- added missing gesior signature system
+
+[0.0.6 - 06.05.2017]
+	- fixed bug while installing (https://otland.net/threads/myaac-v0-0-1.251454/page-3#post-2440543)
+	- fixed bug when creating character (not showing errors) (one more time)
+	- fixed support for TFS 0.2 series
+	- added FAQ link
+	
+[0.0.5 - 05.05.2017]
+	- fixed bug when creating character (not showing errors)
+	- Fixed characters loading with names that has been created with other AAC
+	- fixed links to shop in default template
+	- fixed some weird PHP 7.1 warnings/notices
+	- Fixed config loading with some weird comments
+	- fixed bug with status info utf8 encoding (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440259)
+	- fixed when ip in log_action is NULL (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440357)
+	- fixed bug when guild doesn't exist on characters page (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440320)
+	- disabled friendly_urls by default
+	- fixes when $config['database_*'] is set
+	- added CHANGELOG
+
+[0.0.3 - 03.05.2017]
+	- Full support for OTHire 0.0.3
+	- added support for otservers that doesn't use account.name field, instead just account number will be used
+	- fixed encryption detection on TFS 0.3
+	- fixed bug when server_config table doesn't exist
+	- (install) moved admin account creation to new step
+	- fixed news comment link
+	- by default, the installer creates now the Admin player, for admin account
+	- fixed installation errors
+	- fixed config.lua loading with some weird comments
+
+[0.0.2 - 02.05.2017]
+	- updated forum links to use friendly_urls
+	- some more info will be shown when cannot connect to database
+	- show more error infos when creating character
+	- fixed forum link on newses
+	- fixed spells loading when there's vocation name instead of id
+	- fixed bug when you have changed template but it doesn't exist anymore
+	- fixed vocations with promotion loading
+	- fixed support for gesior pages and templates
+	- added function OTS_Acount:getGroupId()
+
+[0.0.1 - 01.05.2017]
+	This is first official release of MyAAC.
+	Features are listed here
+
+	For more information, see the release announcement on OTLand: https://otland.net/threads/myaac-v0-0-1.251454/

README

@@ -1,41 +0,0 @@
-MyAAC 0.0.1 - http://www.my-aac.org
-
-REQUIREMENTS
-=====================================
-	- PHP 5.1.0 or later
-	- MySQL database
-	- (optional) mod_rewrite to use friendly_urls
-
-INSTALLATION AND CONFIGURATION
-=====================================
-	Just decompress and untar the source (which you should have done by now,
-	if you're reading this), into your webserver's document root.
-
-	MyAAC needs proper permissions to handle files correctly.
-	If you're using apache2, then your directory needs to have owner set to: www-data, you can do it by using following command:
-		chown -R www-data.www-data /var/www/*
-			(or any other path your MyAAC installation is located at..)
-
---------------------------
-		Note: Linux only
-		If you're under linux use these commands to set proper permissions:
-			chmod 660 config.local.php
-			chmod 660 images/guilds
-			chmod 660 images/houses
-			chmod 660 images/screenshots
---------------------------
-
-	Visit http://your_domain/install (http://localhost/install) and follow instructions in the browser.
-
-KNOWN PROBLEMS
-=====================================
-	- none -
-
-OTHER NOTES
-=====================================
-	If you have a great idea or want contribute to the project - visit our website at http://www.my-aac.org
-
-LICENSING
-=====================================
-	This program and all associated files are released under the GNU Public
-	License, see LICENSE for details.

admin/index.php

@@ -1 +1 @@
-<?php
+<?php

admin/templates/clean/style.css

@@ -40,6 +40,17 @@ h1, h2, h3, h4, h5, h6 {color: #313334; font-weight: bold;}
 	text-align: left;
 }
 
+.table, .table td, .table th{
+	border: 1px solid #ddd;
+}
+
+.table th a:link {color: white; text-decoration: none;}
+.table th a:link		{color: white; text-decoration: none;}
+.table th a:visited	{color: white; text-decoration: none;}
+.table th a:focus		{color: white; text-decoration: none;}
+.table th a:active	{color: white; text-decoration: underline;}
+.table th a:hover		{color: white; text-decoration: underline;}
+
 .table tr:nth-child(odd) {background-color: #d1d1d1}
 
 a.ico { color:#9d9c9a; font-size:10px; text-decoration: none; padding:0 0 0 14px; background-repeat:no-repeat; background-position:0 0; }

common.php

@@ -21,13 +21,14 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.0.3');
+define('MYAAC_VERSION', '0.2.4');
+define('DATABASE_VERSION', 4);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : 'LINUX');
@@ -43,6 +44,11 @@ define('FLAG_CONTENT_COMMANDS', 64);
 define('FLAG_CONTENT_SPELLS', 128);
 define('FLAG_CONTENT_MONSTERS', 256);
 
+// news
+define('NEWS', 1);
+define('TICKET', 2);
+define('ARTICLE', 3);
+
 // directories
 define('BASE', dirname(__FILE__) . '/');
 define('ADMIN', BASE . 'admin/');

config.php

@@ -13,7 +13,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 
@@ -24,11 +24,13 @@ $config = array(
 	'template' => 'kathrine', // template used by website (kathrine, tibiacom)
 	'template_allow_change' => true, // allow users to choose their own template while browsing website?
 
+	'vocations_amount' => 4, // how much basic vocations your server got (without promotion)
+
 	// what client version are you using on this OT?
 	// used for the Downloads page and some templates aswell
 	'client' => 1098, // 954 = client 9.54
 
-	'friendly_urls' => false, // mod_rewrite is required for this, it makes links looks more elegant to eye, and also are SEO friendly (example: http://my-aac.org/guilds/Testing instead of http://my-aac.org/?subtopic=guilds&name=Testing)
+	'friendly_urls' => false, // mod_rewrite is required for this, it makes links looks more elegant to eye, and also are SEO friendly (example: http://my-aac.org/guilds/Testing instead of http://my-aac.org/?subtopic=guilds&name=Testing). Remember to rename .htaccess.dist to .htaccess
 	'gzip_output' => false, // gzip page content before sending it to the browser, uses less bandwidth but more cpu cycles
 
 	// gesior backward support (templates & pages)
@@ -43,11 +45,6 @@ $config = array(
 	// footer
 	'footer' => ''/*'<br/>Your Server &copy; 2016. All rights reserved.'*/,
 
-	// site closed
-	'site_closed' => false,
-	'site_closed_title' => 'Closed',
-	'site_closed_message' => 'Server is under maintance, please visit later.<br/><br/>',
-
 	'debug_level' => 0, // 0 - disabled, 1 - show load time, 2 - show db query counter, 3 - both, 4 - memory usage, 5 - load time & load time, 6 - queries & memory usage, 7 - all
 
 	'language' => 'en', // default language (currently only 'en' available)
@@ -59,7 +56,7 @@ $config = array(
 
 	// cache system. by default file cache is used
 	'cache_engine' => 'auto', // apc, eaccelerator, xcache, file, auto, or blank to disable.
-	'cache_prefix' => 'myaac_', // have to be unique if running more MyAAC instances on the same server, ignored when using file cache.
+	'cache_prefix' => 'myaac_', // have to be unique if running more MyAAC instances on the same server
 
 	// database details (leave blank for auto detect from config.lua)
 	'database_host' => '',
@@ -75,6 +72,10 @@ $config = array(
 		//'2' => 'Your Second World Name'
 	),
 
+	// items
+	'outfit_images_url' => 'http://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
+	'item_images_url' => 'http://item-images.ots.me/960/', // set to images/items if you host your own items in images folder
+
 	// account
 	'account_management' => true, // disable if you're using other method to manage users (fe. tfs account manager)
 	'account_mail_verify' => false, // force users to confirm their email addresses when registering account
@@ -84,14 +85,19 @@ $config = array(
 	'account_welcome_mail' => true, // send welcome email when user registers
 	'account_mail_change' => 2, // how many days user need to change email to account - block hackers
 	'account_country' => true, // user will be able to set country of origin when registering account, this information will be viewable in others places aswell
+	'account_change_character_name' => false, // can user change their character name for premium points?
+	'account_change_character_name_points' => 30, // cost of name change
+	'account_change_character_sex' => false, // can user change their character sex for premium points?
+	'account_change_character_sex_points' => 30, // cost of sex change
+	'characters_per_account' => 10,	// max. number of characters per account
 
 	// mail
 	'mail_enabled' => false, // is aac maker configured to send e-mails?
 	'mail_address' => 'no-reply@your-server.org', // server e-mail address (from:)
 	'mail_admin' => 'your-address@your-server.org', // admin email address, where mails from contact form will be sent
 	'mail_signature' => array( // signature that will be included at the end of every message sent using _mail function
-		'plain' => "--\nMy Server,\nhttp://www.myserver.com",
+		'plain' => ''/*'--\nMy Server,\nhttp://www.myserver.com'*/,
-		'html' => '<br/>My Server,\n<a href="http://www.myserver.com">myserver.com</a>'
+		'html' => ''/*'<br/>My Server,\n<a href="http://www.myserver.com">myserver.com</a>'*/
 	),
 	'smtp_enabled' => false, // send by smtp or mail function (set false if use mail function)
 	'smtp_host' => '', // mail host
@@ -131,8 +137,6 @@ $config = array(
 		1 => 'Sample town'
 	),
 
-	'characters_per_account' => 10,	// max. number of characters per account
-
 	// guilds
 	'guild_management' => true, // enable guild management system on the site?
 	'guild_need_level' => 1, // min. level to form a guild
@@ -153,6 +157,7 @@ $config = array(
 	'online_vocations' => false, // display vocation statistics?
 	'online_vocations_images' => false, // display vocation images?
 	'online_skulls' => false, // display skull images
+	'online_outfit' => true,
 	'online_afk' => false,
 
 	// support list page
@@ -169,6 +174,7 @@ $config = array(
 	'highscores_vocation_box' => true, // show 'Choose a vocation' box on the highscores (allowing peoples to sort highscores by vocation)?
 	'highscores_vocation' => true, // show player vocation under his nickname?
 	'highscores_frags' => false, // show 'Frags' tab (best fraggers on the server)? Only 0.3
+	'highscores_outfit' => true, // show player outfit?
 	'highscores_country_box' => false, // doesnt work yet! (not implemented)
 	'highscores_groups_hidden' => 4, // this group id and higher won't be shown on the highscores
 
@@ -179,6 +185,7 @@ $config = array(
 		'magic_level' => false,
 		'balance' => false,
 		'marriage_info' => true, // only 0.3
+		'outfit' => true,
 		'creation_date' => true,
 		'quests' => true,
 		'skills' => true,
@@ -212,14 +219,15 @@ $config = array(
 	// other
 	'email_lai_sec_interval' => 60, // time in seconds between e-mails to one account from lost account interface, block spam
 	'google_analytics_id' => '', // e.g.: UA-XXXXXXX-X
-	'experiencetable_columns' => 5, // how many columns to display in experience table page. * 100, 5 = 500 (will show up to 500 level)
+	'experiencetable_columns' => 5, // how many columns to display in experience table page. * experiencetable_rows, 5 = 500 (will show up to 500 level)
+	'experiencetable_rows' => 100, // till how many levels in one column
 
 	'monsters' => array(),
 	'npc' => array()
 );
 
 // download link to client.
-$config['client_download'] = 'http://clients.halfaway.net/windows.php?tibia='. $config['client'] .'';
+$config['client_download'] = 'http://tibia-clients.com/clients/download/'. $config['client'] .'/exe/windows';
-$config['client_download_linux'] = 'http://clients.halfaway.net/linux.php?tibia='. $config['client'] .'';
+$config['client_download_linux'] = 'http://tibia-clients.com/clients/download/'. $config['client'] .'/tar/linux';
 
 ?>

install/includes/locale.php

@@ -18,7 +18,7 @@ else
 	// detect locale
 	$locale_s = get_browser_languages();
 	if(!sizeof($locale_s))
-		$locale__ = 'en';
+		$locale_ = 'en';
 	else
 	{
 		foreach($locale_s as $id => $tmp)

install/includes/schema.sql

@@ -1,9 +1,10 @@
 CREATE TABLE `myaac_account_actions`
 (
   `account_id` INT(11) NOT NULL,
-  `ip` INT(11) NOT NULL,
+  `ip` INT(11) NOT NULL DEFAULT 0,
-  `date` INT(11) NOT NULL,
+  `ipv6` BINARY(16) NOT NULL DEFAULT 0,
-  `action` VARCHAR(255) NOT NULL,
+  `date` INT(11) NOT NULL DEFAULT 0,
+  `action` VARCHAR(255) NOT NULL DEFAULT '',
   KEY (`account_id`)
 ) ENGINE = MyISAM;
 
@@ -60,7 +61,7 @@ CREATE TABLE `myaac_faq`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
 	`question` VARCHAR(255) NOT NULL DEFAULT '',
-	`answer` VARCHAR(1020) NOT NULL,
+	`answer` VARCHAR(1020) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
@@ -105,7 +106,17 @@ CREATE TABLE `myaac_forum`
 	KEY `section` (`section`)
 ) ENGINE = MyISAM;
 
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+
 CREATE TABLE `myaac_monsters` (
+	`id` int(11) NOT NULL AUTO_INCREMENT,
 	`hide_creature` tinyint(1) NOT NULL default '0',
 	`name` varchar(255) NOT NULL,
 	`mana` int(11) NOT NULL,
@@ -119,13 +130,14 @@ CREATE TABLE `myaac_monsters` (
 	`convinceable` tinyint(1) NOT NULL,
 	`race` varchar(255) NOT NULL,
 	`gfx_name` varchar(255) NOT NULL,
-	`file_path` varchar(255) NOT NULL
+	`file_path` varchar(255) NOT NULL,
+	PRIMARY KEY (`id`)
 ) ENGINE = MyISAM;
 
 CREATE TABLE `myaac_movies`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(50) NOT NULL DEFAULT '',
+	`title` VARCHAR(100) NOT NULL DEFAULT '',
 	`youtube_id` VARCHAR(20) NOT NULL,
 	`author` VARCHAR(50) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
@@ -136,8 +148,8 @@ CREATE TABLE `myaac_movies`
 CREATE TABLE `myaac_news`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(50) NOT NULL,
+	`title` VARCHAR(100) NOT NULL,
-	`body` VARCHAR(10000) NOT NULL,
+	`body` TEXT NOT NULL,
 	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticket, 3 - article',
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`category` TINYINT(1) NOT NULL DEFAULT 0,

install/steps/database.php

@@ -66,6 +66,7 @@ if(!$error) {
 			}
 			
 			if(!$error) {
+				registerDatabaseConfig('database_version', DATABASE_VERSION);
 				$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
 				success($locale['step_database_success_schema']);
 			}
@@ -149,12 +150,14 @@ if(!$error) {
 			}
 
 			if(fieldExist('next_email', 'accounts')) {
+				if(!fieldExist('email_next', 'accounts')) {
 					if(query("ALTER TABLE `accounts` CHANGE `next_email` `email_next` INT(11) NOT NULL DEFAULT 0;")) {
 						$tmp = str_replace('$FIELD$', 'accounts.next_email', $locale['step_database_changing_field']);
 						$tmp = str_replace('$FIELD_NEW$', 'accounts.email_next', $tmp);
 						success($tmp);
 					}
 				}
+			}
 			else if(!fieldExist('email_next', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `email_next` INT(11) NOT NULL DEFAULT 0 AFTER `email_code`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_next...');
@@ -193,12 +196,14 @@ if(!$error) {
 			}
 
 			if(fieldExist('hide_char', 'players')) {
+				if(!fieldExist('hidden', 'players')) {
 					if(query("ALTER TABLE `players` CHANGE `hide_char` `hidden` TINYINT(1) NOT NULL DEFAULT 0;")) {
 						$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
 						$tmp = str_replace('$FIELD_NEW$', 'players.hidden', $tmp);
 						success($tmp);
 					}
 				}
+			}
 			else if(!fieldExist('hidden', 'players')) {
 				if(query("ALTER TABLE `players` ADD `hidden` TINYINT(1) NOT NULL DEFAULT 0;"))
 					success($locale['step_database_adding_field'] . ' players.hidden...');
@@ -213,10 +218,10 @@ if(!$error) {
 		if(!$error && (!isset($_SESSION['saved']))) {
 			$content .= '$config[\'installed\'] = true;';
 			$content .= PHP_EOL;
-			if(strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) {
+		//	if(strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) {
-				$content .= '$config[\'friendly_urls\'] = true;';
+		//		$content .= '$config[\'friendly_urls\'] = true;';
-				$content .= PHP_EOL;
+		//		$content .= PHP_EOL;
-			}
+		//	}
 
 			$content .= '$config[\'mail_enabled\'] = true;';
 			$content .= PHP_EOL;

install/steps/finish.php

@@ -62,16 +62,19 @@ else {
 		}
 
 		if($account_db->isLoaded()) {
-			if($config_salt_enabled)
-				$account_db->setSalt($salt);
-			
 			$account_db->setPassword(encrypt($password));
 			$account_db->setEMail($_SESSION['var_mail_admin']);
 			$account_db->save();
+			
+			if($config_salt_enabled)
+				$account_db->setCustomField('salt', $salt);
+			
 			$account_db->setCustomField('web_flags', 3);
 			$account_db->setCustomField('country', 'us');
 			if(fieldExist('group_id', 'accounts'))
 				$account_db->setCustomField('group_id', $groups->getHighestId());
+			if(fieldExist('type', 'accounts'))
+				$account_db->setCustomField('type', 5);
 
 			if(!$player_db->isLoaded())
 				$player->setAccountId($account_db->getId());
@@ -84,18 +87,23 @@ else {
 			$new_account = $ots->createObject('Account');
 			$new_account->create($account);
 			
-			if($config_salt_enabled)
-				$new_account->setSalt($salt);
-			
 			$new_account->setPassword(encrypt($password));
 			$new_account->setEMail($_SESSION['var_mail_admin']);
+			
 			$new_account->unblock();
 			$new_account->save();
+			
+			if($config_salt_enabled)
+				$new_account->setCustomField('salt', $salt);
+			
 			$new_account->setCustomField('created', time());
 			$new_account->setCustomField('web_flags', 3);
 			$new_account->setCustomField('country', 'us');
 			if(fieldExist('group_id', 'accounts'))
 				$new_account->setCustomField('group_id', $groups->getHighestId());
+			if(fieldExist('type', 'accounts'))
+				$new_account->setCustomField('type', 5);
+
 			$new_account->logAction('Account created.');
 			
 			if(!$player_db->isLoaded())
@@ -138,8 +146,8 @@ else {
 	<?php
 
 		if(!isset($_SESSION['installed'])) {
-			file_get_contents('http://my-aac.org/report_install.php?v=' . MYAAC_VERSION);
+			file_get_contents('http://my-aac.org/report_install.php?v=' . MYAAC_VERSION . '&b=' . urlencode(BASE_URL));
-			$_SESSION['installed'] = false;
+			$_SESSION['installed'] = true;
 		}
 
 		foreach($_SESSION as $key => $value) {

plugins/example.json

@@ -0,0 +1,14 @@
+{
+     "name": "Example Plugin",
+	 "description": "This is just an example of a Plugin for MyAAC.",
+     "version": "1.0",
+	 "author": "nobody",
+	 "contact": "nobody@example.org",
+	 "install": "plugins/example/install.php",
+	 "hooks": {
+		"Example Hook": {
+			"type": "BEFORE_PAGE",
+			"file": "plugins/example/before.php"
+		}
+	 }
+ }

system/cache/signatures/.htaccess

@@ -0,0 +1 @@
+deny from all

system/compat_pages.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/counter.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/database.php

@@ -1,8 +1,20 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 
-	if(isset($config['lua']['sqlType'])) // tfs 0.3
+	if(!isset($config['database_type'][0]) || !isset($config['database_user'][0]) || !isset($config['database_password'][0]) || !isset($config['database_name'][0]))
 	{
+		if(isset($config['lua']['sqlType'])) {// tfs 0.3
+			if(isset($config['lua']['mysqlHost'])) {// tfs 0.2
+				$config['otserv_version'] = TFS_02;
+				$config['database_type'] = 'mysql';
+				$config['database_host'] = $config['lua']['mysqlHost'];
+				$config['database_port'] = $config['lua']['mysqlPort'];
+				$config['database_user'] = $config['lua']['mysqlUser'];
+				$config['database_password'] = $config['lua']['mysqlPass'];
+				$config['database_name'] = $config['lua']['mysqlDatabase'];
+				$config['database_encryption'] = $config['lua']['passwordType'];
+			}
+			else {
 				$config['otserv_version'] = TFS_03;
 				$config['database_type'] = $config['lua']['sqlType'];
 				$config['database_host'] = $config['lua']['sqlHost'];
@@ -15,7 +27,8 @@ defined('MYAAC') or die('Direct access not allowed!');
 				if(!isset($config['database_encryption']) || empty($config['database_encryption'])) // before 0.3.6
 					$config['database_encryption'] = $config['lua']['passwordType'];
 			}
-	else if(isset($config['lua']['mysqlHost'])) // tfs 0.2/1.0
+		}
+		else if(isset($config['lua']['mysqlHost'])) // tfs 1.0
 		{
 			$config['otserv_version'] = TFS_02;
 			$config['database_type'] = 'mysql';
@@ -50,6 +63,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 			$config['database_encryption'] = isset($config['lua']['passwordtype']) ? $config['lua']['passwordtype'] : $config['lua']['password_type'];
 			$config['database_salt'] = isset($config['lua']['passwordsalt']) ? $config['lua']['passwordsalt'] : $config['lua']['password_salt'];
 		}
+	}
 
 	if(isset($config['lua']['useMD5Passwords']) && getBoolean($config['lua']['useMD5Passwords']))
 		$config['database_encryption'] = 'md5';

system/events.php

@@ -1,61 +0,0 @@
-<?php
-/**
- * Events system
- *
- * @package   MyAAC
- * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2017 MyAAC
- * @version   0.0.3
- * @link      http://my-aac.org
- */
-defined('MYAAC') or die('Direct access not allowed!');
-class Event
-{
-	private $_name, $_type, $_callback;
-
-	public function __construct($name, $type, $callback) {
-		$this->_name = $name;
-		$this->_type = $type;
-		$this->_callback = $callback;
-	}
-
-	public function execute($params)
-	{
-		$ret = false;
-		if(is_callable($this->_callback))
-		{
-			$tmp = $this->_callback;
-			$ret = $tmp($params);
-		}
-
-		return $ret;
-	}
-
-	public function name() {return $this->_name;}
-	public function type() {return $this->_type;}
-}
-
-class Events
-{
-	private static $_events = array();
-
-	public function register($event, $type = '', $callback = null) {
-		if(!($event instanceof Event))
-			$event = new Event($event, $type, $callback);
-
-		self::$_events[$event->type()][] = $event;
-	}
-
-	public function trigger($type, $params = array())
-	{
-		$ret = true;
-		if(isset(self::$_events[$type]))
-		{
-			foreach(self::$_events[$type] as $name => $event)
-				$ret = $event->execute($params);
-		}
-
-		return $ret;
-	}
-}
-?>

system/functions.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -148,7 +148,7 @@ function getItemImage($id, $count = 1)
 		$file_name .= '-' . $count;
 
 	global $config;
-	return '<img src="images/items/' . $file_name . '.gif" width="32" height="32" border="0" alt=" ' .$id . '" />';
+	return '<img src="' . $config['item_images_url'] . $file_name . '.gif" width="32" height="32" border="0" alt=" ' .$id . '" />';
 }
 
 function getFlagImage($country)
@@ -255,7 +255,7 @@ function fetchDatabaseConfig($name, &$value)
  */
 function getDatabaseConfig($name)
 {
-	$value = '';
+	$value = NULL;
 	fetchDatabaseConfig($name, $value);
 	return $value;
 }
@@ -379,12 +379,12 @@ function delete_guild($id)
 		
 		global $db, $ots;
 		foreach($rank_list as $rank_in_guild) {
-			if(fieldExist('rank_id', 'players'))
+			if(tableExist('guild_members'))
-				$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank->getId() . ' AND `deleted` = 0;');
-			else if(tableExist('guild_members'))
 				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` ORDER BY `name`;');
-			else
+			else if(tableExist('guild_membership'))
 				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_membership`.`rank_id` as `rank_id` FROM `players`, `guild_membership` WHERE `guild_membership`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_membership`.`player_id` ORDER BY `name`;');
+			else
+				$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank_in_guild->getId() . ' AND `deleted` = 0;');
 
 			$players_with_rank_number = $players_with_rank->rowCount();
 			if($players_with_rank_number > 0) {
@@ -598,6 +598,22 @@ function check_name_new_char($name, &$error = '')
 		}
 	}
 
+	$player = new OTS_Player();
+	$player->find($name);
+	if($player->isLoaded()) {
+		$error = 'Player with this name already exist.';
+		return false;
+	}
+
+	//check if was namelocked previously
+	if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
+		$namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
+		if($namelock->rowCount() > 0) {
+			$error =  'Character with this name has been namelocked.';
+			return false;
+		}
+	}
+			
 	$monsters = $db->query(
 			'SELECT ' . $db->fieldName('name') .
 			' FROM ' . $db->tableName(TABLE_PREFIX . 'monsters') .
@@ -808,8 +824,8 @@ function template_header($is_admin = false)
 	</noscript>
 ';
 	if(admin())
-		$ret .= '<script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>
+		$ret .= '<!--script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>
-	<!--script type="text/javascript" src="' . BASE_URL . 'tools/jquery.qtip.js" ></script>
+	<script type="text/javascript" src="' . BASE_URL . 'tools/jquery.qtip.js" ></script>
 	<script type="text/javascript" src="' . BASE_URL . 'tools/admin.js"></script-->
 ';
 	if($config['recaptcha_enabled'])
@@ -852,18 +868,17 @@ function template_ga_code()
 	if(!isset($config['google_analytics_id'][0]))
 		return '';
 
-	return '
+	return "
-<script type="text/javascript">
+<script>
-	var _gaq = _gaq || [];
+  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
-	_gaq.push([\'_setAccount\', \'' . $config['google_analytics_id'] . '\']);
+  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
-	_gaq.push([\'_trackPageview\']);
+  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
+  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
 
-	(function() {
+  ga('create', '" . $config['google_analytics_id'] . "', 'auto');
-	var ga = document.createElement(\'script\'); ga.type = \'text/javascript\'; ga.async = true;
+  ga('send', 'pageview');
-	ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';
+
-	var s = document.getElementsByTagName(\'script\')[0]; s.parentNode.insertBefore(ga, s);
+</script>";
-	})();
-</script>';
 }
 
 function template_form()
@@ -1134,7 +1149,7 @@ function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
 	global $mailer, $config;
 	if(!$mailer)
 	{
-		require(SYSTEM . 'libs/phpmailer/class.phpmailer.php');
+		require(SYSTEM . 'libs/phpmailer/PHPMailerAutoload.php');
 		$mailer = new PHPMailer();
 	}
 
@@ -1199,14 +1214,14 @@ function load_config_lua($filename)
 	if(!@file_exists($config_file))
 		die('ERROR: Cannot find ' . $filename . ' file.');
 
-	$tempFile = tempnam('/tmp', 'lua');
+	$tempFile = @tempnam('/tmp', 'lua');
 	$file = fopen($tempFile, 'w');
 	if(!$file) die('Cannot load server config!');
 
 	// TODO: new parser that will also load dofile() includes
 
 	// strip lua comments to prevent parsing errors
-	fwrite($file, preg_replace('/(-)(-) (.*)/', '', file_get_contents($config_file)));
+	fwrite($file, preg_replace('/(-)(-)(.*)/', '', file_get_contents($config_file)));
 	fclose($file);
 
 	$result = array_merge(parse_ini_file($tempFile, true), isset($config['lua']) ? $config['lua'] : array());

system/hooks.php

@@ -0,0 +1,92 @@
+<?php
+/**
+ * Events system
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @version   0.2.4
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+define('HOOK_STARTUP', 1);
+define('HOOK_BEFORE_PAGE', 2);
+define('HOOK_AFTER_PAGE', 3);
+define('HOOK_FINISH', 4);
+define('HOOK_TIBIACOM_ARTICLE', 5);
+define('HOOK_TIBIACOM_BORDER_3', 6);
+define('HOOK_FIRST', HOOK_STARTUP);
+define('HOOK_LAST', HOOK_TIBIACOM_BORDER_3);
+
+$hook_types = array(
+	'STARTUP' => HOOK_STARTUP,
+	'BEFORE_PAGE' => HOOK_BEFORE_PAGE,
+	'AFTER_PAGE' => HOOK_AFTER_PAGE,
+	'FINISH' => HOOK_FINISH,
+	'TIBIACOM_ARTICLE' => HOOK_TIBIACOM_ARTICLE,
+	'TIBIACOM_BORDER_3' => HOOK_TIBIACOM_BORDER_3
+);
+
+class Hook
+{
+	private $_name, $_type, $_file;
+
+	public function __construct($name, $type, $file) {
+		$this->_name = $name;
+		$this->_type = $type;
+		$this->_file = $file;
+	}
+
+	public function execute($params)
+	{
+		/*if(is_callable($this->_callback))
+		{
+			$tmp = $this->_callback;
+			$ret = $tmp($params);
+		}*/
+		
+		global $db, $config, $template_path, $ots;
+		if(file_exists(BASE . $this->_file)) {
+			require(BASE . $this->_file);
+		}
+
+		return true;
+	}
+
+	public function name() {return $this->_name;}
+	public function type() {return $this->_type;}
+}
+
+class Hooks
+{
+	private static $_hooks = array();
+
+	public function register($hook, $type = '', $file = null) {
+		if(!($hook instanceof Hook))
+			$hook = new Hook($hook, $type, $file);
+
+		self::$_hooks[$hook->type()][] = $hook;
+	}
+
+	public function trigger($type, $params = array())
+	{
+		$ret = true;
+		if(isset(self::$_hooks[$type]))
+		{
+			foreach(self::$_hooks[$type] as $name => $hook)
+				$ret = $hook->execute($params);
+		}
+
+		return $ret;
+	}
+	
+	public function load()
+	{
+		global $db;
+		$hooks = $db->query('SELECT `name`, `type`, `file` FROM `' . TABLE_PREFIX . 'hooks`;');
+		foreach($hooks as $hook)
+			$this->register($hook['name'], $hook['type'], $hook['file']);
+	}
+}
+?>

system/init.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -123,11 +123,11 @@ if($cache->enabled() && $cache->fetch('vocations', $tmp)) {
 }
 else {
 	$vocations = new DOMDocument();
-	$path_extra = 'XML/';
+	$file = $config['data_path'] . 'XML/vocations.xml';
-	if($config['otserv_version'] >= OTSERV_FIRST && $config['otserv_version'] <= OTSERV_LAST)
+	if(!@file_exists($file))
-		$path_extra = '';
+		$file = $config['data_path'] . 'vocations.xml';
 
-	$vocations->load($config['data_path'] . $path_extra . 'vocations.xml');
+	$vocations->load($file);
 
 	if(!$vocations)
 		die('ERROR: Cannot load <i>vocations.xml</i> file.');
@@ -135,10 +135,7 @@ else {
 	$config['vocations'] = array();
 	foreach($vocations->getElementsByTagName('vocation') as $vocation) {
 		$id = $vocation->getAttribute('id');
-		//if($id == $vocation->getAttribute('fromvoc'))
 		$config['vocations'][$id] = $vocation->getAttribute('name');
-		//else
-		//	$config['vocations'][$id] = $vocation->getAttribute('name');
 	}
 
 	if($cache->enabled()) {

system/item.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_apc.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_eaccelerator.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_file.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -63,7 +63,7 @@ class Cache_File
 	}
 
 	private function _name($key) {
-		return sprintf("%s/%s%s", $this->dir, $this->prefix, sha1($key));
+		return sprintf("%s%s%s", $this->dir, $this->prefix, sha1($key));
 	}
 }
 ?>

system/libs/cache_xcache.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/data.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/items.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/pot/OTS_Account.php

@@ -187,9 +187,6 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
  */
     public function find($name)
     {
-		if(check_number($name))
-			$this->load((int)$name);
-		
         // finds player's ID
         $id = $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($name) )->fetch();
 
@@ -311,6 +308,25 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
         return $this->data['web_flags'];
     }
 
+	public function hasFlag($flag)
+	{
+		if(!isset($this->data['web_flags'])) {
+			throw new E_OTS_NotLoaded();
+		}
+
+		return ($this->data['web_flags'] & $flag) == $flag;
+	}
+	
+	public function isAdmin()
+	{
+		return $this->hasFlag(FLAG_ADMIN) || $this->isSuperAdmin();
+	}
+
+	public function isSuperAdmin()
+	{
+		return $this->hasFlag(FLAG_SUPER_ADMIN);
+	}
+
     public function getPremDays()
     {
         if( !isset($this->data['lastday']) )
@@ -756,11 +772,18 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			$this->data['banned'] = isset($ban['expires_at']);
 			$this->data['banned_time'] = $ban['expires_at'];
 		}
-		else {
+		else if(tableExist('bans')) {
+			if(fieldExist('active', 'bans')) {
 				$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
 				$this->data['banned'] = $ban['active'];
 				$this->data['banned_time'] = $ban['expires'];
 			}
+			else { // tfs 0.2
+				$ban = $this->db->query('SELECT `time` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `account` = ' . $this->data['id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
+				$this->data['banned'] = $ban['time'] == -1 || $ban['time'] > 0;
+				$this->data['banned_time'] = $ban['time'];
+			}
+		}
     }
 
 /**
@@ -829,11 +852,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
 	public function getGroupId()
 	{
-		global $groups;
+		global $db;;
-		if(!isset($groups))
-			$groups = new OTS_Groups_List();
-
-		$group_id = 0;
 		if(fieldExist('group_id', 'accounts')) {
 			$query = $this->db->query('SELECT `group_id` FROM `accounts` WHERE `id` = ' . (int) $this->getId())->fetch();
 			// if anything was found
@@ -841,19 +860,11 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 				return $query['group_id'];
 		}
 		
-        // finds groups of all characters
+		$db->query('SELECT `group_id` FROM `players` WHERE `account_id` = ' . $this->getId() . ' ORDER BY `group_id` DESC LIMIT 1')->fetch();
-        foreach( $this->getPlayersList() as $player)
+		if(isset($query['group_id']))
-        {
+			return $query['group_id'];
-            $group = $player->getGroup();
 		
-            // checks if group's access level is higher then previouls found highest
+		return 0;
-            if( $group->getId() > $group_id)
-            {
-                $group_id = $group->getId();
-            }
-        }
-		
-		return $group_id;
 	}
 
 /**
@@ -885,23 +896,31 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
 	public function logAction($action)
 	{
-		$ip = '127.0.0.1';
+		$ip = '0';
-		if(isset($_SERVER['REMOTE_ADDR']) && !empty(($_SERVER['REMOTE_ADDR'])))
+		if(isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR']))
 			$ip = $_SERVER['REMOTE_ADDR'];
-		else if(isset($_SERVER['HTTP_CLIENT_IP']) && !empty(($_SERVER['HTTP_CLIENT_IP'])))
+		else if(isset($_SERVER['HTTP_CLIENT_IP']) && !empty($_SERVER['HTTP_CLIENT_IP']))
 			$ip = $_SERVER['HTTP_CLIENT_IP'];
-		else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty(($_SERVER['HTTP_X_FORWARDED_FOR'])))
+		else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']))
 			$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 			
-		return $this->db->query('INSERT INTO ' . $this->db->tableName(TABLE_PREFIX . 'account_actions') . ' (' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('ip') . ', ' . $this->db->fieldName('date') . ', ' . $this->db->fieldName('action') . ') VALUES (' . $this->db->quote($this->getId()).', INET_ATON(' . $this->db->quote($ip) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
+		if(strpos($ip, ":") === false) {
+			$ipv6 = '0';
+		}
+		else {
+			$ipv6 = $ip;
+			$ip = '';
+		}
+
+		return $this->db->query('INSERT INTO `' . TABLE_PREFIX . 'account_actions` (`account_id`, `ip`, `ipv6`, `date`, `action`) VALUES (' . $this->db->quote($this->getId()).', (' . $this->db->quote(ip2long($ip)) . '), (' . ($ipv6 == '0' ? $this->db->quote('') : $this->db->quote(inet_pton($ipv6))) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
 	}
 
 	public function getActionsLog($limit1, $limit2)
 	{
 		$actions = array();
 
-		foreach($this->db->query('SELECT ' . $this->db->fieldName('ip') . ', ' . $this->db->fieldName('date') . ', ' . $this->db->fieldName('action') . ' FROM ' . $this->db->tableName(TABLE_PREFIX . 'account_actions') . ' WHERE ' . $this->db->fieldName('account_id') . ' = ' . $this->data['id'] . ' ORDER by ' . $this->db->fieldName('date') . ' DESC LIMIT ' . $limit1 . ', ' . $limit2 . '')->fetchAll() as $a)
+		foreach($this->db->query('SELECT `ip`, `ipv6`, `date`, `action` FROM `' . TABLE_PREFIX . 'account_actions` WHERE `account_id` = ' . $this->data['id'] . ' ORDER by `date` DESC LIMIT ' . $limit1 . ', ' . $limit2 . '')->fetchAll() as $a)
-			$actions[] = array('ip' => $a['ip'], 'date' => $a['date'], 'action' => $a['action']);
+			$actions[] = array('ip' => $a['ip'], 'ipv6' => $a['ipv6'], 'date' => $a['date'], 'action' => $a['action']);
 
 		return $actions;
 	}

system/libs/pot/OTS_Base_DB.php

@@ -97,6 +97,7 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
     public function query($query)
     {
         $this->queries++;
+		//echo $query . PHP_EOL;
         return parent::query($query);
     }
 

system/libs/pot/OTS_GuildRank.php

@@ -176,7 +176,7 @@ class OTS_GuildRank extends OTS_Row_DAO implements IteratorAggregate, Countable
     {
         if( !isset($this->data['guild_id']) )
         {
-            throw new E_OTS_NotLoaded();
+            return new OTS_Guild();
         }
 
         $guild = new OTS_Guild();

system/libs/pot/OTS_Monster.php

@@ -39,6 +39,16 @@
  */
 class OTS_Monster extends DOMDocument
 {
+	private $loaded = false;
+	public function loadXML($source , $options = 0)
+	{
+		$this->loaded = parent::loadXML($source, $options);
+	}
+	
+	public function loaded()
+	{
+		return $this->loaded;
+	}
 /**
  * Returns monster name.
  * 

system/libs/pot/OTS_MonstersList.php

@@ -117,7 +117,8 @@ class OTS_MonstersList implements Iterator, Countable, ArrayAccess
         {
             // loads file
             $monster = new OTS_Monster();
-            $monster->load($this->monstersPath . $this->monsters[$name]);
+			//echo $this->monstersPath . $this->monsters[$name];
+            $monster->loadXML(trim(file_get_contents($this->monstersPath . $this->monsters[$name])));
             return $monster;
         }
 

system/libs/pot/OTS_Player.php

@@ -1,4 +1,21 @@
 <?php
+$__load = array();
+/*
+	'loss_experience' => NULL,
+	'loss_items' => NULL,
+	'guild_info' => NULL,
+	'skull_type' => NULL,
+	'skull_time' => NULL,
+	'blessings' => NULL,
+	'direction' => NULL,
+	'stamina' => NULL,
+	'world_id' => NULL,
+	'online' => NULL,
+	'deletion' => NULL,
+	'promotion' => NULL,
+	'marriage' => NULL
+);*/
+
 /**#@+
  * @version 0.0.1
  */
@@ -91,7 +108,6 @@ class OTS_Player extends OTS_Row_DAO
 		POT::SKILL_SHIELD => array('value' => 0, 'tries' => 0),
 		POT::SKILL_FISH => array('value' => 0, 'tries' => 0)
 	);
-
 /**
  * Magic PHP5 method.
  *
@@ -114,29 +130,85 @@ class OTS_Player extends OTS_Row_DAO
  * @throws PDOException On PDO operation error.
  */
     public function load($id)
+    {
+		global $__load;
+
+		if(!isset($__load['loss_experience']))
 		{
 			$loss = '';
 			if(fieldExist('loss_experience', 'players')) {
-			$loss = ', `loss_experience`, `loss_mana`, `loss_skills`, `loss_items`, `loss_containers`';
+				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
 			}
 
+			$__load['loss_experience'] = $loss;
+		}
+
+		if(!isset($__load['loss_items']))
+		{
+			$loss_items = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items`, `loss_containers`';
+			}
+
+			$__load['loss_items'] = $loss_items;
+		}
+
+		if(!isset($__load['guild_info']))
+		{
 			$guild_info = '';
 			if(!tableExist('guild_members') && fieldExist('guildnick', 'players')) {
 				$guild_info = ', `guildnick`, `rank_id`';
 			}
 
+			$__load['guild_info'] = $guild_info;
+		}
+		
+		if(!isset($__load['skull_type']))
+		{
 			$skull_type = 'skull';
 			if(fieldExist('skull_type', 'players')) {
 				$skull_type = 'skull_type';
 			}
 
+			$__load['skull_type'] = $skull_type;
+		}
+
+		if(!isset($__load['skull_time']))
+		{
 			$skull_time = 'skulltime';
 			if(fieldExist('skull_time', 'players')) {
 				$skull_time = 'skull_time';
 			}
 		
+			$__load['skull_time'] = $skull_time;
+		}
+
+		if(!isset($__load['blessings'])) {
+			$__load['blessings'] = fieldExist('blessings', 'players');
+		}
+		if(!isset($__load['direction'])) {
+			$__load['direction'] = fieldExist('direction', 'players');
+		}
+		if(!isset($__load['stamina'])) {
+			$__load['stamina'] = fieldExist('stamina', 'players');
+		}
+		if(!isset($__load['world_id'])) {
+			$__load['world_id'] = fieldExist('world_id', 'players');
+		}
+		if(!isset($__load['online'])) {
+			$__load['online'] = fieldExist('online', 'players');
+		}
+		if(!isset($__load['deletion'])) {
+			$__load['deletion'] = fieldExist('deletion', 'players');
+		}
+		if(!isset($__load['promotion'])) {
+			$__load['promotion'] = fieldExist('promotion', 'players');
+		}
+		if(!isset($__load['marriage'])) {
+			$__load['marriage'] = fieldExist('marriage', 'players');
+		}
         // SELECT query on database
-        $this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . (fieldExist('lookaddons', 'players') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull`' . $guild_info . ', `town_id`' . $loss . ', `balance`' . (fieldExist('blessings', 'players') ? ', `blessings`' : '') . (fieldExist('direction', 'players') ? ', `direction`' : '') . (fieldExist('stamina', 'players') ? ', `stamina`' : '') . (fieldExist('world_id', 'players') ? ', `world_id`' : '') . (fieldExist('online', 'players') ? ', `online`' : '') . ', `' . (fieldExist('deletion', 'players') ? 'deletion' : 'deleted') . '`' . (fieldExist('promotion', 'players') ? ', `promotion`' : '') . (fieldExist('marriage', 'players') ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
+        $this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . (fieldExist('lookaddons', 'players') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 
 		if(!isset($this->data['guildnick']) || $this->data['guildnick'])
 			$this->data['guildnick'] = '';
@@ -145,8 +217,9 @@ class OTS_Player extends OTS_Row_DAO
 			$this->data['rank_id'] = 0;
 
 		if(isset($this->data['promotion'])) {
+			global $config;
 			if((int)$this->data['promotion'] > 0)
-				$this->data['vocation'] + ($this->data['promotion'] * 4);
+				$this->data['vocation'] += ($this->data['promotion'] * $config['vocations_amount']);
 		}
         // loads skills
         if( $this->isLoaded() )
@@ -278,7 +351,12 @@ class OTS_Player extends OTS_Row_DAO
         {
 			$loss = '';
 			if(fieldExist('loss_experience', 'players')) {
-				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'] . ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
+				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'];
+			}
+			
+			$loss_items = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
 			}
 			
 			$guild_info = '';
@@ -307,7 +385,7 @@ class OTS_Player extends OTS_Row_DAO
 			}
 			
             // UPDATE query on database
-            $this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->data['lastip'] . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
+            $this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->data['lastip'] . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . $loss_items . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
         }
         // creates new player
         else
@@ -315,8 +393,15 @@ class OTS_Player extends OTS_Row_DAO
 			$loss = '';
 			$loss_data = '';
 			if(fieldExist('loss_experience', 'players')) {
-				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`, `loss_items`, `loss_containers`';
+				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
-				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'] . ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
+				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'];
+			}
+
+			$loss_items = '';
+			$loss_items_data = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items`, `loss_containers`';
+				$loss_items_data = ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
 			}
 
 			$guild_info = '';
@@ -362,7 +447,7 @@ class OTS_Player extends OTS_Row_DAO
 			}
 			
             // INSERT query on database
-            $this->db->query('INSERT INTO ' . $this->db->tableName('players') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('group_id') . ', ' . $this->db->fieldName('sex') . ', ' . $this->db->fieldName('vocation') . ', ' . $this->db->fieldName('experience') . ', ' . $this->db->fieldName('level') . ', ' . $this->db->fieldName('maglevel') . ', ' . $this->db->fieldName('health') . ', ' . $this->db->fieldName('healthmax') . ', ' . $this->db->fieldName('mana') . ', ' . $this->db->fieldName('manamax') . ', ' . $this->db->fieldName('manaspent') . ', ' . $this->db->fieldName('soul') . ', ' . $this->db->fieldName('lookbody') . ', ' . $this->db->fieldName('lookfeet') . ', ' . $this->db->fieldName('lookhead') . ', ' . $this->db->fieldName('looklegs') . ', ' . $this->db->fieldName('looktype') . $lookaddons . ', ' . $this->db->fieldName('posx') . ', ' . $this->db->fieldName('posy') . ', ' . $this->db->fieldName('posz') . ', ' . $this->db->fieldName('cap') . ', `lastlogin`, `lastlogout`, ' . $this->db->fieldName('lastip') . ', ' . $this->db->fieldName('save') . ', ' . $this->db->fieldName('conditions') . ', `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', ' . $this->db->fieldName('town_id') . $loss . ', `balance`' . $blessings . $stamina . $direction . ', ' . $this->db->fieldName('created') . $promotion . ') VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ')');
+            $this->db->query('INSERT INTO ' . $this->db->tableName('players') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('group_id') . ', ' . $this->db->fieldName('sex') . ', ' . $this->db->fieldName('vocation') . ', ' . $this->db->fieldName('experience') . ', ' . $this->db->fieldName('level') . ', ' . $this->db->fieldName('maglevel') . ', ' . $this->db->fieldName('health') . ', ' . $this->db->fieldName('healthmax') . ', ' . $this->db->fieldName('mana') . ', ' . $this->db->fieldName('manamax') . ', ' . $this->db->fieldName('manaspent') . ', ' . $this->db->fieldName('soul') . ', ' . $this->db->fieldName('lookbody') . ', ' . $this->db->fieldName('lookfeet') . ', ' . $this->db->fieldName('lookhead') . ', ' . $this->db->fieldName('looklegs') . ', ' . $this->db->fieldName('looktype') . $lookaddons . ', ' . $this->db->fieldName('posx') . ', ' . $this->db->fieldName('posy') . ', ' . $this->db->fieldName('posz') . ', ' . $this->db->fieldName('cap') . ', `lastlogin`, `lastlogout`, ' . $this->db->fieldName('lastip') . ', ' . $this->db->fieldName('save') . ', ' . $this->db->fieldName('conditions') . ', `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', ' . $this->db->fieldName('town_id') . $loss . $loss_items . ', `balance`' . $blessings . $stamina . $direction . ', ' . $this->db->fieldName('created') . $promotion . ') VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . $loss_items_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ')');
             // ID of new group
             $this->data['id'] = $this->db->lastInsertId();
         }
@@ -388,7 +473,6 @@ class OTS_Player extends OTS_Row_DAO
 				
 				if($id != $i - 1)
 					$set .= ',';
-					
 			}
 
 			$skills = $this->db->query('UPDATE `players` SET ' . $set . ' WHERE `id` = ' . $this->data['id']);
@@ -1784,12 +1868,12 @@ class OTS_Player extends OTS_Row_DAO
     public function setGuildNick($guildnick)
     {
         $this->data['guildnick'] = (string) $guildnick;
-		if(fieldExist('guildnick', 'players'))
+		if(tableExist('guild_members'))
-			$this->db->query('UPDATE `players` SET `guildnick` = ' . $this->db->quote($this->data['guildnick']) . ' WHERE `id` = ' . $this->getId());
-		else if(tableExist('guild_members'))
 			$this->db->query('UPDATE `guild_members` SET `nick` = ' . $this->db->quote($this->data['guildnick']) . ' WHERE `player_id` = ' . $this->getId());
-		else
+		else if(tableExist('guild_membership'))
 			$this->db->query('UPDATE `guild_membership` SET `nick` = ' . $this->db->quote($this->data['guildnick']) . ' WHERE `player_id` = ' . $this->getId());
+		else if(fieldExist('guildnick', 'players'))
+			$this->db->query('UPDATE `players` SET `guildnick` = ' . $this->db->quote($this->data['guildnick']) . ' WHERE `id` = ' . $this->getId());
   }
 
 /**
@@ -1823,22 +1907,28 @@ class OTS_Player extends OTS_Row_DAO
     public function getRank()
     {
 		$rank_id = 0;
-		if(fieldExist('rank_id', 'players')) {
+		if(tableExist('guild_members')) {
-			$query = $this->db->query('SELECT `rank_id` FROM `players` WHERE `id`= ' . $this->data['id'] . ';')->fetch();
+			$query = $this->db->query('SELECT `rank_id` FROM `guild_members` WHERE `player_id`= ' . $this->data['id'] . ' LIMIT 1;');
-			$rank_id = $query['rank_id'];
-		} else {
-			$table = 'guild_membership';
-			if(tableExist('guild_members'))
-				$table = 'guild_members';
-
-			$query = $this->db->query('SELECT `rank_id` FROM `' . $table . '` WHERE `player_id`= ' . $this->data['id'] . ' LIMIT 1;');
 			if($query->rowCount() == 1) {
 				$query = $query->fetch();
 				$rank_id = $query['rank_id'];
 			}
 		}
+		else if(tableExist('guild_membership')) {
+			$query = $this->db->query('SELECT `rank_id` FROM `guild_membership` WHERE `player_id`= ' . $this->data['id'] . ' LIMIT 1;');
+			if($query->rowCount() == 1) {
+				$query = $query->fetch();
+				$rank_id = $query['rank_id'];
+			}
+		}
+		else if(fieldExist('rank_id', 'players')) {
+			$query = $this->db->query('SELECT `rank_id` FROM `players` WHERE `id`= ' . $this->data['id'] . ';')->fetch();
+			$rank_id = $query['rank_id'];
+		}
 
-		if($rank_id == 0) return new OTS_GuildRank();;
+		if($rank_id == 0) {
+			return new OTS_GuildRank();
+		}
 
         $guildRank = new OTS_GuildRank();
         $guildRank->load($rank_id);
@@ -2084,7 +2174,7 @@ class OTS_Player extends OTS_Row_DAO
             throw new E_OTS_NotLoaded();
         }
 
-        return $this->data['loss_items'];
+        return $this->data['loss_containers'];
     }
     public function setLossContainers($loss_containers)
     {

system/libs/pot/OTS_ServerInfo.php

@@ -75,7 +75,10 @@ class OTS_ServerInfo
             fwrite($socket, $packet);
 
             // reads respond
-            $data = stream_get_contents($socket);
+            //$data = stream_get_contents($socket);
+			$data = ''; 
+			while (!feof($socket))
+				$data .= fgets($socket, 1024);
 
             // closing connection to current server
             fclose($socket);
@@ -121,7 +124,9 @@ class OTS_ServerInfo
         {
             // loads respond XML
             $info = new OTS_InfoRespond();
-            $info->loadXML( $status->getBuffer() );
+            if(!$info->loadXML( utf8_encode($status->getBuffer())))
+				return false;
+
             return $info;
         }
 

system/libs/timer.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/validator.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/visitors.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/locale/sv/.htaccess

@@ -0,0 +1 @@
+deny from all

system/locale/sv/admin.php

@@ -0,0 +1,9 @@
+<?php
+/**
+ * swedish language file
+ * admin.php
+ *
+ * @author Sizaro <sizaro@live.se>
+ */
+$locale['title'] = 'MyAAC Admin';
+?>

system/locale/sv/install.php

@@ -0,0 +1,93 @@
+<?php
+/**
+ * swedish language file
+ * install.php
+ *
+ * @author Sizaro <sizaro@live.se>
+ */
+$locale['installation'] = 'Installation';
+$locale['steps'] = 'Steg';
+
+$locale['previous'] = 'Föregående';
+$locale['next'] = 'Nästa';
+
+$locale['on'] = 'På';
+$locale['off'] = 'Av';
+
+$locale['loaded'] = 'Laddad';
+$locale['not_loaded'] = 'Inte Laddad';
+
+$locale['please_fill_all'] = 'Vänligen fyll i allt!';
+$locale['already_installed'] = 'MyAAC är redan installerat. Vänligen ta bort <b>install/<b/> mappen.';
+
+// welcome
+$locale['step_welcome'] = 'Välkommen';
+$locale['step_welcome_title'] = 'Välkommen till installatören';
+$locale['step_welcome_desc'] = 'Välj det språk du vill se installatören med';
+
+// license
+$locale['step_license'] = 'Licens';
+$locale['step_license_title'] = 'GNU/GPL Licens';
+
+// requirements
+$locale['step_requirements'] = 'Krav';
+$locale['step_requirements_title'] = 'Kravskontroll';
+$locale['step_requirements_php_version'] = 'PHP Version';
+$locale['step_requirements_write_perms'] = 'Skriv behörigheter';
+$locale['step_requirements_failed'] = 'Installation kommer att inaktiveras tills dessa krav följts. </ B> <br/> Mer information finns i filen <b>README</b>.';
+$locale['step_requirements_extension'] = '$EXTENSION$ PHP extension';
+
+// config
+$locale['step_config'] = 'Konfiguration';
+$locale['step_config_title'] = 'Grundläggande konfiguration';
+$locale['step_config_server_path'] = 'Server mapp';
+$locale['step_config_server_path_desc'] = 'Mappen som innhåller exe filen till The Forgotten Server, där du har din config.lua.';
+$locale['step_config_mail_admin'] = 'Admin E-Post';
+$locale['step_config_mail_admin_desc'] = 'Adress där E-Post från kontaktförmolär kommer att leveraras, till exempel <i>admin@gmail.com</i>';
+
+$locale['step_config_mail_admin_error'] = 'Admin E-Post är inte korrekt.';
+$locale['step_config_mail_address'] = 'Server E-Post';
+$locale['step_config_mail_address_desc'] = 'Adress som kommer att användas för utgående email (från:), till exempel <i>no-reply@your-server.org</i>';
+
+$locale['step_config_mail_address_error'] = 'Server E-Post är inte korrekt.';
+$locale['step_config_client'] = 'Klientversion';
+$locale['step_config_client_desc'] = 'Används för nerladdningssidan och teman.';
+
+// database
+$locale['step_database'] = 'Importera schema';
+$locale['step_database_title'] = 'Importera MySQL schema';
+$locale['step_database_importing'] = 'Din databas är MySQL. Importerar schema nu...';
+$locale['step_database_error_path'] = 'Ange server mapp.';
+$locale['step_database_error_config'] = 'Kan inte hitta konfigurations fil. Är din server mapp korrekt? Gå tillbaka och kolla igen.';
+$locale['step_database_error_database_empty'] = 'Kan inte bestämma databas typ från config.lua. Din OTS stöds inte av MyAAC.';
+$locale['step_database_error_only_mysql'] = 'Denna AAC stöder endast MySQL. Från din konfigurationsfil verkar det som att din OTS använder: $DATABASE_TYPE$ databastypen. Var vänligen ändra din databas till MySQL och följ instruktionerna i installationen igen.';
+$locale['step_database_error_table'] = 'Tabell $TABLE$ finns inte. Importera din OTS databas schema först.';
+$locale['step_database_error_table_exist'] = 'Tabell $TABLE$ finns redan. Ser ut som att din AAC redan är installerad. Hoppar över importering av MySQL schema.';
+$locale['step_database_error_schema'] = 'Fel vid import av schema:';
+$locale['step_database_success_schema'] = 'Lyckades installera $PREFIX$ tabeller.';
+$locale['step_database_error_file'] = '$FILE$ kunde inte öppnas. Kopiera innehållet och klistra in här:';
+$locale['step_database_adding_field'] = 'Lägger till fält';
+$locale['step_database_modifying_field'] = 'Ändrar fält';
+$locale['step_database_changing_field'] = 'Ändrar $FIELD$ till $FIELD_NEW$...';
+$locale['step_database_imported_players'] = 'Importerar spelarprover...';
+$locale['step_database_created_account'] = 'Skapade admin konto...';
+
+// admin account
+$locale['step_admin'] = 'Admin Konto';
+$locale['step_admin_title'] = 'Skapa Admin Konto';
+$locale['step_admin_account'] = 'Admin konto namn';
+$locale['step_admin_account_desc'] = 'Namn på ditt admin konto som kommer att användas för att logga in på hemsidan och servern.';
+$locale['step_admin_account_id'] = 'Admin konto ID';
+$locale['step_admin_account_id_desc'] = 'ID på ditt admin konto som kommer att användas för att logga in på hemsidan och servern.';
+$locale['step_admin_password'] = 'Admin konto lösenord';
+$locale['step_admin_password_desc'] = 'Lösenordet till ditt admin konto.';
+
+// finish
+$locale['step_finish_admin_panel'] = 'Admin Panelen';
+$locale['step_finish_homepage'] = 'hemsida';
+$locale['step_finish'] = 'Klar';
+$locale['step_finish_title'] = 'Installationen klar!';
+$locale['step_finish_desc'] = 'Grattis! <b>MyAAC</b> är redo att användas!<br/>Du kan logga in på $ADMIN_PANEL$, eller titta till $HOMEPAGE$.<br/><br/>
+<font color="red">Var vänligen ta bort installations mappen.</font><br/><br/>
+Var vänligen rapportera buggar och förslag på $LINK$, tack!';
+?>

system/locale/sv/main.php

@@ -0,0 +1,15 @@
+<?php
+/**
+ * swedish language file
+ * main.php
+ *
+ * @author Sizaro <sizaro@live.se>
+ */
+$locale['name']     = 'Swedish';
+$locale['lang']		= 'sv';
+$locale['encoding'] = 'utf-8';
+$locale['direction']= 'ltr';
+
+$locale['error404'] = 'Sidan kunde inte hittas.';
+$locale['news'] = 'Senaste nyheterna';
+?>

system/login.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -73,9 +73,6 @@ else
 				if(isset($_POST['remember_me']))
 					$_SESSION['remember_me'] = true;
 
-				//if(isset($_POST['admin']))
-				//	$_SESSION['admin'] = true;
-			
 				$logged = true;
 
 				$logged_flags = $account_logged->getWebFlags();

system/migrations/1.php

@@ -0,0 +1,16 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';");
+	$db->query("
+	CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+");
+
+?>

system/migrations/2.php

@@ -0,0 +1,6 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "faq` MODIFY `answer` VARCHAR(1020) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
+?>

system/migrations/3.php

@@ -0,0 +1,3 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` ADD `ipv6` BINARY(16) NOT NULL DEFAULT 0;");
+?>

system/migrations/4.php

@@ -0,0 +1,3 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `id` int(11) NOT NULL AUTO_INCREMENT primary key FIRST;");
+?>

system/pages/404.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/accountmanagement.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -177,11 +177,12 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 
 	if($action == "")
 	{
+		$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']);
 		$account_reckey = $account_logged->getCustomField("key");
 		if(!$account_logged->isPremium())
 			$account_status = '<b><font color="red">Free Account</font></b>';
 		else
-			$account_status = '<b><font color="green">Premium Account, '.$account_logged->getPremDays().' days left</font></b>';
+			$account_status = '<b><font color="green">Premium Account, ' . ($freePremium ? 'Unlimited' : $account_logged->getPremDays() . ' days left') . '</font></b>';
 		if(empty($account_reckey))
 			$account_registred = '<b><font color="red">No</font></b>';
 		else
@@ -222,7 +223,21 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 				echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="Message" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div><table><tr><td class="LabelV" >Note:</td><td style="width:100%;" >A request has been submitted to change the email address of this account to <b>'.$account_email_new.'</b>. After <b>'.date("j F Y, G:i:s", $account_email_new_time).'</b> you can accept the new email address and finish the process. Please cancel the request if you do not want your email address to be changed! Also cancel the request if you have no access to the new email address!</td></tr></table><div align="center" ><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Edit" alt="Edit" src="'.$template_path.'/images/buttons/_sbutton_edit.gif" ></div></div></td></tr></form></table></div>    </div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/><br/>';
 			}
 		}
-		echo '<a name="General+Information" ></a><div class="TopButtonContainer" ><div class="TopButton" ><a href="#top" >	<img style="border:0px;" src="'.$template_path.'/images/content/back-to-top.gif" /></a></div></div><div class="TableContainer" ><table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >General Information</div><span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" ><div class="TableContentContainer" >    <table class="TableContent" width="100%" ><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Email Address:</td><td style="width:90%;" >'.$account_email.''.$account_email_change.'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Created:</td><td>'.date("j F Y, G:i:s", $account_created).'</td></td><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Last Login:</td><td>'.date("j F Y, G:i:s", time()).'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Account Status:</td><td>'.$account_status.'</td></tr><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Registred:</td><td>'.$account_registred.'</td></tr></table></div></div><div class="TableShadowContainer" ><div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" ><div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div><div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changepassword" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Password" alt="Change Password" src="'.$template_path.'/images/buttons/_sbutton_changepassword.gif" ></div></div></td></tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><input type="hidden" name=newemail value="" ><input type="hidden" name=newemaildate value=0 ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Email" alt="Change Email" src="'.$template_path.'/images/buttons/_sbutton_changeemail.gif" ></div></div></td></tr></form>	</table></td><td width="100%"></td>';
+		echo '<a name="General+Information" ></a><div class="TopButtonContainer" ><div class="TopButton" ><a href="#top" >	<img style="border:0px;" src="'.$template_path.'/images/content/back-to-top.gif" /></a></div></div><div class="TableContainer" ><table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >General Information</div><span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" ><div class="TableContentContainer" >    <table class="TableContent" width="100%" >
+		<tr style="background-color:'.$config['lightborder'].';" >
+			<td class="LabelV" >Account ' . (USE_ACCOUNT_NAME ? 'Name' : 'Number') . ':</td>
+			<td style="width:90%;" >' . (USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()) . '</td>
+		</tr>
+		<tr style="background-color:'.$config['darkborder'].';" >
+			<td class="LabelV" >Email Address:</td>
+			<td style="width:90%;" >'.$account_email.''.$account_email_change.'</td>
+		</tr>
+		<tr style="background-color:'.$config['lightborder'].';" >
+			<td class="LabelV" >Created:</td>
+			<td>'.date("j F Y, G:i:s", $account_created).'</td>
+		</tr>
+		<tr style="background-color:'.$config['darkborder'].';" >
+		<td class="LabelV" >Last Login:</td><td>'.date("j F Y, G:i:s", time()).'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Account Status:</td><td>'.$account_status.'</td></tr><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Registred:</td><td>'.$account_registred.'</td></tr></table></div></div><div class="TableShadowContainer" ><div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" ><div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div><div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changepassword" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Password" alt="Change Password" src="'.$template_path.'/images/buttons/_sbutton_changepassword.gif" ></div></div></td></tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><input type="hidden" name=newemail value="" ><input type="hidden" name=newemaildate value=0 ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Email" alt="Change Email" src="'.$template_path.'/images/buttons/_sbutton_changeemail.gif" ></div></div></td></tr></form>	</table></td><td width="100%"></td>';
 		//show button "register account"
 		if(empty($account_reckey))
 			echo '<td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=registeraccount" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Register Account" alt="Register Account" src="'.$template_path.'/images/buttons/_sbutton_registeraccount.gif" ></div></div></td></tr></form></table></td>';
@@ -234,7 +249,7 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 		foreach($account_logged->getActionsLog(0, 1000) as $action)
 		{
 			echo '<tr style="background-color:' . getStyle($player_number_counter++) . '"><td>'.$action['action'] . '</td><td>' . date("jS F Y H:i:s",$action['date']) . '</td>
-			<td>' . long2ip($action['ip']) . '</td></tr>';
+			<td>' . ($action['ip'] != 0 ? long2ip($action['ip']) : inet_ntop($action['ipv6'])) . '</td></tr>';
 		}
 		echo '</table>
 	
@@ -258,7 +273,52 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 				echo '<td><font color="green"><b>Online</b></font></td>';
 			echo '<td>[<a href="?subtopic=accountmanagement&action=changecomment&name='.urlencode($account_player->getName()).'" >Edit</a>]</td></tr>';
 		}
-		echo '</table>  </div></div><div class="TableShadowContainer" >  <div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" >    <div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div>    <div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Create Character" alt="Create Character" src="'.$template_path.'/images/buttons/_sbutton_createcharacter.gif" ></div></div></td></tr></form></table></td><td style="width:100%;" ></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=deletecharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Delete Character" alt="Delete Character" src="'.$template_path.'/images/buttons/_sbutton_deletecharacter.gif" ></div></div></td></tr></form></table></td></tr></table></td></tr>          </table>        </div>  </table></td></div></tr><br/><br/>';
+		echo '</table>  </div></div><div class="TableShadowContainer" >  <div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" >    <div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div>    <div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=createcharacter" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Create Character" alt="Create Character" src="'.$template_path.'/images/buttons/_sbutton_createcharacter.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		if($config['account_change_character_name']) {
+			echo '
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=changename" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Change Name" alt="Change Name" src="images/buttons/_sbutton_change_name.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		}
+		if($config['account_change_character_sex']) {
+			echo '
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=changesex" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Change Sex" alt="Change Sex" src="images/buttons/_sbutton_change_sex.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		}
+		echo '
+		<td style="width:100%;" ></td>
+		<td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=deletecharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Delete Character" alt="Delete Character" src="'.$template_path.'/images/buttons/_sbutton_deletecharacter.gif" ></div></div></td></tr></form></table></td></tr></table></td></tr>          </table>        </div>  </table></td></div></tr><br/><br/>';
 	}
 //########### CHANGE PASSWORD ##########
 	if($action == "changepassword") {
@@ -652,14 +712,14 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 					{
 						echo 'Here you can see and edit the information about your character.<br/>If you do not want to specify a certain field, just leave it blank.<br/><br/><form action="?subtopic=accountmanagement&action=changecomment" method="post" ><div class="TableContainer" >  <table class="Table5" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Edit Character Information</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" >    <table class="TableContent" width="100%" ><tr><td class="LabelV" >Name:</td><td style="width:80%;" >'.$player_name.'</td></tr><tr><td class="LabelV" >Hide Account:</td><td>';
 						if($player->getCustomField("hidden") == 1) {
-							echo '<input type="checkbox" name="accountvisible"  value="1" checked="checked">';
+							echo '<input type="checkbox" name="accountvisible" id="accountvisible" value="1" checked="checked">';
 						}
 						else
 						{
-							echo '<input type="checkbox" name="accountvisible"  value="1" >';
+							echo '<input type="checkbox" name="accountvisible" id="accountvisible" value="1" >';
 						}
 
-						echo ' check to hide your account information';
+						echo '<label for="accountvisible"> check to hide your account information</label>';
 							if((int)$player->getCustomField('group_id') > 1)
 								echo ' (you will be also hidden on the Team page!)';
 
@@ -682,6 +742,191 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 		}
 	}
 
+	if($action == "changename") {
+		echo '<script type="text/javascript" src="tools/check_name.js"></script>';
+		
+		$name_changed = false;
+		$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
+		$newcharname = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL;
+		if((!$config['account_change_character_name']))
+			echo 'You cant change your character name';
+		else
+		{
+			$points = $account_logged->getCustomField('premium_points');
+			if(isset($_POST['changenamesave']) && $_POST['changenamesave'] == 1) {
+				if($points < $config['account_change_character_name_points'])
+					$errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have <b>'.$points.'<b> premium points.';
+	
+				if(empty($errors) && empty($newcharname))
+					$errors[] = 'Please enter a name for your character!';
+
+				if(empty($errors) && strlen($newcharname) > 25)
+					$errors[] = 'Name is too long. Max. lenght <b>25</b> letters.';
+				else if(empty($errors) && strlen($newcharname) < 3)
+					$errors[] = 'Name is too short. Min. lenght <b>25</b> letters.';
+				
+				if(empty($errors))
+				{
+					$error = '';
+					if(!admin() && !check_name_new_char($newcharname, $error))
+						$errors[] = $error;
+				}
+				
+				if(empty($errors)) {
+					$player = $ots->createObject('Player');
+					$player->load($player_id);
+					if($player->isLoaded()) {
+						$player_account = $player->getAccount();
+						if($account_logged->getId() == $player_account->getId()) {
+							if($player->isOnline()) {
+								$errors[] = 'This character is online.';
+							}
+							
+							if(empty($errors)) {
+								$name_changed = true;
+								$old_name = $player->getName();
+								$player->setName($newcharname);
+								$player->save();
+								$account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']);
+								$account_logged->logAction('Changed name from <b>' . $old_name . '</b> to <b>' . $player->getName() . '</b>.');
+								echo '<div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Character Name Changed</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td>The character <b>'.$old_name.'</b> name has been changed to <b>' . $player->getName() . '</b>.</td></tr>          </table>        </div>  </table></div></td></tr><br><center><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></center>';
+							}
+						}
+						else
+						{
+							$errors[] = 'Character <b>'.$player_name.'</b> is not on your account.';
+						}
+					}
+					else
+					{
+						$errors[] = 'Character with this name doesn\'t exist.';
+					}
+				}
+			}
+
+			if(!$name_changed) {
+				if(!empty($errors)) {
+					echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div><b>The Following Errors Have Occurred:</b><br/>';
+					foreach($errors as $errors) {
+							echo '<li>'.$errors;
+					}
+					echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
+				}
+				echo 'To change a name of character select player and choose a new name.<br/>
+				<font color="red">Change name cost ' . $config['account_change_character_name_points'] . ' premium points. You have ' . $points . ' premium points.</font><br/><br/><form action="?subtopic=accountmanagement&action=changename" method="post" ><input type="hidden" name="changenamesave" value="1"><div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Change Name</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >
+				<table style="width:100%;" >
+					<tr>
+						<td class="LabelV" ><span >Character:</td>
+						<td style="width:90%;" >
+							<select name="player_id">';
+								$players = $account_logged->getPlayersList();
+								foreach($players as $player)
+									echo '<option value="' . $player->getId() . '">' . $player->getName() . '</option>';
+							echo '
+							</select>
+						</td>
+					</tr>
+					<tr>
+						<td class="LabelV" ><span >New Name:</td>
+						<td>
+							<input type="text" name="newcharname" id="newcharname" onkeyup="checkName();" size="25" maxlength="25" >
+							<font size="1" face="verdana,arial,helvetica">
+								<div id="name_check">Please enter your character name.</div>
+							</font>
+						</td>
+					</tr>
+				</table>        </div>  </table></div></td></tr><br/><table style="width:100%" ><tr align="center" ><td><table border="0" cellspacing="0" cellpadding="0" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Submit" alt="Submit" src="'.$template_path.'/images/buttons/_sbutton_submit.gif" ></div></div></td><tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></td></tr></table>';
+			}
+		}
+	}
+
+	if($action == "changesex") {
+		$sex_changed = false;
+		$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
+		$new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;
+		if((!$config['account_change_character_sex']))
+			echo 'You cant change your character sex';
+		else
+		{
+			$points = $account_logged->getCustomField('premium_points');
+			if(isset($_POST['changesexsave']) && $_POST['changesexsave'] == 1) {
+				if($points < $config['account_change_character_sex_points'])
+					$errors[] = 'You need ' . $config['account_change_character_sex_points'] . ' premium points to change sex. You have <b>'.$points.'<b> premium points.';
+	
+				if(empty($errors) && $new_sex != 0 && $new_sex != 1)
+					$errors[] = 'This sex is invalid.';
+				
+				if(empty($errors)) {
+					$player = $ots->createObject('Player');
+					$player->load($player_id);
+					if($player->isLoaded()) {
+						$player_account = $player->getAccount();
+						if($account_logged->getId() == $player_account->getId()) {
+							if($player->isOnline()) {
+								$errors[] = 'This character is online.';
+							}
+							
+							if(empty($errors) && $player->getSex() == $new_sex)
+								$errors[] = 'Sex cannot be same';
+							
+							if(empty($errors)) {
+								$sex_changed = true;
+								$old_sex = $player->getSex();
+								$player->setSex($new_sex);
+								$sexes = array(0 => 'Female', 1 => 'Male');
+								$player->save();
+								$account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']);
+								$account_logged->logAction('Changed sex on character <b>' . $player->getName() . '</b> from <b>' . $sexes[$old_sex] . '</b> to <b>' . $sexes[$new_sex] . '</b>.');
+								echo '<div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Character Sex Changed</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td>The character <b>'.$player->getName().'</b> sex has been changed to <b>' . $sexes[$new_sex] . '</b>.</td></tr>          </table>        </div>  </table></div></td></tr><br><center><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></center>';
+							}
+						}
+						else
+						{
+							$errors[] = 'Character <b>'.$player_name.'</b> is not on your account.';
+						}
+					}
+					else
+					{
+						$errors[] = 'Character with this name doesn\'t exist.';
+					}
+				}
+			}
+
+			if(!$sex_changed) {
+				if(!empty($errors)) {
+					echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div><b>The Following Errors Have Occurred:</b><br/>';
+					foreach($errors as $errors) {
+							echo '<li>'.$errors;
+					}
+					echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
+				}
+				echo 'To change a sex of character select player and choose a new sex.<br/>
+				<font color="red">Change sex cost ' . $config['account_change_character_sex_points'] . ' premium points. You have ' . $points . ' premium points.</font><br/><br/><form action="?subtopic=accountmanagement&action=changesex" method="post" ><input type="hidden" name="changesexsave" value="1"><div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Change sex</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >
+				<table style="width:100%;" >
+					<tr>
+						<td class="LabelV" ><span >Character:</td>
+						<td style="width:90%;" >
+							<select name="player_id">';
+								$players = $account_logged->getPlayersList();
+								foreach($players as $player)
+									echo '<option value="' . $player->getId() . '">' . $player->getName() . '</option>';
+							echo '
+							</select>
+						</td>
+					</tr>
+					<tr>
+						<td class="LabelV" ><span >New Sex:</td>
+						<td>
+							<select name="new_sex">
+								<option value="0"' . ($player->getSex() == 0 ? ' selected' : '') . '>Female</option>
+								<option value="1"' . ($player->getSex() == 1 ? ' selected' : '') . '>Male</option>
+							</select>
+						</td>
+					</tr>
+				</table>        </div>  </table></div></td></tr><br/><table style="width:100%" ><tr align="center" ><td><table border="0" cellspacing="0" cellpadding="0" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Submit" alt="Submit" src="'.$template_path.'/images/buttons/_sbutton_submit.gif" ></div></div></td><tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></td></tr></table>';
+			}
+		}
+	}
 //### DELETE character from account ###
 	if($action == "deletecharacter") {
 		$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : NULL;
@@ -750,52 +995,14 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 
 //## CREATE CHARACTER on account ###
 	if($action == "createcharacter") {
-		echo '<script type="text/javascript">
+		echo '<script type="text/javascript" src="tools/check_name.js"></script>';
-		eventId = 0;
-		lastSend = 0;
-
-function checkName()
-{
-	if(eventId != 0)
-	{
-		clearInterval(eventId)
-		eventId = 0;
-	}
-
-	if(document.getElementById("newcharname").value=="")
-	{
-		document.getElementById("name_check").innerHTML = \'<b><font color="red">Please enter new character name.</font></b>\';
-		return;
-	}
-
-	//anti flood
-	var date = new Date;
-	var timeNow = parseInt(date.getTime());
-
-	if(lastSend != 0)
-	{
-		if(timeNow - lastSend < 1100)
-		{
-			eventId = setInterval(\'checkName()\', 1100)
-			return;
-		}
-	}
-
-	var newcharname = document.getElementById("newcharname").value;
-	$.get("tools/validate.php", { name: newcharname, uid: Math.random() },
-		function(data){
-			document.getElementById("name_check").innerHTML = data;
-			lastSend = timeNow;
-	});
-	
-	lastSend = timeNow;
-}
-</script>';
 		$newchar_name = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL;
 		$newchar_sex = isset($_POST['newcharsex']) ? $_POST['newcharsex'] : NULL;
 		$newchar_vocation = isset($_POST['newcharvocation']) ? $_POST['newcharvocation'] : NULL;
 		$newchar_town = isset($_POST['newchartown']) ? $_POST['newchartown'] : NULL;
 		$newchar_errors = array();
+		
+		$newchar_created = false;
 		if(isset($_POST['savecharacter']) && $_POST['savecharacter'] == 1) {
 			if(empty($newchar_name))
 				$newchar_errors[] = 'Please enter a name for your character!';
@@ -824,17 +1031,10 @@ function checkName()
 			else
 				$newchar_town = $config['character_towns'][0];
 
-			//check if was namelocked previously
-			if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
-				$namelockSQL = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($newchar_name));
-				if($namelockSQL->rowCount() > 0)
-					$newchar_errors[] = 'Character with this name has been namelocked.';
-			}
-
 			if(empty($newchar_errors))
 			{
 				$error = '';
-				if(!check_name_new_char($newchar_name, $error))
+				if(!admin() && !check_name_new_char($newchar_name, $error))
 					$newchar_errors[] = $error;
 				if($newchar_sex != 1 && $newchar_sex != "0")
 					$newchar_errors[] = 'Sex must be equal <b>0 (female)</b> or <b>1 (male)</b>.';
@@ -855,10 +1055,6 @@ function checkName()
 
 			if(empty($newchar_errors))
 			{
-				$check_name_in_database = $ots->createObject('Player');
-				$check_name_in_database->find($newchar_name);
-				if($check_name_in_database->isLoaded())
-					$newchar_errors[] .= 'This name is already used. Please choose another name!';
 				$number_of_players_on_account = $account_logged->getPlayersList()->count();
 				if($number_of_players_on_account >= $config['characters_per_account'])
 					$newchar_errors[] .= 'You have too many characters on your account <b>('.$number_of_players_on_account.'/'.$config['characters_per_account'].')</b>!';
@@ -870,7 +1066,7 @@ function checkName()
 				$char_to_copy = new OTS_Player();
 				$char_to_copy->find($char_to_copy_name);
 				if(!$char_to_copy->isLoaded())
-					$newchar_errors[] .= 'Wrong characters configuration. Try again or contact with admin. ADMIN: Edit file config/config.php and set valid characters to copy names. Character to copy'.$char_to_copy_name.'</b> doesn\'t exist.';
+					$newchar_errors[] .= 'Wrong characters configuration. Try again or contact with admin. ADMIN: Edit file config/config.php and set valid characters to copy names. Character to copy: <b>'.$char_to_copy_name.'</b> doesn\'t exist.';
 			}
 
 			if(empty($newchar_errors))
@@ -910,6 +1106,9 @@ function checkName()
 			    $player->setManaSpent($char_to_copy->getManaSpent());
 			    $player->setSoul($char_to_copy->getSoul());
 
+				for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++)
+					$player->setSkill($skill, 10);
+
 			    $player->setLookBody($char_to_copy->getLookBody());
 			    $player->setLookFeet($char_to_copy->getLookFeet());
 			    $player->setLookHead($char_to_copy->getLookHead());
@@ -925,10 +1124,16 @@ function checkName()
 					$player->setLossExperience($char_to_copy->getLossExperience());
 					$player->setLossMana($char_to_copy->getLossMana());
 					$player->setLossSkills($char_to_copy->getLossSkills());
-					$player->setLossItems($char_to_copy->getLossItems());
 				}
+				if(fieldExist('loss_items', 'players')) {
+					$player->setLossItems($char_to_copy->getLossItems());
+					$player->setLossContainers($char_to_copy->getLossContainers());
+				}
+					
 				$player->save();
 				$player->setCustomField("created", time());
+				
+				$newchar_created = true;
 				$account_logged->logAction('Created character <b>' . $player->getName() . '</b>.');
 				unset($player);
 				$player = $ots->createObject('Player');
@@ -958,8 +1163,7 @@ function checkName()
 				}
 			}
 		}
-		else
+
-		{
 		if(count($newchar_errors) > 0) {
 			echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div>';
 			echo '<b>The Following Errors Have Occurred:</b><br/>';
@@ -967,6 +1171,8 @@ function checkName()
 				echo '<li>'.$newchar_error . '</li>';
 			echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
 		}
+		
+		if(!$newchar_created) {
 			echo 'Please choose a name';
 			if(count($config['character_samples']) > 1)
 				echo ', vocation';
@@ -974,7 +1180,14 @@ function checkName()
 			if($account_logged->getPlayersList()->count() >= $config['characters_per_account']) {
 				echo '<b><font color="red"> You have maximum number of characters per account on your account. Delete one before you make new.</font></b>';
 			}
-			echo '<br/><br/><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><input type="hidden" name=savecharacter value="1" ><div class="TableContainer" >  <table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" ><span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >Create Character</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" ><table class="TableContent" width="100%" ><tr class="LabelH" ><td style="width:50%;" ><span >Name</td><td><span >Sex</td></tr><tr class="Odd" ><td><input id="newcharname" name="newcharname" onkeyup="checkName();" value="'.$newchar_name.'" size="30" maxlength="29" ><BR><font size="1" face="verdana,arial,helvetica"><div id="name_check">Please enter your character name.</div></font></td><td>';
+			echo '<br/><br/><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><input type="hidden" name=savecharacter value="1" ><div class="TableContainer" >  <table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" ><span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >Create Character</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" ><table class="TableContent" width="100%" ><tr class="LabelH" ><td style="width:50%;" ><span >Name</td><td><span >Sex</td></tr><tr class="Odd" >
+			<td>
+				<input id="newcharname" name="newcharname" onkeyup="checkName();" value="'.$newchar_name.'" size="25" maxlength="25" ><br/>
+				<font size="1" face="verdana,arial,helvetica">
+					<div id="name_check">Please enter your character name.</div>
+				</font>
+			</td>
+			<td>';
 			echo '<input type="radio" name="newcharsex" id="newcharsex" value="1" ';
 			if($newchar_sex == 1)
 				echo 'checked="checked" ';

system/pages/admin/changelog.php

@@ -1,27 +1,26 @@
 <?php
 /**
- * Changelog
+ * CHANGELOG viewer
  *
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'MyAAC - CHANGELOG';
+$title = 'MyAAC Changelog';
 
-$data = file_get_contents(SYSTEM . 'docs/CHANGELOG');
+if(!file_exists(BASE . 'CHANGELOG')) {
+	echo 'File CHANGELOG doesn\'t exist.';
+	return;
+}
 
-// replace special characters with HTML entities
+$changelog = file_get_contents(BASE . 'CHANGELOG');
-// replace line breaks with <br />
+$changelog = nl2br(htmlspecialchars($changelog));
-$data = nl2br(htmlspecialchars($data));
-
-// replace multiple spaces with single spaces
-$data = preg_replace('/\s\s+/', ' ', $data);
 
 // replace URLs with <a href...> elements
-$data = preg_replace('/\s(\w+:\/\/)(\S+)/', ' <a href="\\1\\2" target="_blank">\\1\\2</a>', $data);
+$changelog = preg_replace('/\s(\w+:\/\/)(\S+)/', ' <a href="\\1\\2" target="_blank">\\1\\2</a>', $changelog);
 
-echo '<div>' . $data . '</div>';
+echo '<div>' . $changelog . '</div>';
 ?>

system/pages/admin/dashboard.php

@@ -5,12 +5,85 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Dashboard';
+
+if($cache->enabled()) {
+	if(isset($_GET['clear_cache'])) {
+		if(clearCache())
+			success('Cache cleared.');
+		else
+			error('Error while clearing cache.');
+	}
+
 ?>
+<table class="table">
+	<tr>
+		<th><a href="?p=dashboard&clear_cache" onclick="return confirm('Are you sure?');">Clear cache</a></th>
+	</tr>
+</table>
+<?php
+}
+if(isset($_GET['maintenance'])) {
+	$_status = (int)$_POST['status'];
+	$message = $_POST['message'];
+	if(empty($message)) {
+		error('Message cannot be empty.');
+	}
+	else if(strlen($message) > 255) {
+		error('Message is too long. Maximum length allowed is 255 chars.');
+	}
+	else {
+		$tmp = '';
+		if(fetchDatabaseConfig('site_closed', $tmp))
+			updateDatabaseConfig('site_closed', $_status);
+		else
+			registerDatabaseConfig('site_closed', $_status);
+
+		if(fetchDatabaseConfig('site_closed_message', $tmp))
+			updateDatabaseConfig('site_closed_message', $message);
+		else
+			registerDatabaseConfig('site_closed_message', $message);
+	}
+}
+$is_closed = getDatabaseConfig('site_closed') == '1';
+
+$closed_message = 'Server is under maintenance, please visit later.';
+$tmp = '';
+if(fetchDatabaseConfig('site_closed_message', $tmp))
+	$closed_message = $tmp;
+?>
+<form action="?p=dashboard&maintenance" method="post">
+	<table class="table">
+		<tr>
+			<th colspan="2">Maintenance
+			</th>
+		</tr>
+		<tr>
+			<td>Site status:</td>
+			<td>
+				<select name="status">
+					<option value="0"<?php echo (!$is_closed ? ' selected' : ''); ?>>Open</option>
+					<option value="1"<?php echo ($is_closed ? ' selected' : ''); ?>>Closed</option>
+				</select>
+			</td>
+		</tr>
+		<tr>
+			<td>Message: (only if closed)</td>
+			<td>
+				<textarea name="message" maxlength="255" cols="40" rows="5"><?php echo $closed_message; ?></textarea>
+			<td>
+		</tr>
+		<tr>
+			<td colspan="2">
+				<input type="submit" class="button" value="Update"/>
+			</td>
+	</table>
+</form>
+<br/>
 <div>
 	<?php if($status['online']): ?>
 	<p class="success" style="width: 150px; text-align: center;">Status: Online<br/>
@@ -39,26 +112,69 @@ $title = 'Dashboard';
 </div-->
 <?php if($status['online']): ?>
 <script type="text/javascript">
-	var hidden = false;
 	$(document).ready(function() {
 		$("#status-more").hide();
 		$("#more-button").text("More");
-		hidden = true;
 	});
 
 	$("#more-button").click(function() {
-		if(hidden) {
+		if($("#status-more").is(":hidden")) {
 			$("#more-button").text("Hide");
 			$("#status-more").show();
-			hidden = false;
 		}
 		else {
 			$("#more-button").text("More");
 			$("#status-more").hide();
-			hidden = true;
 		}
 
 		return false;
 	});
 </script>
-<?php endif; ?>
+<?php endif;
+
+function clearCache()
+{
+	global $cache, $template_name;
+
+	$tmp = '';
+	if($cache->fetch('status', $tmp))
+		$cache->delete('status');
+	
+	if($cache->fetch('templates', $tmp))
+		$cache->delete('templates');
+
+	if($cache->fetch('config_lua', $tmp))
+		$cache->delete('config_lua');
+
+	if($cache->fetch('vocations', $tmp))
+		$cache->delete('vocations');
+
+	if($cache->fetch('towns', $tmp))
+		$cache->delete('towns');
+
+	if($cache->fetch('groups', $tmp))
+		$cache->delete('groups');
+
+	if($cache->fetch('visitors', $tmp))
+		$cache->delete('visitors');
+
+	if($cache->fetch('views_counter', $tmp))
+		$cache->delete('views_counter');
+
+	if($cache->fetch('failed_logins', $tmp))
+		$cache->delete('failed_logins');
+
+	if($cache->fetch('news' . $template_name . '_' . NEWS, $tmp))
+		$cache->delete('news' . $template_name . '_' . NEWS);
+
+	if($cache->fetch('news' . $template_name . '_' . TICKET, $tmp))
+		$cache->delete('news' . $template_name . '_' . TICKET);
+
+	if($cache->fetch('news' . $template_name . '_' . ARTICLE, $tmp))
+		$cache->delete('news' . $template_name . '_' . ARTICLE);
+
+	if($cache->fetch('template_ini' . $template_name, $tmp))
+		$cache->delete('template_ini' . $template_name);
+
+	return true;
+}

system/pages/admin/login.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/logs.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -28,7 +28,15 @@ foreach(scandir($aac_path_logs) as $f) {
 	$files[] = array($f, $aac_path_logs);
 }
 
+$server_path_logs = $config['server_path'] . 'logs/';
+if(!file_exists($server_path_logs))
 $server_path_logs = $config['data_path'] . 'logs/';
+
+if(!file_exists($server_path_logs)) {
+	echo '</table>Logs are not available on this server.';
+	return;
+}
+
 foreach(scandir($server_path_logs) as $f) {
 	if($f[0] == '.' || $f == '..')
 		continue;

system/pages/admin/mailer.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/notepad.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/pages.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/phpinfo.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/players.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -93,8 +93,8 @@ if($id > 0) {
 		if(!check_name($name, $_error))
 			echo_error($_error);
 
-		//if(!check_name_new_char($name))
+		//if(!check_name_new_char($name, $_error))
-		//	echo_error('This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.');
+		//	echo_error($_error);
 
 		$player_db = $ots->createObject('Player');
 		$player_db->find($name);
@@ -150,8 +150,10 @@ if($id > 0) {
 		verify_number($look_legs, 'Look legs', 11);
 		$look_type = $_POST['look_type'];
 		verify_number($look_type, 'Look type', 11);
+		if(fieldExist('lookaddons', 'players')) {
 			$look_addons = $_POST['look_addons'];
 			verify_number($look_addons, 'Look addons', 11);
+		}
 
 		// pos
 		$pos_x = $_POST['pos_x'];
@@ -200,12 +202,16 @@ if($id > 0) {
 			verify_number($loss_items, 'Loss items', 11);
 		}
 		
+		if(fieldExist('blessings', 'players')) {
 			$blessings = $_POST['blessings'];
 			verify_number($blessings, 'Blessings', 2);
+		}
 		$balance = $_POST['balance'];
 		verify_number($balance, 'Balance', 20);
+		if(fieldExist('stamina', 'players')) {
 			$stamina = $_POST['stamina'];
 			verify_number($stamina, 'Stamina', 20);
+		}
 
 		$deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true');
 		$hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true');
@@ -238,6 +244,7 @@ if($id > 0) {
 			$player->setLookHead($look_head);
 			$player->setLookLegs($look_legs);
 			$player->setLookType($look_type);
+			if(fieldExist('lookaddons', 'players'))
 				$player->setLookAddons($look_addons);
 			$player->setPosX($pos_x);
 			$player->setPosY($pos_y);
@@ -258,8 +265,10 @@ if($id > 0) {
 				$player->setLossContainers($loss_containers);
 				$player->setLossItems($loss_items);
 			}
+			if(fieldExist('blessings', 'players'))
 				$player->setBlessings($blessings);
 			$player->setBalance($balance);
+			if(fieldExist('stamina', 'players'))
 				$player->setStamina($stamina);
 			if(fieldExist('deletion', 'players'))
 				$player->setCustomField('deletion', $deleted ? '1' : '0');
@@ -298,7 +307,7 @@ if(!isset($player) || !$player->isLoaded())
 
 $account = $player->getAccount();
 ?>
-<br/><br/>
+<br/>
 <form action="<?php echo $base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post">
 <table class="table" cellspacing="1" cellpadding="4">
 	<tr><th colspan="2">Edit player</th></tr>
@@ -391,7 +400,9 @@ $account = $player->getAccount();
 			Head:<input type="text" name="look_head" size="2" maxlength="11" value="<?php echo $player->getLookHead(); ?>" />
 			Legs:<input type="text" name="look_legs" size="2" maxlength="11" value="<?php echo $player->getLookLegs(); ?>" />
 			Type:<input type="text" name="look_type" size="2" maxlength="11" value="<?php echo $player->getLookType(); ?>" />
+			<?php if(fieldExist('lookaddons', 'players')): ?>
 			Addons:<input type="text" name="look_addons" size="2" maxlength="11" value="<?php echo $player->getLookAddons(); ?>" />
+			<?php endif; ?>
 		</td>
 	</tr>
 	<tr>
@@ -468,19 +479,19 @@ $account = $player->getAccount();
 			<table>
 				<tr style="background-color: transparent;">
 					<td>Loss experience:</td>
-					<td><input type="text" name="lost_experience" size="8" maxlength="11" value="<?php echo $player->getLossExperience(); ?>" /></td>
+					<td><input type="text" name="loss_experience" size="8" maxlength="11" value="<?php echo $player->getLossExperience(); ?>" /></td>
 
 					<td>Loss mana:</td>
-					<td><input type="text" name="lost_mana" size="8" maxlength="11" value="<?php echo $player->getLossMana(); ?>" /></td>
+					<td><input type="text" name="loss_mana" size="8" maxlength="11" value="<?php echo $player->getLossMana(); ?>" /></td>
 					
 					<td>Loss skills:</td>
-					<td><input type="text" name="lost_skills" size="8" maxlength="11" value="<?php echo $player->getLossSkills(); ?>" /></td>
+					<td><input type="text" name="loss_skills" size="8" maxlength="11" value="<?php echo $player->getLossSkills(); ?>" /></td>
 					
 					<td>Loss containers:</td>
-					<td><input type="text" name="lost_containers" size="8" maxlength="11" value="<?php echo $player->getLossContainers(); ?>" /></td>
+					<td><input type="text" name="loss_containers" size="8" maxlength="11" value="<?php echo $player->getLossContainers(); ?>" /></td>
 					
 					<td>Loss items:</td>
-					<td><input type="text" name="lost_items" size="8" maxlength="11" value="<?php echo $player->getLossItems(); ?>" /></td>
+					<td><input type="text" name="loss_items" size="8" maxlength="11" value="<?php echo $player->getLossItems(); ?>" /></td>
 				</tr>
 			</table>
 		</td>
@@ -490,14 +501,17 @@ $account = $player->getAccount();
 		<td colspan="2">
 			<table>
 				<tr style="background-color: transparent;">
+					<?php if(fieldExist('blessings', 'players')): ?>
 					<td>Blessings:</td>
 					<td><input type="text" name="blessings" size="2" maxlength="2" value="<?php echo $player->getBlessings(); ?>" /></td>
-
+					<?php endif; ?>
 					<td>Balance:</td>
 					<td><input type="text" name="balance" size="16" maxlength="20" value="<?php echo $player->getBalance(); ?>" /></td>
 					
+					<?php if(fieldExist('stamina', 'players')): ?>
 					<td>Stamina:</td>
 					<td><input type="text" name="stamina" size="16" maxlength="20" value="<?php echo $player->getStamina(); ?>" /></td>
+					<?php endif; ?>
 				</tr>
 			</table>
 		</td>

system/pages/admin/plugins.php

@@ -5,11 +5,13 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Plugin manager';
+
+require(SYSTEM . 'hooks.php');
 ?>
 <form enctype="multipart/form-data" method="post">
 	<input type="hidden" name="upload_plugin" />
@@ -41,6 +43,33 @@ if(isset($_FILES["plugin"]["name"]))
 	$name = explode(".", $filename);
 	$accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
 
+	if(isset($file['error'])) {
+        $error = 'Error uploading file';
+        switch( $file['error'] ) {
+            case UPLOAD_ERR_OK:
+                $error = false;
+                break;
+            case UPLOAD_ERR_INI_SIZE:
+            case UPLOAD_ERR_FORM_SIZE:
+                $error .= ' - file too large (limit of '.ini_get('upload_max_filesize').' bytes).';
+                break;
+            case UPLOAD_ERR_PARTIAL:
+                $error .= ' - file upload was not completed.';
+                break;
+            case UPLOAD_ERR_NO_FILE:
+                $error .= ' - zero-length file uploaded.';
+                break;
+            default:
+                $error .= ' - internal error #' . $file['error'];
+                break;
+        }
+	}
+
+	if(isset($error) && $error != false) {
+		error($error);
+	}
+	else {
+		if(is_uploaded_file($file['tmp_name']) ) {
 			if(in_array($type, $accepted_types) && strtolower($name[1]) == 'zip') // check if it is zipped/compressed file
 			{
 				$targetdir = BASE;
@@ -50,20 +79,60 @@ if(isset($_FILES["plugin"]["name"]))
 					$zip = new ZipArchive();
 					$x = $zip->open($targetzip);  // open the zip file to extract
 					if ($x === true) {
-			$zip->extractTo($targetdir); // place in the directory with same name  
+						if($zip->extractTo($targetdir)) { // place in the directory with same name  
+							$string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json');
+							$plugin = json_decode($string, true);
+							if($plugin == NULL) {
+								warning('Cannot load ' . BASE . 'plugins/' . $name[0] . '.json. File might be not valid json code.');
+							}
+							
+							if(isset($plugin['install'])) {
+								if(file_exists(BASE . $plugin['install']))
+									require(BASE . $plugin['install']);
+								else
+									warning('Cannot load install script. Your plugin might be not working correctly.');
+							}
+
+							if(isset($plugin['hooks'])) {
+								foreach($plugin['hooks'] as $_name => $info) {
+									if(isset($hook_types[$info['type']])) {
+										$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';');
+										if($query->rowCount() == 1) { // found something
+											$query = $query->fetch();
+											$db->query('UPDATE `' . TABLE_PREFIX . 'hooks` SET `type` = ' . $hook_types[$info['type']] . ', `file` = ' . $db->quote($info['file']) . ' WHERE `id` = ' . (int)$query['id'] . ';');
+										}
+										else {
+											$db->query('INSERT INTO `' . TABLE_PREFIX . 'hooks` (`id`, `name`, `type`, `file`) VALUES (NULL, ' . $db->quote($_name) . ', ' . $hook_types[$info['type']] . ', ' . $db->quote($info['file']) . ');');
+										}
+									}
+									else
+										warning('Unknown event type: ' . $info['type']);
+								}
+							}
+							success('<strong>' . $plugin['name'] . '</strong> plugin has been successfully installed.');
+						}
+						else {
+							error('There was a problem with extracting zip archive.');
+						}
+						
 						$zip->close();
 						unlink($targetzip); // delete the Zipped file
-	  
+					}
-				$string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json');
+					else {
-				$plugin_info = json_decode($string, true);
+						error('There was a problem with opening zip archive.');
-				$message = '<p class="success"><strong>' . $plugin_info['name'] . '</strong> plugin has been successfully installed.</p>';
 					}
 				}
 				else
-			$message = '<p class="error">There was a problem with the upload. Please try again.</p>';
+					error('There was a problem with the upload. Please try again.');
-}
+			}
-	else
+			else {
-		$message = '<p class="error">The file you are trying to upload is not a .zip file. Please try again.</p>';
+				error('The file you are trying to upload is not a .zip file. Please try again.');
+			}
+		}
+		else {
+			error('Error uploading file - unknown error.');
+		}
+	}
 }
 
 echo $message;
@@ -83,7 +152,7 @@ echo $message;
 	foreach(scandir($path) as $file)
 	{
 		$file_info = explode('.', $file);
-		if($file == '.' || $file == '..' || $file == 'disabled' || is_dir($file) || !$file_info[1] || $file_info[1] != 'json')
+		if($file == '.' || $file == '..' || $file == 'disabled' || $file == 'example.json' || is_dir($path . $file) || !$file_info[1] || $file_info[1] != 'json')
 			continue;
 		
 		$string = file_get_contents(BASE . 'plugins/' . $file_info[0] . '.json');

system/pages/admin/statistics.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -45,9 +45,9 @@ $title = 'Statistics';
 		<td>
 			<table class="table">
 				<tr><th colspan="3">TOP 10 - Most wealth accounts</th></tr>
-				<tr><th>#</th><th>Account name</th><th>Premium points</th></tr>
+				<tr><th>#</th><th>Account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?></th><th>Premium points</th></tr>
 				<?php
-				$query = $db->query('SELECT premium_points, name FROM accounts ORDER BY premium_points DESC LIMIT 10;');
+				$query = $db->query('SELECT `premium_points`, `' . (USE_ACCOUNT_NAME ? 'name' : 'id') . '` as `name` FROM `accounts` ORDER BY `premium_points` DESC LIMIT 10;');
 				$i = 0;
 				foreach($query as $result)
 				{

system/pages/admin/tools.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/version.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -18,7 +18,8 @@ $myaac_version = file_get_contents('http://my-aac.org/VERSION');
 
 // compare them
 if(version_compare($myaac_version, MYAAC_VERSION) <= 0)
-	echo '<p class="success">MyAAC latest version is ' . $myaac_version . '. You\'re using the latest version.</p>';
+	echo '<p class="success">MyAAC latest version is ' . $myaac_version . '. You\'re using the latest version.
+	<br/>View CHANGELOG ' . generateLink(ADMIN_URL . '?p=changelog', 'here') . '</p>';
 else
 	echo '<p class="warning">You\'re using outdated version.<br/>
 		Your version: <b>' . MYAAC_VERSION . '</b><br/>

system/pages/admin/visitors.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bans.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bugtracker.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/changelog.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/characters.php

@@ -6,14 +6,13 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Characters';
 
 require(SYSTEM . 'item.php');
-
 $groups = new OTS_Groups_List();
 function generate_search_table($script = false)
 {
@@ -59,30 +58,47 @@ function generate_player_lookup($player)
 		if(!isset($player_eq[$i]) || $player_eq[$i] == 0)
 			$player_eq[$i] = $empty_slots[$i];
 	}
+/*
+	if(PHP_VERSION_ID == NULL || PHP_VERSION_ID < 70000) {
+		for($i = 1; $i < 11; $i++)
+		{
+			if(!itemImageExists($player_eq[$i]))
+				Items::generate($player_eq[$i]);
+		}
+	}
+	*/
+	for($i = 1; $i < 11; $i++)
+	{
+		if(check_number($player_eq[$i]))
+			$player_eq[$i] = getItemImage($player_eq[$i]);
+		else
+			$player_eq[$i] = '<img src="images/items/' . $player_eq[$i] . '.gif" width="32" height="32" border="0" alt=" ' . $player_eq[$i] . '" />';
+	}
 
-	//for($i = 1; $i < 11; $i++)
+	$skulls = array(
-	//{
+		1 => 'yellow_skull',
-		//if(!itemImageExists($player_eq[$i]))
+		2 => 'green_skull',
-		//	Items::generate($player_eq[$i]);
+		3 => 'white_skull',
-	//}
+		4 => 'red_skull',
+		5 => 'black_skull'
+	);
 
 	return '<table width="100" align="center" cellspacing="0" cellpadding="0" style="background: #808080; border:1px solid #808080;">
 		<tr>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[2]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[6]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[9]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[2].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[6].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[9].'</td></tr>
-				<tr height="11px"><td>'.($player->getSkull() > 0 ? '<img src="images/red_skull.gif">' : '').'</td></tr>
+				<tr height="11px"><td>'.($player->getSkullTime() > 0 && ($player->getSkull() == 4 || $player->getSkull() == 5) ? '<img src="images/' . $skulls[$player->getSkull()] . '.gif">' : '').'</td></tr>
 				</table>
 			</td>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[1]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[4]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[7]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[8]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[1].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[4].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[7].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[8].'</td></tr>
 				</table>
-
 			</td>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[3]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[5]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[10]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[3].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[5].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[10].'</td></tr>
 				</table>
 			</td>
 		</tr>
@@ -120,14 +136,12 @@ if(empty($name))
 
 $name = str_replace('/', '', $name);
 
-if(check_name($name))
+$oldName = '';
-{
-	$oldName = '';
 
-	$player = $ots->createObject('Player');
+$player = $ots->createObject('Player');
-	$player->find($name);
+$player->find($name);
-	if(!$player->isLoaded())
+if(!$player->isLoaded())
-	{
+{
 	$tmp_zmienna = "";
 	$tmp_name = retrieve_former_name($name);
 	while(!empty($tmp_name))
@@ -138,10 +152,10 @@ if(check_name($name))
 
 	if(!empty($tmp_zmienna))
 		$player->find($tmp_zmienna);
-	}
+}
 
-	if($player->isLoaded() && !$player->isDeleted())
+if($player->isLoaded() && !$player->isDeleted())
-	{
+{
 	$title = $player->getName() . ' - ' . $title;
 	$account = $player->getAccount();
 	$rows = 0;
@@ -150,6 +164,9 @@ if(check_name($name))
 		<td><img src="<?php echo $template_path; ?>/images/general/blank.gif" width="10" height="1" border="0"></td>
 		<td>
 			<table border="0" cellspacing="1" cellpadding="4" width="100%">
+				<?php if($config['characters']['outfit']): ?>
+				<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:<?php echo (in_array($player->getLookType(), array(75, 266, 302)) ? '-0px;margin-top:-0px;width:64px;height:64px;' : '-60px;margin-top:-60px;width:128px;height:128px;'); ?>" src="<?php echo $config['outfit_images_url'] . '?id=' . $player->getLookType() . (fieldExist('lookaddons', 'players') ? '&addons=' . $player->getLookAddons() : '') . '&head=' . $player->getLookHead() . '&body=' . $player->getLookBody() . '&legs=' . $player->getLookLegs() . '&feet=' . $player->getLookFeet() . '"';?>></div>
+				<?php endif; ?>
 				<tr bgcolor="<?php echo $config['vdarkborder']; ?>">
 					<td colspan="2" class="white"><b>Character Information</b></td>
 				</tr>
@@ -229,10 +246,14 @@ if(check_name($name))
 				$town_field = 'town_id';
 			else if(fieldExist('townid', 'houses'))
 				$town_field = 'townid';
+			else if(!fieldExist('town', 'houses'))
+				$town_field = false;
 			
-				$house = $db->query('SELECT `id`, `paid`, `name`, `' . $town_field . '` FROM `houses` WHERE `owner` = '.$player->getId())->fetch();
+			if(fieldExist('name', 'houses')) {
+				$house = $db->query('SELECT `id`, `paid`, `name`' . ($town_field != false ? ', `' . $town_field . '` as `town`' : '') . ' FROM `houses` WHERE `owner` = '.$player->getId())->fetch();
 				if(isset($house['id']))
 				{
+					$add = '';
 					if($house['paid'] > 0)
 						$add = ' is paid until '.date("M d Y", $house['paid']);
 
@@ -241,10 +262,10 @@ if(check_name($name))
 						<TD>House:</TD>
 						<TD>
 							<TABLE BORDER=0><TR>
-								<TD>'.$house['name'].' ('.$config['towns'][$house[$town_field]].')'.$add.'</TD>
+								<TD>' . (isset($house['name']) ? $house['name'] : $house['id']) . (isset($house['town']) ? ' (' . $config['towns'][$house['town']] . ')' : '') . $add . '</TD>
 								<TD>
 									<FORM ACTION="?subtopic=houses&page=view" METHOD=post>
-										<INPUT TYPE=hidden NAME=house VALUE="'.$house['name'].'">
+										<INPUT TYPE=hidden NAME=house VALUE="'. (isset($house['name']) ? $house['name'] : $house['id']) . '">
 										<INPUT TYPE=image NAME="View" ALT="View" SRC="'.$template_path.'/images/buttons/sbutton_view.gif" BORDER=0 WIDTH=120>
 									</FORM>
 								</TD>
@@ -252,22 +273,25 @@ if(check_name($name))
 						</TD>
 					</TR>';
 				}
+			}
 
 			$rank_of_player = $player->getRank();
-				if($rank_of_player->isLoaded())
+			if($rank_of_player->isLoaded()) {
-				{
+				$guild = $rank_of_player->getGuild();
-					$guild_name = $rank_of_player->getGuild()->getName();
+				if($guild->isLoaded()) {
+					$guild_name = $guild->getName();
 					echo
 					'<TR BGCOLOR="'.getStyle(++$rows).'">'.
 						'<TD>Guild membership:</TD><TD>'.$rank_of_player->getName().' of the ' . getGuildLink($guild_name) . '</TD>'.
 					'</TR>';
 				}
+			}
 
 			echo
 				'<TR BGCOLOR="'.getStyle(++$rows).'"><TD>Last login:</TD><TD>';
 			$lastlogin = $player->getLastLogin();
 			if(empty($lastlogin))
-					echo'Never logged in.';
+				echo 'Never logged in.';
 			else
 				echo date("M d Y, H:i:s", $lastlogin).' CEST';
 
@@ -405,8 +429,8 @@ if(check_name($name))
 					<td width=\"20%\" align=\"center\">".date("j M Y, H:i", $death['date'])."</td>
 					<td> ";
 					$killers = $db->query("SELECT environment_killers.name AS monster_name, players.name AS player_name, players.deleted AS player_exists FROM killers LEFT JOIN environment_killers ON killers.id = environment_killers.kill_id
-	LEFT JOIN player_killers ON killers.id = player_killers.kill_id LEFT JOIN players ON players.id = player_killers.player_id
+LEFT JOIN player_killers ON killers.id = player_killers.kill_id LEFT JOIN players ON players.id = player_killers.player_id
-	WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, killers.id ASC")->fetchAll();
+WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, killers.id ASC")->fetchAll();
 
 					$i = 0;
 					$count = count($killers);
@@ -452,9 +476,11 @@ if(check_name($name))
 			}
 		}
 		else {
+			$mostdamage = '';
+			if(fieldExist('mostdamage_by', 'player_deaths'))
+				$mostdamage = ', `mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified`';
 			$deaths = $db->query('SELECT 
-					`player_id`, `time`, `level`, `killed_by`, `is_player`, 
+				`player_id`, `time`, `level`, `killed_by`, `is_player`' . $mostdamage . ' 
-					`mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified` 
 				FROM `player_deaths` 
 				WHERE `player_id` = ' . $player->getId() . ' ORDER BY `time` DESC LIMIT 10;');
 
@@ -479,7 +505,7 @@ if(check_name($name))
 					if($mostdmg) 
 					{
 						$mostdmg = ($death['mostdamage_is_player']) ? getPlayerLink($death['mostdamage_by']) : $death['mostdamage_by'];
-							$dead_add_content .=  '<br>and by ' . $mostdmg;
+						$dead_add_content .=  ' and by ' . $mostdmg;
 						
 						if ($death['mostdamage_unjustified']) {
 							$dead_add_content .=  " <font color='red' style='font-style: italic;'>(unjustified)</font>";
@@ -613,13 +639,17 @@ if(check_name($name))
 				'<TR BGCOLOR='.getStyle(++$rows).'>
 					<TD WIDTH=20%>Created:</TD>';
 					$bannedUntil = '';
+					$banned = array();
 					if(tableExist('account_bans'))
 						$banned = $db->query('SELECT `expires_at` as `expires` FROM `account_bans` WHERE `account_id` = '.$account->getId().' and `expires_at` > ' . time());
-						else
+					else if(tableExist('bans')) {
+						if(fieldExist('expires', 'bans'))
 							$banned = $db->query('SELECT `expires` FROM `bans` WHERE (`value` = '.$account->getId().' or `value` = '.$player->getId().') and `active` = 1 and `type` != 2 and `type` != 4 and `expires` > ' . time());
+					else
+							$banned = $db->query('SELECT `time` as `time` FROM `bans` WHERE (`account` = '.$account->getId().' or `player` = '.$player->getId().') and `type` != 2 and `type` != 4 and `time` > ' . time());
+					}
 					foreach($banned as $ban)
 					{
-							if($ban['type'] != 2 and $ban['type'] != 4)
 						$bannedUntil = ' <font color="red">[Banished '.($ban['expires'] == "-1" ? 'forever' : 'until '.date("d F Y, h:s", $ban['expires'])).']</font>';
 					}
 					echo '<TD>'.date("j F Y, g:i a", $account->getCustomField("created")).$bannedUntil.'</TD>
@@ -659,9 +689,9 @@ if(check_name($name))
 		}
 	echo '<br/><br/>' . generate_search_table();
 	echo '</TABLE>';
-	}
+}
-	else
+else
-	{
+{
 	$search_errors[] = 'Character <b>' . $name . '</b> does not exist or has been deleted.';
 	output_errors($search_errors);
 	$search_errors = array();
@@ -681,7 +711,7 @@ if(check_name($name))
 		foreach($query as $player) {
 			if(isset($player['promotion'])) {
 				if((int)$player['promotion'] > 0)
-						$player['vocation'] + ($player['promotion'] * 4);
+					$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
 			}
 			echo '<li>' . getPlayerLink($player['name']) . ' (<small><strong>level ' . $player['level'] . ', ' . $config['vocations'][$player['vocation']] . '</strong></small>)</li>';
 		}
@@ -689,10 +719,7 @@ if(check_name($name))
 	}
 
 	echo generate_search_table(true);
-	}
 }
-else
-	$search_errors[] = 'This name contains invalid letters. Please use only A-Z, a-z and space. Minimum length is 3 characters.';
 
 if(!empty($search_errors))
 	output_errors($search_errors);

system/pages/commands.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/createaccount.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -137,14 +137,17 @@ if($step == 'save')
 		{
 			$salt = generateRandomString(10, false, true, true);
 			$password = $salt . $password;
-			$new_account->setSalt($salt);
 		}
 
 		$new_account->setPassword(encrypt($password));
 		$new_account->setEMail($email);
 		$new_account->unblock();
 		$new_account->save();
-		$new_account->setCustomField("created", time());
+		
+		if($config_salt_enabled)
+			$new_account->setCustomField('salt', $salt);
+
+		$new_account->setCustomField('created', time());
 		$new_account->logAction('Account created.');
 
 		if($config['account_country']) {
@@ -199,9 +202,9 @@ If you haven\'t registered on ' . $config['lua']['serverName'] . ' please ignore
 				Your account has been created.<br/><br/>
 				<table width="100%" border="0" cellspacing="1" cellpadding="4">
 					<tr><td bgcolor="<?php echo $config['vdarkborder']; ?>" class="white"><b>Account Created</b></td></tr>
-					<tr><td bgcolor="<?php echo $config['darkborder']; ?>'">
+					<tr><td bgcolor="<?php echo $config['darkborder']; ?>">
 				  <table border="0" cellpadding="1"><tr><td>
-				    <br/>Your account<?php (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> is <b><?php echo $tmp_account; ?></b>.
+				    <br/>Your account<?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> is <b><?php echo $tmp_account; ?></b>.
 
 				You will need the account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> and your password to play on <?php echo $config['lua']['serverName']; ?>.
 				    Please keep your account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> and password in a safe place and
@@ -267,7 +270,7 @@ function checkAccount()
 
 	if(document.getElementById("account_input").value == "")
 	{
-		document.getElementById("acc_check").innerHTML = '<b><font color="red">Please enter account<?php echo (USE_ACCOUNT_NAME ? ' name' : ''); ?>.</font></b>';
+		document.getElementById("acc_check").innerHTML = '<b><font color="red">Please enter account<?php echo (USE_ACCOUNT_NAME ? ' name' : 'number'); ?>.</font></b>';
 		return;
 	}
 

system/pages/creatures.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -72,6 +72,10 @@ if(isset($_POST['reload_monsters']) && $canEdit)
 	//add monsters
 	foreach($allmonsters as $lol) {
 		$monster = $allmonsters->current();
+		if(!$monster->loaded()) {
+			warning('Error while adding monster: ' . $allmonsters->currentFile());
+			continue;
+		}
 		//load monster mana needed to summon/convince
 		$mana = $monster->getManaCost();
 		//load monster experience
@@ -135,9 +139,15 @@ if(isset($_POST['reload_monsters']) && $canEdit)
 			$flags['convinceable'] = '0';
 
 		if(!in_array($name, $names_added)) {
-			try { $db->query("INSERT INTO myaac_monsters (hide_creature, name, mana, exp, health, speed_lvl, use_haste, voices, immunities, summonable, convinceable, race, gfx_name, file_path) VALUES (0, '".$name."', '".$mana."', '".$exp."', '".$health."', '".$speed_lvl."', '".$use_haste."', '".$voices_string."', '".$immunities_string."', '".$flags['summonable']."', '".$flags['convinceable']."', '".$race."', '".$gfx_name."', '" . $allmonsters->currentFile() . "')"); } catch(PDOException $error) {}
+			try {
+				$db->query("INSERT INTO myaac_monsters (hide_creature, name, mana, exp, health, speed_lvl, use_haste, voices, immunities, summonable, convinceable, race, gfx_name, file_path) VALUES (0, ".$db->quote($name).", '".$mana."', '".$exp."', '".$health."', '".$speed_lvl."', '".$use_haste."', ".$db->quote($voices_string).", ".$db->quote($immunities_string).", '".$flags['summonable']."', '".$flags['convinceable']."', '".$race."', ".$db->quote($gfx_name).", " . $db->quote($allmonsters->currentFile()) . ")");
+				success("Added: ".$name."<br/>");
+			}
+			catch(PDOException $error) {
+				warning('Error while adding monster (' . $name . '): ' . $error->getMessage());
+			}
+
 			$names_added[] = $name;
-			echo "Added: ".$name."<br/>";
 		}
 	}
 }
@@ -303,7 +313,7 @@ if(isset($monster['name']))
 	echo '</TABLE></td></tr>';
 
 	echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%>';
-	$loot = simplexml_load_file($config['server_path'] . 'data/monster/' . $monster['file_path']); 
+	$loot = simplexml_load_file($config['data_path'] . 'monster/' . $monster['file_path']); 
 	if($loot)
 	{ 
 		if($item = $loot->loot->item)

system/pages/custom.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/downloads.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 $title = 'Downloads';

system/pages/experiencestages.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/experiencetable.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -33,7 +33,7 @@ Remember you can also check the respective skill bar in your skill window of the
 					<td><b>Experience</b></td>
 				</tr>
 <?php
-		for($level = $i * 100 + 1; $level < $i * 100 + 101; $level++)
+		for($level = $i * $config['experiencetable_rows'] + 1; $level < $i * $config['experiencetable_rows'] + ($config['experiencetable_rows'] + 1); $level++)
 		{
 ?>
 				<tr bgcolor="<?php echo $config['lightborder']; ?>">

system/pages/faq.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -170,10 +170,12 @@ if($action == 'show_board')
 	}
 
 	echo '<br /><br />Page: '.$links_to_pages.'<br />';
-	$last_threads = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll();
+	$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll();
 	if(isset($last_threads[0]))
 	{
 		echo '<table width="100%"><tr bgcolor="'.$config['vdarkborder'].'" align="center"><td><font color="white" size="1"><b>Thread</b></font></td><td><font color="white" size="1"><b>Thread Starter</b></font></td><td><font color="white" size="1"><b>Replies</b></font></td><td><font color="white" size="1"><b>Views</b></font></td><td><font color="white" size="1"><b>Last Post</b></font></td></tr>';
+		
+		$player = $ots->createObject('Player');
 		foreach($last_threads as $thread)
 		{
 			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
@@ -182,7 +184,17 @@ if($action == 'show_board')
 				echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
 				echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><font color="red">[REMOVE]</font></a>  ';
 			}
-			echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']).'</a><br /><small>'.htmlspecialchars(substr($thread['post_text'], 0, 50)).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
+			
+			$player->load($thread['player_id']);
+			if(!$player->isLoaded()) {
+				error('Forum error: Player not loaded.');
+				die();
+			}
+
+			$player_account = $player->getAccount();
+			$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+			
+			echo '<a href="' . getForumThreadLink($thread['id']) . '">'.($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])) . '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
 			if($thread['last_post'] > 0)
 			{
 				$last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
@@ -226,18 +238,14 @@ if($action == 'show_thread')
 		$player = $ots->createObject('Player');
 		foreach($threads as $thread)
 		{
-			if(isset($thread['promotion'])) {
-				if((int)$thread['promotion'] > 0)
-					$thread['vocation'] + ($thread['promotion'] * 4);
-			}
-			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$thread['vocation']].'<br />Level: '.$thread['level'].'<br />';
-			
 			$player->load($thread['player_id']);
 			if(!$player->isLoaded()) {
-				error('Player not loaded');
+				error('Forum error: Player not loaded.');
 				die();
 			}
 		
+			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$player->getVocation()].'<br />Level: '.$thread['level'].'<br />';
+	
 			$rank = $player->getRank();
 			if($rank->isLoaded())
 			{
@@ -245,8 +253,11 @@ if($action == 'show_thread')
 				if($guild->isLoaded())
 					echo $rank->getName().' of <a href="'.getGuildLink($guild->getName(), false).'">'.$guild->getName().'</a><br />';
 			}
+			$player_account = $player->getAccount();
+			$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+			
 			$posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch();
-			echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(htmlspecialchars($thread['post_topic']), htmlspecialchars($thread['post_text']), $thread['post_smile']).'</td></tr>
+			echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'</td></tr>
 			<tr bgcolor="'.getStyle($number_of_rows++).'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
 			if($thread['edit_date'] > 0)
 			{

system/pages/guilds.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -17,6 +17,7 @@ if(tableExist('guild_members'))
 else
 	define('GUILD_MEMBERS_TABLE', 'guild_membership');
 	
+define('MOTD_EXISTS', fieldExist('motd', 'guilds'));
 if($action == 'login')
 {
 	if(check_guild_name($_REQUEST['guild']))
@@ -52,7 +53,9 @@ if($action == '')
 
 	//echo 'Guilds needs to have atleast 4 members, otherwise it will be deleted automatically after 4 days.<BR/><BR/>Guild statistics are self-updated once per 3 days.<BR/><BR/>';
 
-	echo '<A HREF="?subtopic=guilds&preview=1">Normal preview</A> / <A HREF="?subtopic=guilds&preview=2">Advanced ranks & statistics</A><BR/><BR/><TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%>
+	//echo '<A HREF="?subtopic=guilds&preview=1">Normal preview</A> / <A HREF="?subtopic=guilds&preview=2">Advanced ranks & statistics</A><BR/><BR/>
+	echo '
+	<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%>
 	<TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN='.($_REQUEST['preview'] == 2 ? '7' : '3').' class="white"><B>Active Guilds on '.$config['lua']['serverName'].'</B></TD></TR>
 	<TR BGCOLOR='.$config['darkborder'].' '.($_REQUEST['preview'] == 2 ? 'ALIGN="CENTER"' : '' ).'>';
 		if($_REQUEST['preview'] == 2) {
@@ -297,7 +300,7 @@ if($action == 'show')
 
 					//$s_total_members++;
 					//$s_total_level += $player->getLevel();
-					echo '<TR><TD><FORM ACTION="?subtopic=guilds&action=change_nick&name='.$player->getName().'" METHOD=post>' . getPlayerLink($player->getName());
+					echo '<TR><TD>' . getPlayerLink($player->getName()) . '<FORM ACTION="?subtopic=guilds&action=change_nick&name='.$player->getName().'" METHOD=post>';
 					$guild_nick = $player->getGuildNick();
 					if($logged)
 					{
@@ -316,8 +319,8 @@ if($action == 'show')
 					if($level_in_guild > $rank->getLevel() || $guild_leader)
 						if($guild_leader_char->getName() != $player->getName())
 							echo '&nbsp;<font size=1>{<a href="?subtopic=guilds&action=kickplayer&guild='.urlencode($guild->getName()).'&name='.urlencode($player->getName()).'">KICK</a>}</font>';
-					if($player->isOnline())
+					//if($player->isOnline())
-						$s_members_online++;
+					//	$s_members_online++;
 					echo '</FORM></TD><TD align="right" width="10%">'.$player->getLevel().'</TD><TD align="right" width="20%"><font color="'.($player->isOnline() ? 'green"><b>Online' : 'red"><b>Offline').'</b></font></TD></TR>';
 				}
 				echo '</TABLE></TD></TR>';
@@ -800,7 +803,7 @@ $guild_errors[] = 'Player with name <b>'.$name.'</b> doesn\'t exist.';
 else
 {
 $rank_of_player = $player->getRank();
-if($player_rank->isLoaded()) {
+if($rank_of_player->isLoaded()) {
 $guild_errors[] = 'Player with name <b>'.$name.'</b> is already in guild. He must leave guild before you can invite him.';
 }
 }
@@ -1026,7 +1029,7 @@ if($action == 'kickplayer') {
 		}
 		else
 		{
-			if($player->getRank()->isLoaded() && $player->getRank()->getGuild()->getName() != $guild->getName()) {
+			if($player->getRank()->isLoaded() && $player->getRank()->getGuild()->isLoaded() && $player->getRank()->getGuild()->getName() != $guild->getName()) {
 				$guild_errors[] = 'Character <b>'.$name.'</b> isn\'t from your guild.';
 			}
 		}
@@ -1301,7 +1304,7 @@ if(isset($todo) && $todo == 'save')
 			$player->setRank($rank);
 		}
 	}
-	echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD class="white"><B>Create guild</B></TD></TR><TR BGCOLOR='.$config['darkborder'].'><TD WIDTH=100%><b>Congratulations!</b><br/>You have created guild <b>'.$guild_name.'</b>. <b>'.$player->getName().'</b> is leader of this guild. Now you can invite players, change picture, description and motd of guild. Press submit to open guild manager.</TD></TR></TABLE><br/><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=100%><FORM ACTION="?subtopic=guilds&action=show&guild='.$guild_name.'" METHOD=post><TR><TD><center><INPUT TYPE=image NAME="Submit" ALT="Submit" SRC="'.$template_path.'/images/buttons/sbutton_Submit.gif" BORDER=0 WIDTH=120 HEIGHT=18></center></TD></TR></FORM></TABLE>';
+	echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD class="white"><B>Create guild</B></TD></TR><TR BGCOLOR='.$config['darkborder'].'><TD WIDTH=100%><b>Congratulations!</b><br/>You have created guild <b>'.$guild_name.'</b>. <b>'.$player->getName().'</b> is leader of this guild. Now you can invite players, change picture, description' . (MOTD_EXISTS ? ' and motd' : '') . ' of guild. Press submit to open guild manager.</TD></TR></TABLE><br/><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=100%><FORM ACTION="?subtopic=guilds&action=show&guild='.$guild_name.'" METHOD=post><TR><TD><center><INPUT TYPE=image NAME="Submit" ALT="Submit" SRC="'.$template_path.'/images/buttons/sbutton_Submit.gif" BORDER=0 WIDTH=120 HEIGHT=18></center></TD></TR></FORM></TABLE>';
 	/*$db->query('INSERT INTO `guild_ranks` (`id`, `guild_id`, `name`, `level`) VALUES (null, '.$new_guild->getId().', "the Leader", 3)');
 	$db->query('INSERT INTO `guild_ranks` (`id`, `guild_id`, `name`, `level`) VALUES (null, '.$new_guild->getId().', "a Vice-Leader", 2)');
 	$db->query('INSERT INTO `guild_ranks` (`id`, `guild_id`, `name`, `level`) VALUES (null, '.$new_guild->getId().', "a Member", 1)');*/
@@ -1385,8 +1388,10 @@ echo '<br/><br/><table style=\'clear:both\' border=0 cellpadding=0 cellspacing=0
 <tr bgcolor='.$config['darkborder'].'><td width="170"><font color="red"><b>Option</b></font></td><td><font color="red"><b>Description</b></font></td></tr>
 <tr bgcolor='.$config['lightborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=passleadership">Pass Leadership</a></b></td><td><b>Pass leadership of guild to other guild member.</b></td></tr>
 <tr bgcolor='.$config['darkborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=deleteguild">Delete Guild</a></b></td><td><b>Delete guild, kick all members.</b></td></tr>
-<tr bgcolor='.$config['lightborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=changedescription">Change Description</a></b></td><td><b>Change description of guild.</b></td></tr>
+<tr bgcolor='.$config['lightborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=changedescription">Change Description</a></b></td><td><b>Change description of guild.</b></td></tr>';
-<tr bgcolor='.$config['darkborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=changemotd">Change MOTD</a></b></td><td><b>Change MOTD of guild.</b></td></tr>
+if(MOTD_EXISTS)
+	echo '<tr bgcolor='.$config['darkborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=changemotd">Change MOTD</a></b></td><td><b>Change MOTD of guild.</b></td></tr>';
+echo '
 <tr bgcolor='.$config['lightborder'].'><td width="170"><b><a href="?subtopic=guilds&guild='.$guild->getName().'&action=changelogo">Change guild logo</a></b></td><td><b>Upload new guild logo.</b></td></tr>
 </table>';
 echo '<br><div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Add new rank</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td width="120" valign="top">New rank name:</td><td> <form action="?subtopic=guilds&guild='.$guild->getName().'&action=addrank" method="POST"><input type="text" name="rank_name" size="20"><input type="submit" value="Add"></form></td></tr>          </table>        </div>  </table></div></td></tr>';
@@ -1414,8 +1419,10 @@ echo '<h3>Ranks info:</h3><b>0. Owner of guild</b> - it\'s highest rank, only on
 <li>Invite/Cancel Invitation/Kick Player from guild
 <li>Change ranks of all players in guild
 <li>Delete guild or pass leadership to other guild member
-<li>Change names, levels(leader,vice,member), add and delete ranks
+<li>Change names, levels(leader,vice,member), add and delete ranks';
-<li>Change MOTD, logo and description of guild<hr>
+if(MOTD_EXISTS)
+	echo '<li>Change MOTD, logo and description of guild<hr>';
+echo '
 <b>3. Leader</b> - it\'s second rank in guild. Player with this rank can:
 <li>Invite/Cancel Invitation/Kick Player from guild (only with lower rank than his)
 <li>Change ranks of players with lower rank level ("vice leader", "member") in guild<hr>
@@ -2060,7 +2067,7 @@ echo '<br/><center><form action="?subtopic=guilds" METHOD=post><div class="BigBu
 //-----------------------------------------------------------------------------//-----------------------------------------------------------------------------
 //-----------------------------------------------------------------------------//-----------------------------------------------------------------------------
 //-----------------------------------------------------------------------------//-----------------------------------------------------------------------------
-if($action == 'changemotd') {
+if($action == 'changemotd' && MOTD_EXISTS) {
 	$guild_name = $_REQUEST['guild'];
 	if(!check_guild_name($guild_name)) {
 		$guild_errors[] = 'Invalid guild name format.';

system/pages/highscores.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -99,6 +99,16 @@ $deleted = 'deleted';
 if(fieldExist('deletion', 'players'))
 	$deleted = 'deletion';
 
+$outfit_addons = false;
+$outfit = '';
+if($config['highscores_outfit']) {
+	$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
+	if(fieldExist('lookaddons', 'players')) {
+		$outfit .= ', lookaddons';
+		$outfit_addons = true;
+	}
+}
+
 $offset = $_page * 100;
 if($skill <= POT::SKILL_LAST) { // skills
 	if(fieldExist('skill_fist', 'players')) {// tfs 1.0
@@ -112,14 +122,14 @@ if($skill <= POT::SKILL_LAST) { // skills
 			POT::SKILL_FISH => 'skill_fishing',
 		);
 
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . $outfit . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
 }
 else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 {
-	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . ',COUNT(`player_killers`.`player_id`) as value' .
+	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ',COUNT(`player_killers`.`player_id`) as value' .
 			' FROM `accounts`, `players`, `player_killers` ' .
 			' WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id = player_killers.player_id AND accounts.id = players.account_id' .
 			' GROUP BY `player_id`' .
@@ -129,10 +139,10 @@ else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 else
 {
 	if($skill == POT::SKILL__MAGLEVEL) {
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else { // level
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
 		$list = 'experience';
 	}
 }
@@ -150,6 +160,9 @@ else
 					<td width="11px" class="white">#</td>
 					<?php endif; ?>
 					<td width="10%" class="white"><b>Rank</b></td>
+					<?php if($config['highscores_outfit']): ?>
+					<td class="white"><b>Outfit</b></td>
+					<?php endif; ?>
 					<td width="75%" class="white"><b>Name</b></td>
 					<td width="15%" class="white"><b><?php echo ($skill != 666 ? 'Level' : 'Frags'); ?></b></td>
 					<?php if($skill == POT::SKILL__LEVEL): ?>
@@ -177,15 +190,18 @@ foreach($skills as $player)
 	{
 		if($skill == POT::SKILL__MAGIC)
 			$player['value'] = $player['maglevel'];
-
+		else if($skill == POT::SKILL__LEVEL)
-		if($skill == POT::SKILL__LEVEL)
 			$player['value'] = $player['level'];
 echo '
 		<tr bgcolor="' . getStyle($i) . '">';
 		if($config['account_country'])
 			echo '<td>' . getFlagImage($player['country']) . '</td>';
 echo '
-			<td>' . ($offset + $i) . '.</td>
+			<td>' . ($offset + $i) . '.</td>';
+			if($config['highscores_outfit'])
+			echo '<td><img style="position:absolute;margin-top:' . (in_array($player['looktype'], array(75, 266, 302)) ? '-15px;margin-left:5px' : '-45px;margin-left:-25px') . ';" src="' . $config['outfit_images_url'] . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] . '" alt="" /></td>';
+		
+echo '
 			<td>
 				<a href="' . getPlayerLink($player['name'], false) . '">
 					<font color="' . ($player['online'] > 0 ? 'green' : 'red') . '">' . $player['name'] . '</font>
@@ -193,7 +209,7 @@ echo '
 				if($config['highscores_vocation']) {
 					if(isset($player['promotion'])) {
 						if((int)$player['promotion'] > 0)
-							$player['vocation'] + ($player['promotion'] * 4);
+							$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
 					}
 
 					echo '<br/><small>' . $config['vocations'][$player['vocation']] . '</small>';
@@ -205,7 +221,7 @@ echo '
 			</td>';
 
 		if($skill == POT::SKILL__LEVEL)
-			echo '<td><center>' . $player['experience'] . '</center></td>';
+			echo '<td><center>' . number_format($player['experience']) . '</center></td>';
 
 		echo '</tr>';
 	}

system/pages/houses.php

@@ -6,12 +6,16 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Houses';
 
+if(!fieldExist('name', 'houses')) {
+	echo 'Houses list is not available on this server.';
+	return;
+}
 $rent = trim(strtolower($config['lua']['houseRentPeriod']));
 if($rent != 'yearly' && $rent != 'monthly' && $rent != 'weekly' && $rent != 'daily')
 	$rent = 'never';
@@ -29,7 +33,8 @@ $type = '';
 		{
 			$beds = array("", "one", "two", "three", "fourth", "fifth");
 			$houseName = $_REQUEST['house'];
-			$house = $db->query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName));
+			$houseId = (check_number($_REQUEST['house']) ? $_REQUEST['house'] : -1);
+			$house = $db->query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName) . ' OR `id` = ' . $db->quote($houseId));
 
 			if($house->rowCount() > 0)
 			{
@@ -63,15 +68,18 @@ $type = '';
 						$houseOwner = $house['owner'];
 						if($houseOwner > 0)
 						{
+							$guild = NULL;
 							echo '<br/><br/>The house has been rented by ';
-							if($house['guild'] == 1)
+							if(isset($house['guild']) && $house['guild'] == 1)
 							{
 								$guild = new OTS_Guild();
 								$guild->load($houseOwner);
 								echo getGuildLink($guild->getName());
 							}
 							else
-								echo getCreatureName($houseOwner) . '.';
+								echo getCreatureName($houseOwner);
+
+							echo '.';
 
 							if($rent != 'never' && $house['paid'] > 0)
 							{

system/pages/lastkills.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/lostaccount.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -317,11 +317,14 @@ if($config['mail_enabled'])
 								{
 									$salt = generateRandomString(10, false, true, true);
 									$new_pass_with_salt = $salt . $new_pass;
-									$account->setSalt($salt);
 								}
 								
 								$account->setPassword(encrypt($new_pass_with_salt));
 								$account->save();
+								
+								if($config_salt_enabled)
+									$account->setCustomField('salt', $salt);
+								
 								echo 'Your account name, new password and new e-mail.<BR>
 								<FORM ACTION="?subtopic=accountmanagement" onsubmit="return validate_form(this)" METHOD=post>
 								<INPUT TYPE=hidden NAME="character" VALUE="">

system/pages/movies.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -26,10 +26,6 @@ There are no movies added yet.
 <?php foreach($movies as $movie): ?>
 	<?php echo $movie['title']; ?><br/>
 	Author: <?php echo $movie['author']; ?><br/>
-	<object width="425" height="344">
+	<iframe width="560" height="315" src="https://www.youtube.com/embed/<?php echo $movie['youtube_id']; ?>" frameborder="0" allowfullscreen></iframe><br/><br/>
-		<param name="movie" value="http://www.youtube.com/v/<?php echo $movie['youtube_id']; ?>&hl=pl&fs=1&color1=0x3a3a3a&color2=0x999999"></param>
-		<param name="allowFullScreen" value="true"></param>
-		<embed src="http://www.youtube.com/v/<?php echo $movie['youtube_id']; ?>&hl=pl&fs=1&color1=0x3a3a3a&color2=0x999999" type="application/x-shockwave-flash" allowfullscreen="true" width="425" height="344"></embed>
-	</object><br/><br/>';
 <?php endforeach; ?>
 </center>

system/pages/news.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -94,13 +94,12 @@ $title = 'Latest News';
 
 $news_cached = false;
 // some constants, used mainly by database (cannot by modified without schema changes)
-define('NEWS', 1);
+define('TITLE_LIMIT', 100);
-define('TICKET', 2);
+define('BODY_LIMIT', 65535); // maximum news body length
-define('ARTICLE', 3);
-
-define('BODY_LIMIT', 10000); // maximum news body length
 
 $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
+if($canEdit)
+	echo '<script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>';
 if($canEdit)
 {
 	if(!empty($action))
@@ -141,11 +140,12 @@ if($canEdit)
 				$player_id = $news['player_id'];
 			}
 			else {
-				News::update($id, $p_title, $body, $type, $category, $player_id, $comments);
+				if(News::update($id, $p_title, $body, $type, $category, $player_id, $comments, $errors)) {
 					$action = $p_title = $body = $comments = '';
 					$type = $category = $player_id = 0;
 				}
 			}
+		}
 		else if($action == 'hide') {
 			News::toggleHidden($id, $errors);
 		}
@@ -212,7 +212,7 @@ if(!$news_cached)
 				  <span class="NewsTickerDate">'.date("j M Y", $news['date']).' -</span>
 				  <div id="TickerEntry-'.$rows.'-ShortText" class="NewsTickerShortText">';
 			//if admin show button to delete (hide) ticker
-			$tickers_to_add .= short_text($news['body'], 60).'</div>
+			$tickers_to_add .= short_text(strip_tags($news['body']), 100).'</div>
 				  <div id="TickerEntry-'.$rows.'-FullText" class="NewsTickerFullText">';
 			//if admin show button to delete (hide) ticker
 			$tickers_to_add .= $news['body'] . $admin_options . '</div>
@@ -298,7 +298,7 @@ if(!$news_cached)
 
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td><b>Title:</b></td>
-				<td><input name="title" value="<?php echo (isset($p_title) ? $p_title : ''); ?>" size="50" maxlength="50"/></td>
+				<td><input name="title" value="<?php echo (isset($p_title) ? $p_title : ''); ?>" size="50" maxlength="100"/></td>
 			</tr>
 
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
@@ -371,7 +371,9 @@ if(!$news_cached)
 					<?php endforeach; ?>
 				</td>
 			</tr>
-
+<?php
+			if($action == ''):
+?>
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td><b>Create forum thread in section:</b></td>
 				<td>
@@ -384,7 +386,9 @@ if(!$news_cached)
 					</select>
 				</td>
 			</tr>
-
+<?php
+			endif;
+?>
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td align="right">
 					<input type="submit" value="Submit"/>
@@ -461,21 +465,34 @@ else
 
 class News
 {
+	static public function verify($title, $body, &$errors)
+	{
+		if(!isset($title[0]) || !isset($body[0])) {
+			$errors[] = 'Please fill all inputs.';
+			return false;
+		}
+
+		if(strlen($title) > TITLE_LIMIT) {
+			$errors[] = 'News title cannot be longer than ' . TITLE_LIMIT . ' characters.';
+			return false;
+		}
+	
+		if(strlen($body) > BODY_LIMIT) {
+			$errors[] = 'News content cannot be longer than ' . BODY_LIMIT . ' characters.';
+			return false;
+		}
+		
+		return true;
+	}
+
 	static public function add($title, $body, $type, $category, $player_id, $comments, &$errors)
 	{
 		global $db;
-		if(strlen($body) <= BODY_LIMIT)
+		if(!News::verify($title, $body, $errors))
-		{
+			return false;
-			if(isset($title[0]) && isset($body[0])) {
-				$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments));
-			}
-			else
-				$errors[] = 'Please fill all inputs.';
-		}
-		else
-			$errors[] = 'News content cannot be longer than ' . BODY_LIMIT . ' characters.';
 
-		return !count($errors);
+		$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments));
+		return true;
 	}
 
 	static public function get($id) {
@@ -483,9 +500,14 @@ class News
 		return $db->select(TABLE_PREFIX . 'news', array('id' => $id));
 	}
 
-	static public function update($id, $title, $body, $type, $category, $player_id, $comments) {
+	static public function update($id, $title, $body, $type, $category, $player_id, $comments, &$errors)
+	{
 		global $db;
+		if(!News::verify($title, $body, $errors))
+			return false;
+
 		$db->update(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'category' => $category, 'last_modified_by' => isset($player_id) ? $player_id : 0, 'last_modified_date' => time(), 'comments' => $comments), array('id' => $id));
+		return true;
 	}
 
 	static public function delete($id, &$errors)

system/pages/newsarchive.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 $_GET['archive'] = true;

system/pages/online.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -42,11 +42,26 @@ if(fieldExist('skull_time', 'players')) {
 	$skull_time = 'skull_time';
 }
 
-$vocs = array(0, 0, 0, 0, 0);
+$outfit_addons = false;
+$outfit = '';
+if($config['online_outfit']) {
+	$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
+	if(fieldExist('lookaddons', 'players')) {
+		$outfit .= ', lookaddons';
+		$outfit_addons = true;
+	}
+}
+
+if($config['online_vocations']) {
+	$vocs = array();
+	foreach($config['vocations'] as $id => $name)
+		$vocs[$id] = 0;
+}
+
 if(tableExist('players_online')) // tfs 1.0
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 else
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`, ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 
 $players = 0;
 $data = '';
@@ -56,28 +71,32 @@ foreach($playersOnline as $player)
 	if($config['online_skulls'])
 	{
 		if($player['skulltime'] > 0 && $player['skull'] == 3)
-			$skull = ' <img style="border: 0;" src="images/whiteskull.gif"/>';
+			$skull = ' <img style="border: 0;" src="images/white_skull.gif"/>';
 		elseif($player['skulltime'] > 0 && $player['skull'] == 4)
-			$skull = ' <img style="border: 0;" src="images/redskull.gif"/>';
+			$skull = ' <img style="border: 0;" src="images/red_skull.gif"/>';
 		elseif($player['skulltime'] > 0 && $player['skull'] == 5)
-			$skull = ' <img style="border: 0;" src="images/blackskull.gif"/>';
+			$skull = ' <img style="border: 0;" src="images/black_skull.gif"/>';
 	}
 
 	if(isset($player['promotion'])) {
 		if((int)$player['promotion'] > 0)
-			$player['vocation'] + ($player['promotion'] * 4);
+			$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
 	}
 
 	$data .= '<tr bgcolor="' . getStyle(++$players) . '">';
 	if($config['account_country'])
 		$data .= '<td>' . getFlagImage($player['country']) . '</td>';
 
+	if($config['online_outfit'])
+		$data .= '<TD WIDTH=5%><img style="position:absolute;margin-top:' . (in_array($player['looktype'], array(75, 266, 302)) ? '-20px;margin-left:-0px;' : '-45px;margin-left:-25px;') . '" src="' . $config['outfit_images_url'] . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] . '" alt="" /></td>';
+
 	$data .= '<td>' . getPlayerLink($player['name']) . $skull . '</td>
 		<td>'.$player['level'].'</td>
 		<td>'.$config['vocations'][$player['vocation']].'</td>
 	</tr>';
 
-	$vocs[$player['vocation']]++;
+	if($config['online_vocations'])
+		$vocs[($player['vocation'] > $config['vocations_amount'] ? $player['vocation'] - $config['vocations_amount'] : $player['vocation'])]++;
 }
 
 if(!$players): ?>
@@ -122,6 +141,8 @@ if(!$players): ?>
 			else if(tableExist('server_config')) { // tfs 1.0
 				$query = $db->query('SELECT `value` as `record` FROM `server_config` WHERE `config` = ' . $db->quote('players_record'));
 			}
+			else
+				$query = NULL;
 
 			if(isset($query) && $query->rowCount() > 0)
 			{
@@ -167,9 +188,9 @@ if($config['online_vocations']): ?>
 			</tr>
 
 		<?php
-			for($i = 1; $i < 5; $i++)
+			for($i = 1; $i <= $config['vocations_amount']; $i++)
 			echo '<tr bgcolor="' . getStyle($i) . '">
-				<td width="25%">' . $config['vocations'][0][$i] . '</td>
+				<td width="25%">' . $config['vocations'][$i] . '</td>
 				<td width="75%">' . $vocs[$i] . '</td>
 			</tr>';
 			?>
@@ -182,9 +203,9 @@ if($config['online_skulls']): ?>
 	<table width="100%" cellspacing="1">
 		<tr>
 			<td style="background: <?php echo $config['darkborder']; ?>;" align="center">
-				<img src="images/whiteskull.gif"/> - 1 - 6 Frags<br/>
+				<img src="images/white_skull.gif"/> - 1 - 6 Frags<br/>
-				<img src="images/redskull.gif"/> - 6+ Frags or Red Skull<br/>
+				<img src="images/red_skull.gif"/> - 6+ Frags or Red Skull<br/>
-				<img src="images/blackskull.gif"/> - 10+ Frags or Black Skull
+				<img src="images/black_skull.gif"/> - 10+ Frags or Black Skull
 			</td>
 		</tr>
 	</table>
@@ -195,6 +216,9 @@ if($config['online_skulls']): ?>
 		<?php if($config['account_country']): ?>
 		<td width="11px"><a href="?subtopic=online&order=country" class="white">#</A></td>
 		<?php endif; ?>
+		<?php if($config['online_outfit']): ?>
+		<td class="white"><b>Outfit</b></td>
+		<?php endif; ?>
 		<td width="60%"><a href="?subtopic=online&order=name" class="white">Name</A></td>
 		<td width="20%"><a href="?subtopic=online&order=level" class="white">Level</A></td>
 		<td width="20%"><a href="?subtopic=online&order=vocation" class="white">Vocation</td>
@@ -205,7 +229,31 @@ if($config['online_skulls']): ?>
 endif;
 
 //search bar
-echo '<BR><FORM ACTION="?subtopic=characters" METHOD=post>  <TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4><TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Search Character</B></TD></TR><TR><TD BGCOLOR="'.$config['darkborder'].'"><TABLE BORDER=0 CELLPADDING=1><TR><TD>Name:</TD><TD><INPUT NAME="name" VALUE=""SIZE=29 MAXLENGTH=29></TD><TD><INPUT TYPE=image NAME="Submit" SRC="'.$template_path.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18></TD></TR></TABLE></TD></TR></TABLE></FORM>';
+echo '<br/>
+<FORM ACTION="?subtopic=characters" METHOD=post>
+	<TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4>
+		<TR>
+			<TD BGCOLOR="'.$config['vdarkborder'].'" class="white">
+				<B>Search Character</B>
+			</TD>
+		</TR>
+		<TR>
+			<TD BGCOLOR="'.$config['darkborder'].'">
+				<TABLE BORDER=0 CELLPADDING=1>
+					<TR>
+						<TD>Name:</TD>
+						<TD>
+							<INPUT NAME="name" VALUE=""SIZE=29 MAXLENGTH=29>
+						</TD>
+						<TD>
+							<INPUT TYPE=image NAME="Submit" SRC="'.$template_path.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18>
+						</TD>
+					</TR>
+				</TABLE>
+			</TD>
+		</TR>
+	</TABLE>
+</FORM>';
 
 /* temporary disable it - shows server offline
 // update online players counter

system/pages/polls.php

@@ -3,17 +3,19 @@
  * Polls
  *
  * @package   MyAAC
- * @author    Gesior <jerzyskalski@wp.pl>
+ * @author    Averatec <pervera.pl & otland.net>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Polls';
 
-/* Polls System By Averatec from pervera.pl & otland.net
+/* Polls System By Averatec from pervera.pl & otland.net */
 
+if(!tableExist('z_polls'))
+	$db->query('
 CREATE TABLE `z_polls` (
   `id` int(11) NOT NULL auto_increment,
   `question` varchar(255) NOT NULL,
@@ -23,17 +25,19 @@ CREATE TABLE `z_polls` (
   `answers` int(11) NOT NULL,
   `votes_all` int(11) NOT NULL,
   PRIMARY KEY  (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;');
 
-CREATE TABLE `z_polls_answers` (
+if(!tableExist('z_polls_answers'))
+$db->query('
+	CREATE TABLE `z_polls_answers` (
   `poll_id` int(11) NOT NULL,
   `answer_id` int(11) NOT NULL,
   `answer` varchar(255) NOT NULL,
   `votes` int(11) NOT NULL
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;');
 
-ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;
+if(!fieldExist('vote', 'accounts'))
-*/
+	$db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;');
 
 function getColorByPercent($percent)
 {
@@ -46,7 +50,8 @@ function getColorByPercent($percent)
 
 	return '';
 }
-
+	$number_of_rows = 0;
+	$showed = false;
     $link = "polls"; // your link to polls in index.php
     $dark = $config['darkborder'];
     $light = $config['lightborder'];
@@ -54,7 +59,7 @@ function getColorByPercent($percent)
     $POLLS = $db->query('SELECT * FROM '.$db->tableName('z_polls').'');
     $level = 20; // need level to vote
 
-    if(empty($_REQUEST['id']) and $_REQUEST['control'] != "true")  // list of polls
+    if(empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))  // list of polls
     {
         $active = $db->query('SELECT * FROM `z_polls` where `end` > '.$time.''); // active polls
         $closed = $db->query('SELECT * FROM `z_polls` where `end` < '.$time.' order by `end` desc'); // closed polls
@@ -62,6 +67,7 @@ function getColorByPercent($percent)
         echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Active Polls</B></TD></TR>';
         echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
         $bgcolor = getStyle($number_of_rows++);
+		$empty_active = false;
         foreach($active as $poll)
         {
             echo '
@@ -90,6 +96,7 @@ function getColorByPercent($percent)
         echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Closed Polls</B></TD></TR>';
         echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
 		$bgcolor = getStyle($number_of_rows++);
+		$empty_closed = false;
         foreach($closed as $poll)
         {
             echo '
@@ -124,6 +131,7 @@ function getColorByPercent($percent)
 	}
 
     /* Checking Account */
+	$allow = false;
     $account_players = $account_logged->getPlayers();
     foreach($account_players as $player)
     {
@@ -132,7 +140,7 @@ function getColorByPercent($percent)
         $allow=true;
     }
 
-    if(!empty($_REQUEST['id']) and $_REQUEST['control'] != "true")
+    if(!empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
     {
         foreach($POLLS as $POLL)
         {
@@ -186,7 +194,7 @@ function getColorByPercent($percent)
 
                 if($POLL['end'] > $time) // active poll
                 {
-                    if($_REQUEST['vote'] == true and $allow == true)
+                    if(isset($_REQUEST['vote']) && $_REQUEST['vote'] == true and $allow == true)
                     {
                         if($account_logged->getCustomField('vote') < $_REQUEST['id'] and !empty($_POST['answer']))
                         {
@@ -305,15 +313,16 @@ function getColorByPercent($percent)
         }
     }
 
-    if(admin() and $_REQUEST['control'] != "true")
+    if(admin() && (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
     {
         echo '<br><a href="?subtopic='.$link.'&control=true"><b>Panel Control</b></a><br><br>';
     }
 
     /* Control Panel - Only Add Poll Function */
 
-    if(admin() and $_REQUEST['control'] == "true")
+    if(admin() && isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
     {
+		$show = false;
         if(isset($_POST['submit']))
         {
             $_SESSION['answers'] = $_POST['answers'];

system/pages/records.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/rules.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.2.4
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');