some fixed and new features

* added outfit shower, in characters, online, and highscores
* updated database to version 2
* fixed item images (now using item-images.ots.me host by default)
* fixed news ticket and posting long newses
(https://otland.net/threads/myaac-v0-0-1.251454/page-5#post-2442026)
* news body limit increased to 65535 (mysql text field)
* removed some unused code from my old server
* added spells & monsters to kathrine template

CHANGELOG

@@ -0,0 +1,80 @@
+[0.1.3 - 11.05.2017]
+	- this is just release to update version number
+
+[0.1.2 - 11.05.2017]
+	- forgot to update CHANGELOG and MYAAC_VERSION
+
+[0.1.1 - 11.05.2017]
+	- fixed updating myaac_config with database_version to 1
+	- fixed database updater
+
+[0.1.0 - 11.05.2017]
+	- added new feature: change character name for premium points (disabled by default, you can enable it in config under account_change_character_name in config.php)
+	- added automatic database updater (data migrations)
+	- renamed events to hooks
+	- moved hooks to database
+	- now you can use hooks in plugins
+	- set account.type field to 5 on install, if TFS 1.0+
+	- added example plugin
+	- new, latest google analytics code
+	- fixed bug with loading account.name that has numbers in it
+	- fixed many bugs in player editor in admin panel
+	- added error handling to plugin manager and some more verification in
+	- file has been correctly unpacked/uploaded
+	- fixed Statistics page in admin panel when using account.number
+	- fixed bug when creating/recovering account on servers with
+	- account.salt field (TFS 0.3 for example)
+	- fixed forum showing thread with html tags (added from news manager)
+	- new, latest code for youtube videos in movies page
+	- fixed showing vocation images when using $config['online_vocations_images']
+	- many fixes in polls (also importing proper schema)
+	- fixed hovering on buttons in kathrine template (on accountmanagement page)
+	- fixed signatures (many fixes)
+	- added missing gesior signature system
+
+[0.0.6 - 06.05.2017]
+	- fixed bug while installing (https://otland.net/threads/myaac-v0-0-1.251454/page-3#post-2440543)
+	- fixed bug when creating character (not showing errors) (one more time)
+	- fixed support for TFS 0.2 series
+	- added FAQ link
+	
+[0.0.5 - 05.05.2017]
+	- fixed bug when creating character (not showing errors)
+	- Fixed characters loading with names that has been created with other AAC
+	- fixed links to shop in default template
+	- fixed some weird PHP 7.1 warnings/notices
+	- Fixed config loading with some weird comments
+	- fixed bug with status info utf8 encoding (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440259)
+	- fixed when ip in log_action is NULL (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440357)
+	- fixed bug when guild doesn't exist on characters page (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440320)
+	- disabled friendly_urls by default
+	- fixes when $config['database_*'] is set
+	- added CHANGELOG
+
+[0.0.3 - 03.05.2017]
+	- Full support for OTHire 0.0.3
+	- added support for otservers that doesn't use account.name field, instead just account number will be used
+	- fixed encryption detection on TFS 0.3
+	- fixed bug when server_config table doesn't exist
+	- (install) moved admin account creation to new step
+	- fixed news comment link
+	- by default, the installer creates now the Admin player, for admin account
+	- fixed installation errors
+	- fixed config.lua loading with some weird comments
+
+[0.0.2 - 02.05.2017]
+	- updated forum links to use friendly_urls
+	- some more info will be shown when cannot connect to database
+	- show more error infos when creating character
+	- fixed forum link on newses
+	- fixed spells loading when there's vocation name instead of id
+	- fixed bug when you have changed template but it doesn't exist anymore
+	- fixed vocations with promotion loading
+	- fixed support for gesior pages and templates
+	- added function OTS_Acount:getGroupId()
+
+[0.0.1 - 01.05.2017]
+	This is first official release of MyAAC.
+	Features are listed here
+
+	For more information, see the release announcement on OTLand: https://otland.net/threads/myaac-v0-0-1.251454/

README

@@ -1,41 +0,0 @@
-MyAAC 0.0.1 - http://www.my-aac.org
-
-REQUIREMENTS
-=====================================
-	- PHP 5.1.0 or later
-	- MySQL database
-	- (optional) mod_rewrite to use friendly_urls
-
-INSTALLATION AND CONFIGURATION
-=====================================
-	Just decompress and untar the source (which you should have done by now,
-	if you're reading this), into your webserver's document root.
-
-	MyAAC needs proper permissions to handle files correctly.
-	If you're using apache2, then your directory needs to have owner set to: www-data, you can do it by using following command:
-		chown -R www-data.www-data /var/www/*
-			(or any other path your MyAAC installation is located at..)
-
---------------------------
-		Note: Linux only
-		If you're under linux use these commands to set proper permissions:
-			chmod 660 config.local.php
-			chmod 660 images/guilds
-			chmod 660 images/houses
-			chmod 660 images/screenshots
---------------------------
-
-	Visit http://your_domain/install (http://localhost/install) and follow instructions in the browser.
-
-KNOWN PROBLEMS
-=====================================
-	- none -
-
-OTHER NOTES
-=====================================
-	If you have a great idea or want contribute to the project - visit our website at http://www.my-aac.org
-
-LICENSING
-=====================================
-	This program and all associated files are released under the GNU Public
-	License, see LICENSE for details.

admin/index.php

@@ -1 +1 @@
-<?php
+<?php

common.php

@@ -21,13 +21,14 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.0.3');
+define('MYAAC_VERSION', '0.1.3');
+define('DATABASE_VERSION', 2);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : 'LINUX');

config.php

@@ -13,7 +13,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 
@@ -28,7 +28,7 @@ $config = array(
 	// used for the Downloads page and some templates aswell
 	'client' => 1098, // 954 = client 9.54
 
-	'friendly_urls' => false, // mod_rewrite is required for this, it makes links looks more elegant to eye, and also are SEO friendly (example: http://my-aac.org/guilds/Testing instead of http://my-aac.org/?subtopic=guilds&name=Testing)
+	'friendly_urls' => false, // mod_rewrite is required for this, it makes links looks more elegant to eye, and also are SEO friendly (example: http://my-aac.org/guilds/Testing instead of http://my-aac.org/?subtopic=guilds&name=Testing). Remember to rename .htaccess.dist to .htaccess
 	'gzip_output' => false, // gzip page content before sending it to the browser, uses less bandwidth but more cpu cycles
 
 	// gesior backward support (templates & pages)
@@ -59,7 +59,7 @@ $config = array(
 
 	// cache system. by default file cache is used
 	'cache_engine' => 'auto', // apc, eaccelerator, xcache, file, auto, or blank to disable.
-	'cache_prefix' => 'myaac_', // have to be unique if running more MyAAC instances on the same server, ignored when using file cache.
+	'cache_prefix' => 'myaac_', // have to be unique if running more MyAAC instances on the same server
 
 	// database details (leave blank for auto detect from config.lua)
 	'database_host' => '',
@@ -75,6 +75,10 @@ $config = array(
 		//'2' => 'Your Second World Name'
 	),
 
+	// items
+	'outfit_images_url' => 'http://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
+	'item_images_url' => 'http://item-images.ots.me/960/', // set to images/items if you host your own items in images folder
+
 	// account
 	'account_management' => true, // disable if you're using other method to manage users (fe. tfs account manager)
 	'account_mail_verify' => false, // force users to confirm their email addresses when registering account
@@ -84,14 +88,17 @@ $config = array(
 	'account_welcome_mail' => true, // send welcome email when user registers
 	'account_mail_change' => 2, // how many days user need to change email to account - block hackers
 	'account_country' => true, // user will be able to set country of origin when registering account, this information will be viewable in others places aswell
+	'account_change_character_name' => false, // can user change their character name for premium points?
+	'account_change_character_name_points' => 30, // cost of name change
+	'characters_per_account' => 10,	// max. number of characters per account
 
 	// mail
 	'mail_enabled' => false, // is aac maker configured to send e-mails?
 	'mail_address' => 'no-reply@your-server.org', // server e-mail address (from:)
 	'mail_admin' => 'your-address@your-server.org', // admin email address, where mails from contact form will be sent
 	'mail_signature' => array( // signature that will be included at the end of every message sent using _mail function
-		'plain' => "--\nMy Server,\nhttp://www.myserver.com",
+		'plain' => ''/*'--\nMy Server,\nhttp://www.myserver.com'*/,
-		'html' => '<br/>My Server,\n<a href="http://www.myserver.com">myserver.com</a>'
+		'html' => ''/*'<br/>My Server,\n<a href="http://www.myserver.com">myserver.com</a>'*/
 	),
 	'smtp_enabled' => false, // send by smtp or mail function (set false if use mail function)
 	'smtp_host' => '', // mail host
@@ -131,8 +138,6 @@ $config = array(
 		1 => 'Sample town'
 	),
 
-	'characters_per_account' => 10,	// max. number of characters per account
-
 	// guilds
 	'guild_management' => true, // enable guild management system on the site?
 	'guild_need_level' => 1, // min. level to form a guild
@@ -153,6 +158,7 @@ $config = array(
 	'online_vocations' => false, // display vocation statistics?
 	'online_vocations_images' => false, // display vocation images?
 	'online_skulls' => false, // display skull images
+	'online_outfit' => true,
 	'online_afk' => false,
 
 	// support list page
@@ -169,6 +175,7 @@ $config = array(
 	'highscores_vocation_box' => true, // show 'Choose a vocation' box on the highscores (allowing peoples to sort highscores by vocation)?
 	'highscores_vocation' => true, // show player vocation under his nickname?
 	'highscores_frags' => false, // show 'Frags' tab (best fraggers on the server)? Only 0.3
+	'highscores_outfit' => true, // show player outfit?
 	'highscores_country_box' => false, // doesnt work yet! (not implemented)
 	'highscores_groups_hidden' => 4, // this group id and higher won't be shown on the highscores
 
@@ -179,6 +186,7 @@ $config = array(
 		'magic_level' => false,
 		'balance' => false,
 		'marriage_info' => true, // only 0.3
+		'outfit' => true,
 		'creation_date' => true,
 		'quests' => true,
 		'skills' => true,

install/includes/locale.php

@@ -18,7 +18,7 @@ else
 	// detect locale
 	$locale_s = get_browser_languages();
 	if(!sizeof($locale_s))
-		$locale__ = 'en';
+		$locale_ = 'en';
 	else
 	{
 		foreach($locale_s as $id => $tmp)

install/includes/schema.sql

@@ -1,9 +1,9 @@
 CREATE TABLE `myaac_account_actions`
 (
   `account_id` INT(11) NOT NULL,
-  `ip` INT(11) NOT NULL,
+  `ip` INT(11) NOT NULL DEFAULT 0,
-  `date` INT(11) NOT NULL,
+  `date` INT(11) NOT NULL DEFAULT 0,
-  `action` VARCHAR(255) NOT NULL,
+  `action` VARCHAR(255) NOT NULL DEFAULT '',
   KEY (`account_id`)
 ) ENGINE = MyISAM;
 
@@ -55,12 +55,13 @@ CREATE TABLE `myaac_config`
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE = MyISAM;
+INSERT INTO `myaac_config` (`id`, `name`, `value`) VALUES (NULL, 'database_version', '1');
 
 CREATE TABLE `myaac_faq`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
 	`question` VARCHAR(255) NOT NULL DEFAULT '',
-	`answer` VARCHAR(1020) NOT NULL,
+	`answer` VARCHAR(1020) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
@@ -105,6 +106,15 @@ CREATE TABLE `myaac_forum`
 	KEY `section` (`section`)
 ) ENGINE = MyISAM;
 
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+
 CREATE TABLE `myaac_monsters` (
 	`hide_creature` tinyint(1) NOT NULL default '0',
 	`name` varchar(255) NOT NULL,
@@ -125,7 +135,7 @@ CREATE TABLE `myaac_monsters` (
 CREATE TABLE `myaac_movies`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(50) NOT NULL DEFAULT '',
+	`title` VARCHAR(100) NOT NULL DEFAULT '',
 	`youtube_id` VARCHAR(20) NOT NULL,
 	`author` VARCHAR(50) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
@@ -136,8 +146,8 @@ CREATE TABLE `myaac_movies`
 CREATE TABLE `myaac_news`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(50) NOT NULL,
+	`title` VARCHAR(100) NOT NULL,
-	`body` VARCHAR(10000) NOT NULL,
+	`body` TEXT NOT NULL,
 	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticket, 3 - article',
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`category` TINYINT(1) NOT NULL DEFAULT 0,

install/steps/database.php

@@ -213,10 +213,10 @@ if(!$error) {
 		if(!$error && (!isset($_SESSION['saved']))) {
 			$content .= '$config[\'installed\'] = true;';
 			$content .= PHP_EOL;
-			if(strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) {
+		//	if(strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) {
-				$content .= '$config[\'friendly_urls\'] = true;';
+		//		$content .= '$config[\'friendly_urls\'] = true;';
-				$content .= PHP_EOL;
+		//		$content .= PHP_EOL;
-			}
+		//	}
 
 			$content .= '$config[\'mail_enabled\'] = true;';
 			$content .= PHP_EOL;

install/steps/finish.php

@@ -62,16 +62,19 @@ else {
 		}
 
 		if($account_db->isLoaded()) {
-			if($config_salt_enabled)
-				$account_db->setSalt($salt);
-			
 			$account_db->setPassword(encrypt($password));
 			$account_db->setEMail($_SESSION['var_mail_admin']);
 			$account_db->save();
+			
+			if($config_salt_enabled)
+				$account_db->setCustomField('salt', $salt);
+			
 			$account_db->setCustomField('web_flags', 3);
 			$account_db->setCustomField('country', 'us');
 			if(fieldExist('group_id', 'accounts'))
 				$account_db->setCustomField('group_id', $groups->getHighestId());
+			if(fieldExist('type', 'accounts'))
+				$account_db->setCustomField('type', 5);
 
 			if(!$player_db->isLoaded())
 				$player->setAccountId($account_db->getId());
@@ -84,18 +87,23 @@ else {
 			$new_account = $ots->createObject('Account');
 			$new_account->create($account);
 			
-			if($config_salt_enabled)
-				$new_account->setSalt($salt);
-			
 			$new_account->setPassword(encrypt($password));
 			$new_account->setEMail($_SESSION['var_mail_admin']);
+			
 			$new_account->unblock();
 			$new_account->save();
+			
+			if($config_salt_enabled)
+				$new_account->setCustomField('salt', $salt);
+			
 			$new_account->setCustomField('created', time());
 			$new_account->setCustomField('web_flags', 3);
 			$new_account->setCustomField('country', 'us');
 			if(fieldExist('group_id', 'accounts'))
 				$new_account->setCustomField('group_id', $groups->getHighestId());
+			if(fieldExist('type', 'accounts'))
+				$new_account->setCustomField('type', 5);
+
 			$new_account->logAction('Account created.');
 			
 			if(!$player_db->isLoaded())

plugins/example.json

@@ -0,0 +1,14 @@
+{
+     "name": "Example Plugin",
+	 "description": "This is just an example of a Plugin for MyAAC.",
+     "version": "1.0",
+	 "author": "nobody",
+	 "contact": "nobody@example.org",
+	 "install": "plugins/example/install.php",
+	 "hooks": {
+		"Example Hook": {
+			"type": "BEFORE_PAGE",
+			"file": "plugins/example/before.php"
+		}
+	 }
+ }

system/compat_pages.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/counter.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/database.php

@@ -1,8 +1,20 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 
-	if(isset($config['lua']['sqlType'])) // tfs 0.3
+	if(!isset($config['database_type'][0]) || !isset($config['database_user'][0]) || !isset($config['database_password'][0]) || !isset($config['database_name'][0]))
 	{
+		if(isset($config['lua']['sqlType'])) {// tfs 0.3
+			if(isset($config['lua']['mysqlHost'])) {// tfs 0.2
+				$config['otserv_version'] = TFS_02;
+				$config['database_type'] = 'mysql';
+				$config['database_host'] = $config['lua']['mysqlHost'];
+				$config['database_port'] = $config['lua']['mysqlPort'];
+				$config['database_user'] = $config['lua']['mysqlUser'];
+				$config['database_password'] = $config['lua']['mysqlPass'];
+				$config['database_name'] = $config['lua']['mysqlDatabase'];
+				$config['database_encryption'] = $config['lua']['passwordType'];
+			}
+			else {
 				$config['otserv_version'] = TFS_03;
 				$config['database_type'] = $config['lua']['sqlType'];
 				$config['database_host'] = $config['lua']['sqlHost'];
@@ -15,7 +27,8 @@ defined('MYAAC') or die('Direct access not allowed!');
 				if(!isset($config['database_encryption']) || empty($config['database_encryption'])) // before 0.3.6
 					$config['database_encryption'] = $config['lua']['passwordType'];
 			}
-	else if(isset($config['lua']['mysqlHost'])) // tfs 0.2/1.0
+		}
+		else if(isset($config['lua']['mysqlHost'])) // tfs 1.0
 		{
 			$config['otserv_version'] = TFS_02;
 			$config['database_type'] = 'mysql';
@@ -50,6 +63,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 			$config['database_encryption'] = isset($config['lua']['passwordtype']) ? $config['lua']['passwordtype'] : $config['lua']['password_type'];
 			$config['database_salt'] = isset($config['lua']['passwordsalt']) ? $config['lua']['passwordsalt'] : $config['lua']['password_salt'];
 		}
+	}
 
 	if(isset($config['lua']['useMD5Passwords']) && getBoolean($config['lua']['useMD5Passwords']))
 		$config['database_encryption'] = 'md5';

system/events.php

@@ -1,61 +0,0 @@
-<?php
-/**
- * Events system
- *
- * @package   MyAAC
- * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2017 MyAAC
- * @version   0.0.3
- * @link      http://my-aac.org
- */
-defined('MYAAC') or die('Direct access not allowed!');
-class Event
-{
-	private $_name, $_type, $_callback;
-
-	public function __construct($name, $type, $callback) {
-		$this->_name = $name;
-		$this->_type = $type;
-		$this->_callback = $callback;
-	}
-
-	public function execute($params)
-	{
-		$ret = false;
-		if(is_callable($this->_callback))
-		{
-			$tmp = $this->_callback;
-			$ret = $tmp($params);
-		}
-
-		return $ret;
-	}
-
-	public function name() {return $this->_name;}
-	public function type() {return $this->_type;}
-}
-
-class Events
-{
-	private static $_events = array();
-
-	public function register($event, $type = '', $callback = null) {
-		if(!($event instanceof Event))
-			$event = new Event($event, $type, $callback);
-
-		self::$_events[$event->type()][] = $event;
-	}
-
-	public function trigger($type, $params = array())
-	{
-		$ret = true;
-		if(isset(self::$_events[$type]))
-		{
-			foreach(self::$_events[$type] as $name => $event)
-				$ret = $event->execute($params);
-		}
-
-		return $ret;
-	}
-}
-?>

system/functions.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -148,7 +148,7 @@ function getItemImage($id, $count = 1)
 		$file_name .= '-' . $count;
 
 	global $config;
-	return '<img src="images/items/' . $file_name . '.gif" width="32" height="32" border="0" alt=" ' .$id . '" />';
+	return '<img src="' . $config['item_images_url'] . $file_name . '.gif" width="32" height="32" border="0" alt=" ' .$id . '" />';
 }
 
 function getFlagImage($country)
@@ -598,6 +598,22 @@ function check_name_new_char($name, &$error = '')
 		}
 	}
 
+	$player = new OTS_Player();
+	$player->find($name);
+	if($player->isLoaded()) {
+		$error = 'Player with this name already exist.';
+		return false;
+	}
+
+	//check if was namelocked previously
+	if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
+		$namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
+		if($namelock->rowCount() > 0) {
+			$error =  'Character with this name has been namelocked.';
+			return false;
+		}
+	}
+			
 	$monsters = $db->query(
 			'SELECT ' . $db->fieldName('name') .
 			' FROM ' . $db->tableName(TABLE_PREFIX . 'monsters') .
@@ -808,8 +824,8 @@ function template_header($is_admin = false)
 	</noscript>
 ';
 	if(admin())
-		$ret .= '<script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>
+		$ret .= '<!--script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>
-	<!--script type="text/javascript" src="' . BASE_URL . 'tools/jquery.qtip.js" ></script>
+	<script type="text/javascript" src="' . BASE_URL . 'tools/jquery.qtip.js" ></script>
 	<script type="text/javascript" src="' . BASE_URL . 'tools/admin.js"></script-->
 ';
 	if($config['recaptcha_enabled'])
@@ -852,18 +868,17 @@ function template_ga_code()
 	if(!isset($config['google_analytics_id'][0]))
 		return '';
 
-	return '
+	return "
-<script type="text/javascript">
+<script>
-	var _gaq = _gaq || [];
+  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
-	_gaq.push([\'_setAccount\', \'' . $config['google_analytics_id'] . '\']);
+  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
-	_gaq.push([\'_trackPageview\']);
+  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
+  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
 
-	(function() {
+  ga('create', '" . $config['google_analytics_id'] . "', 'auto');
-	var ga = document.createElement(\'script\'); ga.type = \'text/javascript\'; ga.async = true;
+  ga('send', 'pageview');
-	ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';
+
-	var s = document.getElementsByTagName(\'script\')[0]; s.parentNode.insertBefore(ga, s);
+</script>";
-	})();
-</script>';
 }
 
 function template_form()
@@ -1199,7 +1214,7 @@ function load_config_lua($filename)
 	if(!@file_exists($config_file))
 		die('ERROR: Cannot find ' . $filename . ' file.');
 
-	$tempFile = tempnam('/tmp', 'lua');
+	$tempFile = @tempnam('/tmp', 'lua');
 	$file = fopen($tempFile, 'w');
 	if(!$file) die('Cannot load server config!');
 

system/hooks.php

@@ -0,0 +1,92 @@
+<?php
+/**
+ * Events system
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @version   0.1.3
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+define('HOOK_STARTUP', 1);
+define('HOOK_BEFORE_PAGE', 2);
+define('HOOK_AFTER_PAGE', 3);
+define('HOOK_FINISH', 4);
+define('HOOK_TIBIACOM_ARTICLE', 5);
+define('HOOK_TIBIACOM_BORDER_3', 6);
+define('HOOK_FIRST', HOOK_STARTUP);
+define('HOOK_LAST', HOOK_TIBIACOM_BORDER_3);
+
+$hook_types = array(
+	'STARTUP' => HOOK_STARTUP,
+	'BEFORE_PAGE' => HOOK_BEFORE_PAGE,
+	'AFTER_PAGE' => HOOK_AFTER_PAGE,
+	'FINISH' => HOOK_FINISH,
+	'TIBIACOM_ARTICLE' => HOOK_TIBIACOM_ARTICLE,
+	'TIBIACOM_BORDER_3' => HOOK_TIBIACOM_BORDER_3
+);
+
+class Hook
+{
+	private $_name, $_type, $_file;
+
+	public function __construct($name, $type, $file) {
+		$this->_name = $name;
+		$this->_type = $type;
+		$this->_file = $file;
+	}
+
+	public function execute($params)
+	{
+		/*if(is_callable($this->_callback))
+		{
+			$tmp = $this->_callback;
+			$ret = $tmp($params);
+		}*/
+		
+		global $db, $config, $template_path, $ots;
+		if(file_exists(BASE . $this->_file)) {
+			require(BASE . $this->_file);
+		}
+
+		return true;
+	}
+
+	public function name() {return $this->_name;}
+	public function type() {return $this->_type;}
+}
+
+class Hooks
+{
+	private static $_hooks = array();
+
+	public function register($hook, $type = '', $file = null) {
+		if(!($hook instanceof Hook))
+			$hook = new Hook($hook, $type, $file);
+
+		self::$_hooks[$hook->type()][] = $hook;
+	}
+
+	public function trigger($type, $params = array())
+	{
+		$ret = true;
+		if(isset(self::$_hooks[$type]))
+		{
+			foreach(self::$_hooks[$type] as $name => $hook)
+				$ret = $hook->execute($params);
+		}
+
+		return $ret;
+	}
+	
+	public function load()
+	{
+		global $db;
+		$hooks = $db->query('SELECT `name`, `type`, `file` FROM `' . TABLE_PREFIX . 'hooks`;');
+		foreach($hooks as $hook)
+			$this->register($hook['name'], $hook['type'], $hook['file']);
+	}
+}
+?>

system/init.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/item.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_apc.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_eaccelerator.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_file.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_xcache.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/data.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/items.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/pot/OTS_Account.php

@@ -187,9 +187,6 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
  */
     public function find($name)
     {
-		if(check_number($name))
-			$this->load((int)$name);
-		
         // finds player's ID
         $id = $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($name) )->fetch();
 
@@ -311,6 +308,25 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
         return $this->data['web_flags'];
     }
 
+	public function hasFlag($flag)
+	{
+		if(!isset($this->data['web_flags'])) {
+			throw new E_OTS_NotLoaded();
+		}
+
+		return ($this->data['web_flags'] & $flag) == $flag;
+	}
+	
+	public function isAdmin()
+	{
+		return $this->hasFlag(FLAG_ADMIN) || $this->isSuperAdmin();
+	}
+
+	public function isSuperAdmin()
+	{
+		return $this->hasFlag(FLAG_SUPER_ADMIN);
+	}
+
     public function getPremDays()
     {
         if( !isset($this->data['lastday']) )
@@ -756,11 +772,18 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			$this->data['banned'] = isset($ban['expires_at']);
 			$this->data['banned_time'] = $ban['expires_at'];
 		}
-		else {
+		else if(tableExist('bans')) {
+			if(fieldExist('active', 'bans')) {
 				$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
 				$this->data['banned'] = $ban['active'];
 				$this->data['banned_time'] = $ban['expires'];
 			}
+			else { // tfs 0.2
+				$ban = $this->db->query('SELECT `time` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `account` = ' . $this->data['id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
+				$this->data['banned'] = $ban['time'] == -1 || $ban['time'] > 0;
+				$this->data['banned_time'] = $ban['time'];
+			}
+		}
     }
 
 /**
@@ -886,13 +909,16 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 	public function logAction($action)
 	{
 		$ip = '127.0.0.1';
-		if(isset($_SERVER['REMOTE_ADDR']) && !empty(($_SERVER['REMOTE_ADDR'])))
+		if(isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR']))
 			$ip = $_SERVER['REMOTE_ADDR'];
-		else if(isset($_SERVER['HTTP_CLIENT_IP']) && !empty(($_SERVER['HTTP_CLIENT_IP'])))
+		else if(isset($_SERVER['HTTP_CLIENT_IP']) && !empty($_SERVER['HTTP_CLIENT_IP']))
 			$ip = $_SERVER['HTTP_CLIENT_IP'];
-		else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty(($_SERVER['HTTP_X_FORWARDED_FOR'])))
+		else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']))
 			$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 			
+		if($ip == NULL)
+			$ip = '0';
+
 		return $this->db->query('INSERT INTO ' . $this->db->tableName(TABLE_PREFIX . 'account_actions') . ' (' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('ip') . ', ' . $this->db->fieldName('date') . ', ' . $this->db->fieldName('action') . ') VALUES (' . $this->db->quote($this->getId()).', INET_ATON(' . $this->db->quote($ip) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
 	}
 

system/libs/pot/OTS_GuildRank.php

@@ -176,7 +176,7 @@ class OTS_GuildRank extends OTS_Row_DAO implements IteratorAggregate, Countable
     {
         if( !isset($this->data['guild_id']) )
         {
-            throw new E_OTS_NotLoaded();
+            return new OTS_Guild();
         }
 
         $guild = new OTS_Guild();

system/libs/pot/OTS_Player.php

@@ -117,7 +117,12 @@ class OTS_Player extends OTS_Row_DAO
     {
 		$loss = '';
 		if(fieldExist('loss_experience', 'players')) {
-			$loss = ', `loss_experience`, `loss_mana`, `loss_skills`, `loss_items`, `loss_containers`';
+			$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
+		}
+		
+		$loss_items = '';
+		if(fieldExist('loss_items', 'players')) {
+			$loss_items = ', `loss_items`, `loss_containers`';
 		}
 		
 		$guild_info = '';
@@ -136,7 +141,7 @@ class OTS_Player extends OTS_Row_DAO
 		}
 	
         // SELECT query on database
-        $this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . (fieldExist('lookaddons', 'players') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull`' . $guild_info . ', `town_id`' . $loss . ', `balance`' . (fieldExist('blessings', 'players') ? ', `blessings`' : '') . (fieldExist('direction', 'players') ? ', `direction`' : '') . (fieldExist('stamina', 'players') ? ', `stamina`' : '') . (fieldExist('world_id', 'players') ? ', `world_id`' : '') . (fieldExist('online', 'players') ? ', `online`' : '') . ', `' . (fieldExist('deletion', 'players') ? 'deletion' : 'deleted') . '`' . (fieldExist('promotion', 'players') ? ', `promotion`' : '') . (fieldExist('marriage', 'players') ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
+        $this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . (fieldExist('lookaddons', 'players') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull`' . $guild_info . ', `town_id`' . $loss . $loss_items . ', `balance`' . (fieldExist('blessings', 'players') ? ', `blessings`' : '') . (fieldExist('direction', 'players') ? ', `direction`' : '') . (fieldExist('stamina', 'players') ? ', `stamina`' : '') . (fieldExist('world_id', 'players') ? ', `world_id`' : '') . (fieldExist('online', 'players') ? ', `online`' : '') . ', `' . (fieldExist('deletion', 'players') ? 'deletion' : 'deleted') . '`' . (fieldExist('promotion', 'players') ? ', `promotion`' : '') . (fieldExist('marriage', 'players') ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 
 		if(!isset($this->data['guildnick']) || $this->data['guildnick'])
 			$this->data['guildnick'] = '';
@@ -278,7 +283,12 @@ class OTS_Player extends OTS_Row_DAO
         {
 			$loss = '';
 			if(fieldExist('loss_experience', 'players')) {
-				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'] . ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
+				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'];
+			}
+			
+			$loss_items = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
 			}
 			
 			$guild_info = '';
@@ -307,7 +317,7 @@ class OTS_Player extends OTS_Row_DAO
 			}
 			
             // UPDATE query on database
-            $this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->data['lastip'] . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
+            $this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->data['lastip'] . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . $loss_items . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
         }
         // creates new player
         else
@@ -315,8 +325,15 @@ class OTS_Player extends OTS_Row_DAO
 			$loss = '';
 			$loss_data = '';
 			if(fieldExist('loss_experience', 'players')) {
-				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`, `loss_items`, `loss_containers`';
+				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
-				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'] . ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
+				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'];
+			}
+
+			$loss_items = '';
+			$loss_items_data = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items`, `loss_containers`';
+				$loss_items_data = ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
 			}
 			
 			$guild_info = '';
@@ -362,7 +379,7 @@ class OTS_Player extends OTS_Row_DAO
 			}
 			
             // INSERT query on database
-            $this->db->query('INSERT INTO ' . $this->db->tableName('players') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('group_id') . ', ' . $this->db->fieldName('sex') . ', ' . $this->db->fieldName('vocation') . ', ' . $this->db->fieldName('experience') . ', ' . $this->db->fieldName('level') . ', ' . $this->db->fieldName('maglevel') . ', ' . $this->db->fieldName('health') . ', ' . $this->db->fieldName('healthmax') . ', ' . $this->db->fieldName('mana') . ', ' . $this->db->fieldName('manamax') . ', ' . $this->db->fieldName('manaspent') . ', ' . $this->db->fieldName('soul') . ', ' . $this->db->fieldName('lookbody') . ', ' . $this->db->fieldName('lookfeet') . ', ' . $this->db->fieldName('lookhead') . ', ' . $this->db->fieldName('looklegs') . ', ' . $this->db->fieldName('looktype') . $lookaddons . ', ' . $this->db->fieldName('posx') . ', ' . $this->db->fieldName('posy') . ', ' . $this->db->fieldName('posz') . ', ' . $this->db->fieldName('cap') . ', `lastlogin`, `lastlogout`, ' . $this->db->fieldName('lastip') . ', ' . $this->db->fieldName('save') . ', ' . $this->db->fieldName('conditions') . ', `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', ' . $this->db->fieldName('town_id') . $loss . ', `balance`' . $blessings . $stamina . $direction . ', ' . $this->db->fieldName('created') . $promotion . ') VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ')');
+            $this->db->query('INSERT INTO ' . $this->db->tableName('players') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('group_id') . ', ' . $this->db->fieldName('sex') . ', ' . $this->db->fieldName('vocation') . ', ' . $this->db->fieldName('experience') . ', ' . $this->db->fieldName('level') . ', ' . $this->db->fieldName('maglevel') . ', ' . $this->db->fieldName('health') . ', ' . $this->db->fieldName('healthmax') . ', ' . $this->db->fieldName('mana') . ', ' . $this->db->fieldName('manamax') . ', ' . $this->db->fieldName('manaspent') . ', ' . $this->db->fieldName('soul') . ', ' . $this->db->fieldName('lookbody') . ', ' . $this->db->fieldName('lookfeet') . ', ' . $this->db->fieldName('lookhead') . ', ' . $this->db->fieldName('looklegs') . ', ' . $this->db->fieldName('looktype') . $lookaddons . ', ' . $this->db->fieldName('posx') . ', ' . $this->db->fieldName('posy') . ', ' . $this->db->fieldName('posz') . ', ' . $this->db->fieldName('cap') . ', `lastlogin`, `lastlogout`, ' . $this->db->fieldName('lastip') . ', ' . $this->db->fieldName('save') . ', ' . $this->db->fieldName('conditions') . ', `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', ' . $this->db->fieldName('town_id') . $loss . $loss_items . ', `balance`' . $blessings . $stamina . $direction . ', ' . $this->db->fieldName('created') . $promotion . ') VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . $loss_items_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ')');
             // ID of new group
             $this->data['id'] = $this->db->lastInsertId();
         }

system/libs/pot/OTS_ServerInfo.php

@@ -75,7 +75,10 @@ class OTS_ServerInfo
             fwrite($socket, $packet);
 
             // reads respond
-            $data = stream_get_contents($socket);
+            //$data = stream_get_contents($socket);
+			$data = ''; 
+			while (!feof($socket))
+				$data .= fgets($socket, 1024);
 
             // closing connection to current server
             fclose($socket);
@@ -121,7 +124,9 @@ class OTS_ServerInfo
         {
             // loads respond XML
             $info = new OTS_InfoRespond();
-            $info->loadXML( $status->getBuffer() );
+            if(!$info->loadXML( utf8_encode($status->getBuffer())))
+				return false;
+
             return $info;
         }
 

system/libs/timer.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/validator.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/visitors.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/login.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/migrations/1.php

@@ -0,0 +1,16 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';");
+	$db->query("
+	CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+");
+
+?>

system/migrations/2.php

@@ -0,0 +1,6 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "faq` MODIFY `answer` VARCHAR(1020) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
+?>

system/pages/404.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/accountmanagement.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -222,7 +222,21 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 				echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="Message" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div><table><tr><td class="LabelV" >Note:</td><td style="width:100%;" >A request has been submitted to change the email address of this account to <b>'.$account_email_new.'</b>. After <b>'.date("j F Y, G:i:s", $account_email_new_time).'</b> you can accept the new email address and finish the process. Please cancel the request if you do not want your email address to be changed! Also cancel the request if you have no access to the new email address!</td></tr></table><div align="center" ><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Edit" alt="Edit" src="'.$template_path.'/images/buttons/_sbutton_edit.gif" ></div></div></td></tr></form></table></div>    </div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/><br/>';
 			}
 		}
-		echo '<a name="General+Information" ></a><div class="TopButtonContainer" ><div class="TopButton" ><a href="#top" >	<img style="border:0px;" src="'.$template_path.'/images/content/back-to-top.gif" /></a></div></div><div class="TableContainer" ><table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >General Information</div><span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" ><div class="TableContentContainer" >    <table class="TableContent" width="100%" ><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Email Address:</td><td style="width:90%;" >'.$account_email.''.$account_email_change.'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Created:</td><td>'.date("j F Y, G:i:s", $account_created).'</td></td><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Last Login:</td><td>'.date("j F Y, G:i:s", time()).'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Account Status:</td><td>'.$account_status.'</td></tr><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Registred:</td><td>'.$account_registred.'</td></tr></table></div></div><div class="TableShadowContainer" ><div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" ><div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div><div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changepassword" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Password" alt="Change Password" src="'.$template_path.'/images/buttons/_sbutton_changepassword.gif" ></div></div></td></tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><input type="hidden" name=newemail value="" ><input type="hidden" name=newemaildate value=0 ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Email" alt="Change Email" src="'.$template_path.'/images/buttons/_sbutton_changeemail.gif" ></div></div></td></tr></form>	</table></td><td width="100%"></td>';
+		echo '<a name="General+Information" ></a><div class="TopButtonContainer" ><div class="TopButton" ><a href="#top" >	<img style="border:0px;" src="'.$template_path.'/images/content/back-to-top.gif" /></a></div></div><div class="TableContainer" ><table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >General Information</div><span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" ><div class="TableContentContainer" >    <table class="TableContent" width="100%" >
+		<tr style="background-color:'.$config['lightborder'].';" >
+			<td class="LabelV" >Account ' . (USE_ACCOUNT_NAME ? 'Name' : 'Number') . ':</td>
+			<td style="width:90%;" >' . (USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()) . '</td>
+		</tr>
+		<tr style="background-color:'.$config['darkborder'].';" >
+			<td class="LabelV" >Email Address:</td>
+			<td style="width:90%;" >'.$account_email.''.$account_email_change.'</td>
+		</tr>
+		<tr style="background-color:'.$config['lightborder'].';" >
+			<td class="LabelV" >Created:</td>
+			<td>'.date("j F Y, G:i:s", $account_created).'</td>
+		</tr>
+		<tr style="background-color:'.$config['darkborder'].';" >
+		<td class="LabelV" >Last Login:</td><td>'.date("j F Y, G:i:s", time()).'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Account Status:</td><td>'.$account_status.'</td></tr><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Registred:</td><td>'.$account_registred.'</td></tr></table></div></div><div class="TableShadowContainer" ><div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" ><div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div><div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changepassword" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Password" alt="Change Password" src="'.$template_path.'/images/buttons/_sbutton_changepassword.gif" ></div></div></td></tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><input type="hidden" name=newemail value="" ><input type="hidden" name=newemaildate value=0 ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Email" alt="Change Email" src="'.$template_path.'/images/buttons/_sbutton_changeemail.gif" ></div></div></td></tr></form>	</table></td><td width="100%"></td>';
 		//show button "register account"
 		if(empty($account_reckey))
 			echo '<td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=registeraccount" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Register Account" alt="Register Account" src="'.$template_path.'/images/buttons/_sbutton_registeraccount.gif" ></div></div></td></tr></form></table></td>';
@@ -258,7 +272,37 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 				echo '<td><font color="green"><b>Online</b></font></td>';
 			echo '<td>[<a href="?subtopic=accountmanagement&action=changecomment&name='.urlencode($account_player->getName()).'" >Edit</a>]</td></tr>';
 		}
-		echo '</table>  </div></div><div class="TableShadowContainer" >  <div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" >    <div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div>    <div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Create Character" alt="Create Character" src="'.$template_path.'/images/buttons/_sbutton_createcharacter.gif" ></div></div></td></tr></form></table></td><td style="width:100%;" ></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=deletecharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Delete Character" alt="Delete Character" src="'.$template_path.'/images/buttons/_sbutton_deletecharacter.gif" ></div></div></td></tr></form></table></td></tr></table></td></tr>          </table>        </div>  </table></td></div></tr><br/><br/>';
+		echo '</table>  </div></div><div class="TableShadowContainer" >  <div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" >    <div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div>    <div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=createcharacter" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Create Character" alt="Create Character" src="'.$template_path.'/images/buttons/_sbutton_createcharacter.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		if($config['account_change_character_name']) {
+			echo '
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=changename" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Change Name" alt="Change Name" src="'.$template_path.'/images/buttons/_sbutton_change_name.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		}
+		echo '
+		<td style="width:100%;" ></td>
+		<td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=deletecharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Delete Character" alt="Delete Character" src="'.$template_path.'/images/buttons/_sbutton_deletecharacter.gif" ></div></div></td></tr></form></table></td></tr></table></td></tr>          </table>        </div>  </table></td></div></tr><br/><br/>';
 	}
 //########### CHANGE PASSWORD ##########
 	if($action == "changepassword") {
@@ -682,6 +726,105 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 		}
 	}
 
+//### DELETE character from account ###
+	if($action == "changename") {
+		echo '<script type="text/javascript" src="tools/check_name.js"></script>';
+		
+		$name_changed = false;
+		$player_id = isset($_POST['player_id']) ? $_POST['player_id'] : NULL;
+		$newcharname = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL;
+		if((!$config['account_change_character_name']))
+			echo 'You cant change your character name';
+		else
+		{
+			$points = $account_logged->getCustomField('premium_points');
+			if(isset($_POST['changenamesave']) && $_POST['changenamesave'] == 1) {
+				if($points < $config['account_change_character_name_points'])
+					$errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have <b>'.$points.'<b> premium points.';
+	
+				if(empty($errors) && empty($newcharname))
+					$errors[] = 'Please enter a name for your character!';
+
+				if(empty($errors) && strlen($newcharname) > 25)
+					$errors[] = 'Name is too long. Max. lenght <b>25</b> letters.';
+				else if(empty($errors) && strlen($newcharname) < 3)
+					$errors[] = 'Name is too short. Min. lenght <b>25</b> letters.';
+				
+				if(empty($errors))
+				{
+					$error = '';
+					if(!admin() && !check_name_new_char($newcharname, $error))
+						$errors[] = $error;
+				}
+				
+				if(empty($errors)) {
+					$player = $ots->createObject('Player');
+					$player->load($player_id);
+					if($player->isLoaded()) {
+						$player_account = $player->getAccount();
+						if($account_logged->getId() == $player_account->getId()) {
+							if($player->isOnline()) {
+								$errors[] = 'This character is online.';
+							}
+							
+							if(empty($errors)) {
+								$name_changed = true;
+								$old_name = $player->getName();
+								$player->setName($newcharname);
+								$player->save();
+								$account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']);
+								$account_logged->logAction('Changed name from <b>' . $old_name . '</b> to <b>' . $player->getName() . '</b>.');
+								echo '<div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Character Name Changed</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td>The character <b>'.$old_name.'</b> name has been changed to <b>' . $player->getName() . '</b>.</td></tr>          </table>        </div>  </table></div></td></tr><br><center><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></center>';
+							}
+							else
+							{
+								$errors[] = 'Character <b>'.$player_name.'</b> is not on your account.';
+							}
+						}
+					}
+					else
+					{
+						$errors[] = 'Character with this name doesn\'t exist.';
+					}
+				}
+			}
+
+			if(!$name_changed) {
+				if(!empty($errors)) {
+					echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div><b>The Following Errors Have Occurred:</b><br/>';
+					foreach($errors as $errors) {
+							echo '<li>'.$errors;
+					}
+					echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
+				}
+				echo 'To change a name of character select player and choose a new name.<br/>
+				<font color="red">Change name cost ' . $config['account_change_character_name_points'] . ' premium points. You have ' . $points . ' premium points.</font><br/><br/><form action="?subtopic=accountmanagement&action=changename" method="post" ><input type="hidden" name="changenamesave" value="1"><div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Change Name</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >
+				<table style="width:100%;" >
+					<tr>
+						<td class="LabelV" ><span >Character:</td>
+						<td style="width:90%;" >
+							<select name="player_id">';
+								$players = $account_logged->getPlayersList();
+								foreach($players as $player)
+									echo '<option value="' . $player->getId() . '">' . $player->getName() . '</option>';
+							echo '
+							</select>
+						</td>
+					</tr>
+					<tr>
+						<td class="LabelV" ><span >New Name:</td>
+						<td>
+							<input type="text" name="newcharname" id="newcharname" onkeyup="checkName();" size="25" maxlength="25" >
+							<font size="1" face="verdana,arial,helvetica">
+								<div id="name_check">Please enter your character name.</div>
+							</font>
+						</td>
+					</tr>
+				</table>        </div>  </table></div></td></tr><br/><table style="width:100%" ><tr align="center" ><td><table border="0" cellspacing="0" cellpadding="0" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Submit" alt="Submit" src="'.$template_path.'/images/buttons/_sbutton_submit.gif" ></div></div></td><tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></td></tr></table>';
+			}
+		}
+	}
+
 //### DELETE character from account ###
 	if($action == "deletecharacter") {
 		$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : NULL;
@@ -750,52 +893,14 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 
 //## CREATE CHARACTER on account ###
 	if($action == "createcharacter") {
-		echo '<script type="text/javascript">
+		echo '<script type="text/javascript" src="tools/check_name.js"></script>';
-		eventId = 0;
-		lastSend = 0;
-
-function checkName()
-{
-	if(eventId != 0)
-	{
-		clearInterval(eventId)
-		eventId = 0;
-	}
-
-	if(document.getElementById("newcharname").value=="")
-	{
-		document.getElementById("name_check").innerHTML = \'<b><font color="red">Please enter new character name.</font></b>\';
-		return;
-	}
-
-	//anti flood
-	var date = new Date;
-	var timeNow = parseInt(date.getTime());
-
-	if(lastSend != 0)
-	{
-		if(timeNow - lastSend < 1100)
-		{
-			eventId = setInterval(\'checkName()\', 1100)
-			return;
-		}
-	}
-
-	var newcharname = document.getElementById("newcharname").value;
-	$.get("tools/validate.php", { name: newcharname, uid: Math.random() },
-		function(data){
-			document.getElementById("name_check").innerHTML = data;
-			lastSend = timeNow;
-	});
-	
-	lastSend = timeNow;
-}
-</script>';
 		$newchar_name = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL;
 		$newchar_sex = isset($_POST['newcharsex']) ? $_POST['newcharsex'] : NULL;
 		$newchar_vocation = isset($_POST['newcharvocation']) ? $_POST['newcharvocation'] : NULL;
 		$newchar_town = isset($_POST['newchartown']) ? $_POST['newchartown'] : NULL;
 		$newchar_errors = array();
+		
+		$newchar_created = false;
 		if(isset($_POST['savecharacter']) && $_POST['savecharacter'] == 1) {
 			if(empty($newchar_name))
 				$newchar_errors[] = 'Please enter a name for your character!';
@@ -824,17 +929,10 @@ function checkName()
 			else
 				$newchar_town = $config['character_towns'][0];
 
-			//check if was namelocked previously
-			if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
-				$namelockSQL = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($newchar_name));
-				if($namelockSQL->rowCount() > 0)
-					$newchar_errors[] = 'Character with this name has been namelocked.';
-			}
-
 			if(empty($newchar_errors))
 			{
 				$error = '';
-				if(!check_name_new_char($newchar_name, $error))
+				if(!admin() && !check_name_new_char($newchar_name, $error))
 					$newchar_errors[] = $error;
 				if($newchar_sex != 1 && $newchar_sex != "0")
 					$newchar_errors[] = 'Sex must be equal <b>0 (female)</b> or <b>1 (male)</b>.';
@@ -855,10 +953,6 @@ function checkName()
 
 			if(empty($newchar_errors))
 			{
-				$check_name_in_database = $ots->createObject('Player');
-				$check_name_in_database->find($newchar_name);
-				if($check_name_in_database->isLoaded())
-					$newchar_errors[] .= 'This name is already used. Please choose another name!';
 				$number_of_players_on_account = $account_logged->getPlayersList()->count();
 				if($number_of_players_on_account >= $config['characters_per_account'])
 					$newchar_errors[] .= 'You have too many characters on your account <b>('.$number_of_players_on_account.'/'.$config['characters_per_account'].')</b>!';
@@ -925,10 +1019,16 @@ function checkName()
 					$player->setLossExperience($char_to_copy->getLossExperience());
 					$player->setLossMana($char_to_copy->getLossMana());
 					$player->setLossSkills($char_to_copy->getLossSkills());
-					$player->setLossItems($char_to_copy->getLossItems());
 				}
+				if(fieldExist('loss_items', 'players')) {
+					$player->setLossItems($char_to_copy->getLossItems());
+					$player->setLossContainers($char_to_copy->getLossContainers());
+				}
+					
 				$player->save();
 				$player->setCustomField("created", time());
+				
+				$newchar_created = true;
 				$account_logged->logAction('Created character <b>' . $player->getName() . '</b>.');
 				unset($player);
 				$player = $ots->createObject('Player');
@@ -958,8 +1058,7 @@ function checkName()
 				}
 			}
 		}
-		else
+
-		{
 		if(count($newchar_errors) > 0) {
 			echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div>';
 			echo '<b>The Following Errors Have Occurred:</b><br/>';
@@ -967,6 +1066,8 @@ function checkName()
 				echo '<li>'.$newchar_error . '</li>';
 			echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
 		}
+		
+		if(!$newchar_created) {
 			echo 'Please choose a name';
 			if(count($config['character_samples']) > 1)
 				echo ', vocation';
@@ -974,7 +1075,14 @@ function checkName()
 			if($account_logged->getPlayersList()->count() >= $config['characters_per_account']) {
 				echo '<b><font color="red"> You have maximum number of characters per account on your account. Delete one before you make new.</font></b>';
 			}
-			echo '<br/><br/><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><input type="hidden" name=savecharacter value="1" ><div class="TableContainer" >  <table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" ><span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >Create Character</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" ><table class="TableContent" width="100%" ><tr class="LabelH" ><td style="width:50%;" ><span >Name</td><td><span >Sex</td></tr><tr class="Odd" ><td><input id="newcharname" name="newcharname" onkeyup="checkName();" value="'.$newchar_name.'" size="30" maxlength="29" ><BR><font size="1" face="verdana,arial,helvetica"><div id="name_check">Please enter your character name.</div></font></td><td>';
+			echo '<br/><br/><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><input type="hidden" name=savecharacter value="1" ><div class="TableContainer" >  <table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" ><span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >Create Character</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" ><table class="TableContent" width="100%" ><tr class="LabelH" ><td style="width:50%;" ><span >Name</td><td><span >Sex</td></tr><tr class="Odd" >
+			<td>
+				<input id="newcharname" name="newcharname" onkeyup="checkName();" value="'.$newchar_name.'" size="25" maxlength="25" ><br/>
+				<font size="1" face="verdana,arial,helvetica">
+					<div id="name_check">Please enter your character name.</div>
+				</font>
+			</td>
+			<td>';
 			echo '<input type="radio" name="newcharsex" id="newcharsex" value="1" ';
 			if($newchar_sex == 1)
 				echo 'checked="checked" ';

system/pages/admin/changelog.php

@@ -1,27 +1,26 @@
 <?php
 /**
- * Changelog
+ * CHANGELOG viewer
  *
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'MyAAC - CHANGELOG';
+$title = 'MyAAC Changelog';
 
-$data = file_get_contents(SYSTEM . 'docs/CHANGELOG');
+if(!file_exists(BASE . 'CHANGELOG')) {
+	echo 'File CHANGELOG doesn\'t exist.';
+	return;
+}
 
-// replace special characters with HTML entities
+$changelog = file_get_contents(BASE . 'CHANGELOG');
-// replace line breaks with <br />
+$changelog = nl2br(htmlspecialchars($changelog));
-$data = nl2br(htmlspecialchars($data));
-
-// replace multiple spaces with single spaces
-$data = preg_replace('/\s\s+/', ' ', $data);
 
 // replace URLs with <a href...> elements
-$data = preg_replace('/\s(\w+:\/\/)(\S+)/', ' <a href="\\1\\2" target="_blank">\\1\\2</a>', $data);
+$changelog = preg_replace('/\s(\w+:\/\/)(\S+)/', ' <a href="\\1\\2" target="_blank">\\1\\2</a>', $changelog);
 
-echo '<div>' . $data . '</div>';
+echo '<div>' . $changelog . '</div>';
 ?>

system/pages/admin/dashboard.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/login.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/logs.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -28,7 +28,15 @@ foreach(scandir($aac_path_logs) as $f) {
 	$files[] = array($f, $aac_path_logs);
 }
 
+$server_path_logs = $config['server_path'] . 'logs/';
+if(!file_exists($server_path_logs))
 $server_path_logs = $config['data_path'] . 'logs/';
+
+if(!file_exists($server_path_logs)) {
+	echo '</table>Logs are not available on this server.';
+	return;
+}
+
 foreach(scandir($server_path_logs) as $f) {
 	if($f[0] == '.' || $f == '..')
 		continue;

system/pages/admin/mailer.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/notepad.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/pages.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/phpinfo.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/players.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -93,8 +93,8 @@ if($id > 0) {
 		if(!check_name($name, $_error))
 			echo_error($_error);
 
-		//if(!check_name_new_char($name))
+		//if(!check_name_new_char($name, $_error))
-		//	echo_error('This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.');
+		//	echo_error($_error);
 
 		$player_db = $ots->createObject('Player');
 		$player_db->find($name);
@@ -150,8 +150,10 @@ if($id > 0) {
 		verify_number($look_legs, 'Look legs', 11);
 		$look_type = $_POST['look_type'];
 		verify_number($look_type, 'Look type', 11);
+		if(fieldExist('lookaddons', 'players')) {
 			$look_addons = $_POST['look_addons'];
 			verify_number($look_addons, 'Look addons', 11);
+		}
 
 		// pos
 		$pos_x = $_POST['pos_x'];
@@ -200,12 +202,16 @@ if($id > 0) {
 			verify_number($loss_items, 'Loss items', 11);
 		}
 		
+		if(fieldExist('blessings', 'players')) {
 			$blessings = $_POST['blessings'];
 			verify_number($blessings, 'Blessings', 2);
+		}
 		$balance = $_POST['balance'];
 		verify_number($balance, 'Balance', 20);
+		if(fieldExist('stamina', 'players')) {
 			$stamina = $_POST['stamina'];
 			verify_number($stamina, 'Stamina', 20);
+		}
 
 		$deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true');
 		$hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true');
@@ -238,6 +244,7 @@ if($id > 0) {
 			$player->setLookHead($look_head);
 			$player->setLookLegs($look_legs);
 			$player->setLookType($look_type);
+			if(fieldExist('lookaddons', 'players'))
 				$player->setLookAddons($look_addons);
 			$player->setPosX($pos_x);
 			$player->setPosY($pos_y);
@@ -258,8 +265,10 @@ if($id > 0) {
 				$player->setLossContainers($loss_containers);
 				$player->setLossItems($loss_items);
 			}
+			if(fieldExist('blessings', 'players'))
 				$player->setBlessings($blessings);
 			$player->setBalance($balance);
+			if(fieldExist('stamina', 'players'))
 				$player->setStamina($stamina);
 			if(fieldExist('deletion', 'players'))
 				$player->setCustomField('deletion', $deleted ? '1' : '0');
@@ -391,7 +400,9 @@ $account = $player->getAccount();
 			Head:<input type="text" name="look_head" size="2" maxlength="11" value="<?php echo $player->getLookHead(); ?>" />
 			Legs:<input type="text" name="look_legs" size="2" maxlength="11" value="<?php echo $player->getLookLegs(); ?>" />
 			Type:<input type="text" name="look_type" size="2" maxlength="11" value="<?php echo $player->getLookType(); ?>" />
+			<?php if(fieldExist('lookaddons', 'players')): ?>
 			Addons:<input type="text" name="look_addons" size="2" maxlength="11" value="<?php echo $player->getLookAddons(); ?>" />
+			<?php endif; ?>
 		</td>
 	</tr>
 	<tr>
@@ -468,19 +479,19 @@ $account = $player->getAccount();
 			<table>
 				<tr style="background-color: transparent;">
 					<td>Loss experience:</td>
-					<td><input type="text" name="lost_experience" size="8" maxlength="11" value="<?php echo $player->getLossExperience(); ?>" /></td>
+					<td><input type="text" name="loss_experience" size="8" maxlength="11" value="<?php echo $player->getLossExperience(); ?>" /></td>
 
 					<td>Loss mana:</td>
-					<td><input type="text" name="lost_mana" size="8" maxlength="11" value="<?php echo $player->getLossMana(); ?>" /></td>
+					<td><input type="text" name="loss_mana" size="8" maxlength="11" value="<?php echo $player->getLossMana(); ?>" /></td>
 					
 					<td>Loss skills:</td>
-					<td><input type="text" name="lost_skills" size="8" maxlength="11" value="<?php echo $player->getLossSkills(); ?>" /></td>
+					<td><input type="text" name="loss_skills" size="8" maxlength="11" value="<?php echo $player->getLossSkills(); ?>" /></td>
 					
 					<td>Loss containers:</td>
-					<td><input type="text" name="lost_containers" size="8" maxlength="11" value="<?php echo $player->getLossContainers(); ?>" /></td>
+					<td><input type="text" name="loss_containers" size="8" maxlength="11" value="<?php echo $player->getLossContainers(); ?>" /></td>
 					
 					<td>Loss items:</td>
-					<td><input type="text" name="lost_items" size="8" maxlength="11" value="<?php echo $player->getLossItems(); ?>" /></td>
+					<td><input type="text" name="loss_items" size="8" maxlength="11" value="<?php echo $player->getLossItems(); ?>" /></td>
 				</tr>
 			</table>
 		</td>
@@ -490,14 +501,17 @@ $account = $player->getAccount();
 		<td colspan="2">
 			<table>
 				<tr style="background-color: transparent;">
+					<?php if(fieldExist('blessings', 'players')): ?>
 					<td>Blessings:</td>
 					<td><input type="text" name="blessings" size="2" maxlength="2" value="<?php echo $player->getBlessings(); ?>" /></td>
-
+					<?php endif; ?>
 					<td>Balance:</td>
 					<td><input type="text" name="balance" size="16" maxlength="20" value="<?php echo $player->getBalance(); ?>" /></td>
 					
+					<?php if(fieldExist('stamina', 'players')): ?>
 					<td>Stamina:</td>
 					<td><input type="text" name="stamina" size="16" maxlength="20" value="<?php echo $player->getStamina(); ?>" /></td>
+					<?php endif; ?>
 				</tr>
 			</table>
 		</td>

system/pages/admin/plugins.php

@@ -5,11 +5,13 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Plugin manager';
+
+require(SYSTEM . 'hooks.php');
 ?>
 <form enctype="multipart/form-data" method="post">
 	<input type="hidden" name="upload_plugin" />
@@ -41,6 +43,33 @@ if(isset($_FILES["plugin"]["name"]))
 	$name = explode(".", $filename);
 	$accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
 
+	if(isset($file['error'])) {
+        $error = 'Error uploading file';
+        switch( $file['error'] ) {
+            case UPLOAD_ERR_OK:
+                $error = false;
+                break;
+            case UPLOAD_ERR_INI_SIZE:
+            case UPLOAD_ERR_FORM_SIZE:
+                $error .= ' - file too large (limit of '.ini_get('upload_max_filesize').' bytes).';
+                break;
+            case UPLOAD_ERR_PARTIAL:
+                $error .= ' - file upload was not completed.';
+                break;
+            case UPLOAD_ERR_NO_FILE:
+                $error .= ' - zero-length file uploaded.';
+                break;
+            default:
+                $error .= ' - internal error #' . $file['error'];
+                break;
+        }
+	}
+
+	if(isset($error) && $error != false) {
+		error($error);
+	}
+	else {
+		if(is_uploaded_file($file['tmp_name']) ) {
 			if(in_array($type, $accepted_types) && strtolower($name[1]) == 'zip') // check if it is zipped/compressed file
 			{
 				$targetdir = BASE;
@@ -50,20 +79,60 @@ if(isset($_FILES["plugin"]["name"]))
 					$zip = new ZipArchive();
 					$x = $zip->open($targetzip);  // open the zip file to extract
 					if ($x === true) {
-			$zip->extractTo($targetdir); // place in the directory with same name  
+						if($zip->extractTo($targetdir)) { // place in the directory with same name  
+							$string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json');
+							$plugin = json_decode($string, true);
+							if($plugin == NULL) {
+								warning('Cannot load ' . BASE . 'plugins/' . $name[0] . '.json. File might be not valid json code.');
+							}
+							
+							if(isset($plugin['install'])) {
+								if(file_exists(BASE . $plugin['install']))
+									require(BASE . $plugin['install']);
+								else
+									warning('Cannot load install script. Your plugin might be not working correctly.');
+							}
+
+							if(isset($plugin['hooks'])) {
+								foreach($plugin['hooks'] as $_name => $info) {
+									if(isset($hook_types[$info['type']])) {
+										$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';');
+										if($query->rowCount() == 1) { // found something
+											$query = $query->fetch();
+											$db->query('UPDATE `' . TABLE_PREFIX . 'hooks` SET `type` = ' . $hook_types[$info['type']] . ', `file` = ' . $db->quote($info['file']) . ' WHERE `id` = ' . (int)$query['id'] . ';');
+										}
+										else {
+											$db->query('INSERT INTO `' . TABLE_PREFIX . 'hooks` (`id`, `name`, `type`, `file`) VALUES (NULL, ' . $db->quote($_name) . ', ' . $hook_types[$info['type']] . ', ' . $db->quote($info['file']) . ');');
+										}
+									}
+									else
+										warning('Unknown event type: ' . $info['type']);
+								}
+							}
+							success('<strong>' . $plugin['name'] . '</strong> plugin has been successfully installed.');
+						}
+						else {
+							error('There was a problem with extracting zip archive.');
+						}
+						
 						$zip->close();
 						unlink($targetzip); // delete the Zipped file
-	  
+					}
-				$string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json');
+					else {
-				$plugin_info = json_decode($string, true);
+						error('There was a problem with opening zip archive.');
-				$message = '<p class="success"><strong>' . $plugin_info['name'] . '</strong> plugin has been successfully installed.</p>';
 					}
 				}
 				else
-			$message = '<p class="error">There was a problem with the upload. Please try again.</p>';
+					error('There was a problem with the upload. Please try again.');
-}
+			}
-	else
+			else {
-		$message = '<p class="error">The file you are trying to upload is not a .zip file. Please try again.</p>';
+				error('The file you are trying to upload is not a .zip file. Please try again.');
+			}
+		}
+		else {
+			error('Error uploading file - unknown error.');
+		}
+	}
 }
 
 echo $message;
@@ -83,7 +152,7 @@ echo $message;
 	foreach(scandir($path) as $file)
 	{
 		$file_info = explode('.', $file);
-		if($file == '.' || $file == '..' || $file == 'disabled' || is_dir($file) || !$file_info[1] || $file_info[1] != 'json')
+		if($file == '.' || $file == '..' || $file == 'disabled' || $file == 'example.json' || is_dir($path . $file) || !$file_info[1] || $file_info[1] != 'json')
 			continue;
 		
 		$string = file_get_contents(BASE . 'plugins/' . $file_info[0] . '.json');

system/pages/admin/statistics.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -45,9 +45,9 @@ $title = 'Statistics';
 		<td>
 			<table class="table">
 				<tr><th colspan="3">TOP 10 - Most wealth accounts</th></tr>
-				<tr><th>#</th><th>Account name</th><th>Premium points</th></tr>
+				<tr><th>#</th><th>Account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?></th><th>Premium points</th></tr>
 				<?php
-				$query = $db->query('SELECT premium_points, name FROM accounts ORDER BY premium_points DESC LIMIT 10;');
+				$query = $db->query('SELECT `premium_points`, `' . (USE_ACCOUNT_NAME ? 'name' : 'id') . '` as `name` FROM `accounts` ORDER BY `premium_points` DESC LIMIT 10;');
 				$i = 0;
 				foreach($query as $result)
 				{

system/pages/admin/tools.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/version.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -18,7 +18,8 @@ $myaac_version = file_get_contents('http://my-aac.org/VERSION');
 
 // compare them
 if(version_compare($myaac_version, MYAAC_VERSION) <= 0)
-	echo '<p class="success">MyAAC latest version is ' . $myaac_version . '. You\'re using the latest version.</p>';
+	echo '<p class="success">MyAAC latest version is ' . $myaac_version . '. You\'re using the latest version.
+	<br/>View CHANGELOG ' . generateLink(ADMIN_URL . '?p=changelog', 'here') . '</p>';
 else
 	echo '<p class="warning">You\'re using outdated version.<br/>
 		Your version: <b>' . MYAAC_VERSION . '</b><br/>

system/pages/admin/visitors.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bans.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bugtracker.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/changelog.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/characters.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -60,29 +60,46 @@ function generate_player_lookup($player)
 			$player_eq[$i] = $empty_slots[$i];
 	}
 
-	//for($i = 1; $i < 11; $i++)
+	if(PHP_VERSION_ID == NULL || PHP_VERSION_ID < 70000) {
-	//{
+		for($i = 1; $i < 11; $i++)
-		//if(!itemImageExists($player_eq[$i]))
+		{
-		//	Items::generate($player_eq[$i]);
+			if(!itemImageExists($player_eq[$i]))
-	//}
+				Items::generate($player_eq[$i]);
+		}
+	}
+
+	for($i = 1; $i < 11; $i++)
+	{
+		if(check_number($player_eq[$i]))
+			$player_eq[$i] = getItemImage($player_eq[$i]);
+		else
+			$player_eq[$i] = '<img src="images/items/' . $player_eq[$i] . '.gif" width="32" height="32" border="0" alt=" ' . $player_eq[$i] . '" />';
+	}
+
+	$skulls = array(
+		1 => 'skull_yellow',
+		2 => 'skull_green',
+		3 => 'skull_white',
+		4 => 'skull_red',
+		5 => 'skull_black'
+	);
 
 	return '<table width="100" align="center" cellspacing="0" cellpadding="0" style="background: #808080; border:1px solid #808080;">
 		<tr>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[2]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[6]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[9]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[2].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[6].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[9].'</td></tr>
-				<tr height="11px"><td>'.($player->getSkull() > 0 ? '<img src="images/red_skull.gif">' : '').'</td></tr>
+				<tr height="11px"><td>'.($player->getSkullTime() > 0 && ($player->getSkull() == 4 || $player->getSkull() == 5) ? '<img src="images/' . $skulls[$player->getSkull()] . '.gif">' : '').'</td></tr>
 				</table>
 			</td>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[1]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[4]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[7]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[8]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[1].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[4].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[7].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[8].'</td></tr>
 				</table>
-
 			</td>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[3]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[5]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[10]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[3].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[5].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[10].'</td></tr>
 				</table>
 			</td>
 		</tr>
@@ -120,14 +137,12 @@ if(empty($name))
 
 $name = str_replace('/', '', $name);
 
-if(check_name($name))
+$oldName = '';
-{
-	$oldName = '';
 
-	$player = $ots->createObject('Player');
+$player = $ots->createObject('Player');
-	$player->find($name);
+$player->find($name);
-	if(!$player->isLoaded())
+if(!$player->isLoaded())
-	{
+{
 	$tmp_zmienna = "";
 	$tmp_name = retrieve_former_name($name);
 	while(!empty($tmp_name))
@@ -138,10 +153,10 @@ if(check_name($name))
 
 	if(!empty($tmp_zmienna))
 		$player->find($tmp_zmienna);
-	}
+}
 
-	if($player->isLoaded() && !$player->isDeleted())
+if($player->isLoaded() && !$player->isDeleted())
-	{
+{
 	$title = $player->getName() . ' - ' . $title;
 	$account = $player->getAccount();
 	$rows = 0;
@@ -150,6 +165,9 @@ if(check_name($name))
 		<td><img src="<?php echo $template_path; ?>/images/general/blank.gif" width="10" height="1" border="0"></td>
 		<td>
 			<table border="0" cellspacing="1" cellpadding="4" width="100%">
+				<?php if($config['characters']['outfit']): ?>
+				<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:<?php echo (in_array($player->getLookType(), array(75, 266, 302)) ? '-0px;margin-top:-0px;width:64px;height:64px;' : '-60px;margin-top:-60px;width:128px;height:128px;'); ?>" src="<?php echo $config['outfit_images_url'] . '?id=' . $player->getLookType() . '&addons=' . $player->getLookAddons() . '&head=' . $player->getLookHead() . '&body=' . $player->getLookBody() . '&legs=' . $player->getLookLegs() . '&feet=' . $player->getLookFeet() . '"';?>></div>
+				<?php endif; ?>
 				<tr bgcolor="<?php echo $config['vdarkborder']; ?>">
 					<td colspan="2" class="white"><b>Character Information</b></td>
 				</tr>
@@ -229,10 +247,14 @@ if(check_name($name))
 				$town_field = 'town_id';
 			else if(fieldExist('townid', 'houses'))
 				$town_field = 'townid';
+			else if(!fieldExist('town', 'houses'))
+				$town_field = false;
 			
-				$house = $db->query('SELECT `id`, `paid`, `name`, `' . $town_field . '` FROM `houses` WHERE `owner` = '.$player->getId())->fetch();
+			if(fieldExist('name', 'houses')) {
+				$house = $db->query('SELECT `id`, `paid`, `name`' . ($town_field != false ? ', `' . $town_field . '` as `town`' : '') . ' FROM `houses` WHERE `owner` = '.$player->getId())->fetch();
 				if(isset($house['id']))
 				{
+					$add = '';
 					if($house['paid'] > 0)
 						$add = ' is paid until '.date("M d Y", $house['paid']);
 
@@ -241,10 +263,10 @@ if(check_name($name))
 						<TD>House:</TD>
 						<TD>
 							<TABLE BORDER=0><TR>
-								<TD>'.$house['name'].' ('.$config['towns'][$house[$town_field]].')'.$add.'</TD>
+								<TD>' . (isset($house['name']) ? $house['name'] : $house['id']) . (isset($house['town']) ? ' (' . $config['towns'][$house[$town_field]] . ')' : '') . $add . '</TD>
 								<TD>
 									<FORM ACTION="?subtopic=houses&page=view" METHOD=post>
-										<INPUT TYPE=hidden NAME=house VALUE="'.$house['name'].'">
+										<INPUT TYPE=hidden NAME=house VALUE="'. (isset($house['name']) ? $house['name'] : $house['id']) . '">
 										<INPUT TYPE=image NAME="View" ALT="View" SRC="'.$template_path.'/images/buttons/sbutton_view.gif" BORDER=0 WIDTH=120>
 									</FORM>
 								</TD>
@@ -252,22 +274,25 @@ if(check_name($name))
 						</TD>
 					</TR>';
 				}
+			}
 
 			$rank_of_player = $player->getRank();
-				if($rank_of_player->isLoaded())
+			if($rank_of_player->isLoaded()) {
-				{
+				$guild = $rank_of_player->getGuild();
-					$guild_name = $rank_of_player->getGuild()->getName();
+				if($guild->isLoaded()) {
+					$guild_name = $guild->getName();
 					echo
 					'<TR BGCOLOR="'.getStyle(++$rows).'">'.
 						'<TD>Guild membership:</TD><TD>'.$rank_of_player->getName().' of the ' . getGuildLink($guild_name) . '</TD>'.
 					'</TR>';
 				}
+			}
 
 			echo
 				'<TR BGCOLOR="'.getStyle(++$rows).'"><TD>Last login:</TD><TD>';
 			$lastlogin = $player->getLastLogin();
 			if(empty($lastlogin))
-					echo'Never logged in.';
+				echo 'Never logged in.';
 			else
 				echo date("M d Y, H:i:s", $lastlogin).' CEST';
 
@@ -405,8 +430,8 @@ if(check_name($name))
 					<td width=\"20%\" align=\"center\">".date("j M Y, H:i", $death['date'])."</td>
 					<td> ";
 					$killers = $db->query("SELECT environment_killers.name AS monster_name, players.name AS player_name, players.deleted AS player_exists FROM killers LEFT JOIN environment_killers ON killers.id = environment_killers.kill_id
-	LEFT JOIN player_killers ON killers.id = player_killers.kill_id LEFT JOIN players ON players.id = player_killers.player_id
+LEFT JOIN player_killers ON killers.id = player_killers.kill_id LEFT JOIN players ON players.id = player_killers.player_id
-	WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, killers.id ASC")->fetchAll();
+WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, killers.id ASC")->fetchAll();
 
 					$i = 0;
 					$count = count($killers);
@@ -452,9 +477,11 @@ if(check_name($name))
 			}
 		}
 		else {
+			$mostdamage = '';
+			if(fieldExist('mostdamage_by', 'player_deaths'))
+				$mostdamage = ', `mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified`';
 			$deaths = $db->query('SELECT 
-					`player_id`, `time`, `level`, `killed_by`, `is_player`, 
+				`player_id`, `time`, `level`, `killed_by`, `is_player`' . $mostdamage . ' 
-					`mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified` 
 				FROM `player_deaths` 
 				WHERE `player_id` = ' . $player->getId() . ' ORDER BY `time` DESC LIMIT 10;');
 
@@ -613,13 +640,17 @@ if(check_name($name))
 				'<TR BGCOLOR='.getStyle(++$rows).'>
 					<TD WIDTH=20%>Created:</TD>';
 					$bannedUntil = '';
+					$banned = array();
 					if(tableExist('account_bans'))
 						$banned = $db->query('SELECT `expires_at` as `expires` FROM `account_bans` WHERE `account_id` = '.$account->getId().' and `expires_at` > ' . time());
-						else
+					else if(tableExist('bans')) {
+						if(fieldExist('expires', 'bans'))
 							$banned = $db->query('SELECT `expires` FROM `bans` WHERE (`value` = '.$account->getId().' or `value` = '.$player->getId().') and `active` = 1 and `type` != 2 and `type` != 4 and `expires` > ' . time());
+					else
+							$banned = $db->query('SELECT `time` as `time` FROM `bans` WHERE (`account` = '.$account->getId().' or `player` = '.$player->getId().') and `type` != 2 and `type` != 4 and `time` > ' . time());
+					}
 					foreach($banned as $ban)
 					{
-							if($ban['type'] != 2 and $ban['type'] != 4)
 						$bannedUntil = ' <font color="red">[Banished '.($ban['expires'] == "-1" ? 'forever' : 'until '.date("d F Y, h:s", $ban['expires'])).']</font>';
 					}
 					echo '<TD>'.date("j F Y, g:i a", $account->getCustomField("created")).$bannedUntil.'</TD>
@@ -659,9 +690,9 @@ if(check_name($name))
 		}
 	echo '<br/><br/>' . generate_search_table();
 	echo '</TABLE>';
-	}
+}
-	else
+else
-	{
+{
 	$search_errors[] = 'Character <b>' . $name . '</b> does not exist or has been deleted.';
 	output_errors($search_errors);
 	$search_errors = array();
@@ -689,10 +720,7 @@ if(check_name($name))
 	}
 
 	echo generate_search_table(true);
-	}
 }
-else
-	$search_errors[] = 'This name contains invalid letters. Please use only A-Z, a-z and space. Minimum length is 3 characters.';
 
 if(!empty($search_errors))
 	output_errors($search_errors);

system/pages/commands.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/createaccount.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -137,14 +137,17 @@ if($step == 'save')
 		{
 			$salt = generateRandomString(10, false, true, true);
 			$password = $salt . $password;
-			$new_account->setSalt($salt);
 		}
 
 		$new_account->setPassword(encrypt($password));
 		$new_account->setEMail($email);
 		$new_account->unblock();
 		$new_account->save();
-		$new_account->setCustomField("created", time());
+		
+		if($config_salt_enabled)
+			$new_account->setCustomField('salt', $salt);
+
+		$new_account->setCustomField('created', time());
 		$new_account->logAction('Account created.');
 
 		if($config['account_country']) {

system/pages/creatures.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -303,7 +303,7 @@ if(isset($monster['name']))
 	echo '</TABLE></td></tr>';
 
 	echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%>';
-	$loot = simplexml_load_file($config['server_path'] . 'data/monster/' . $monster['file_path']); 
+	$loot = simplexml_load_file($config['data_path'] . 'monster/' . $monster['file_path']); 
 	if($loot)
 	{ 
 		if($item = $loot->loot->item)

system/pages/custom.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/downloads.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 $title = 'Downloads';

system/pages/experiencestages.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/experiencetable.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/faq.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -170,10 +170,12 @@ if($action == 'show_board')
 	}
 
 	echo '<br /><br />Page: '.$links_to_pages.'<br />';
-	$last_threads = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll();
+	$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll();
 	if(isset($last_threads[0]))
 	{
 		echo '<table width="100%"><tr bgcolor="'.$config['vdarkborder'].'" align="center"><td><font color="white" size="1"><b>Thread</b></font></td><td><font color="white" size="1"><b>Thread Starter</b></font></td><td><font color="white" size="1"><b>Replies</b></font></td><td><font color="white" size="1"><b>Views</b></font></td><td><font color="white" size="1"><b>Last Post</b></font></td></tr>';
+		
+		$player = $ots->createObject('Player');
 		foreach($last_threads as $thread)
 		{
 			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
@@ -182,7 +184,17 @@ if($action == 'show_board')
 				echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
 				echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><font color="red">[REMOVE]</font></a>  ';
 			}
-			echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']).'</a><br /><small>'.htmlspecialchars(substr($thread['post_text'], 0, 50)).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
+			
+			$player->load($thread['player_id']);
+			if(!$player->isLoaded()) {
+				error('Forum error: Player not loaded.');
+				die();
+			}
+
+			$player_account = $player->getAccount();
+			$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+			
+			echo '<a href="' . getForumThreadLink($thread['id']) . '">'.($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])) . '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
 			if($thread['last_post'] > 0)
 			{
 				$last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
@@ -226,18 +238,14 @@ if($action == 'show_thread')
 		$player = $ots->createObject('Player');
 		foreach($threads as $thread)
 		{
-			if(isset($thread['promotion'])) {
-				if((int)$thread['promotion'] > 0)
-					$thread['vocation'] + ($thread['promotion'] * 4);
-			}
-			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$thread['vocation']].'<br />Level: '.$thread['level'].'<br />';
-			
 			$player->load($thread['player_id']);
 			if(!$player->isLoaded()) {
-				error('Player not loaded');
+				error('Forum error: Player not loaded.');
 				die();
 			}
 		
+			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$player->getVocation()].'<br />Level: '.$thread['level'].'<br />';
+	
 			$rank = $player->getRank();
 			if($rank->isLoaded())
 			{
@@ -245,8 +253,11 @@ if($action == 'show_thread')
 				if($guild->isLoaded())
 					echo $rank->getName().' of <a href="'.getGuildLink($guild->getName(), false).'">'.$guild->getName().'</a><br />';
 			}
+			$player_account = $player->getAccount();
+			$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+			
 			$posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch();
-			echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(htmlspecialchars($thread['post_topic']), htmlspecialchars($thread['post_text']), $thread['post_smile']).'</td></tr>
+			echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'</td></tr>
 			<tr bgcolor="'.getStyle($number_of_rows++).'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
 			if($thread['edit_date'] > 0)
 			{

system/pages/guilds.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -1026,7 +1026,7 @@ if($action == 'kickplayer') {
 		}
 		else
 		{
-			if($player->getRank()->isLoaded() && $player->getRank()->getGuild()->getName() != $guild->getName()) {
+			if($player->getRank()->isLoaded() && $player->getRank()->getGuild()->isLoaded() && $player->getRank()->getGuild()->getName() != $guild->getName()) {
 				$guild_errors[] = 'Character <b>'.$name.'</b> isn\'t from your guild.';
 			}
 		}

system/pages/highscores.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -99,6 +99,10 @@ $deleted = 'deleted';
 if(fieldExist('deletion', 'players'))
 	$deleted = 'deletion';
 
+$outfit = '';
+if($config['highscores_outfit'])
+	$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype, lookaddons';
+
 $offset = $_page * 100;
 if($skill <= POT::SKILL_LAST) { // skills
 	if(fieldExist('skill_fist', 'players')) {// tfs 1.0
@@ -112,14 +116,14 @@ if($skill <= POT::SKILL_LAST) { // skills
 			POT::SKILL_FISH => 'skill_fishing',
 		);
 
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . $outfit . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
 }
 else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 {
-	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . ',COUNT(`player_killers`.`player_id`) as value' .
+	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ',COUNT(`player_killers`.`player_id`) as value' .
 			' FROM `accounts`, `players`, `player_killers` ' .
 			' WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id = player_killers.player_id AND accounts.id = players.account_id' .
 			' GROUP BY `player_id`' .
@@ -129,10 +133,10 @@ else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 else
 {
 	if($skill == POT::SKILL__MAGLEVEL) {
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else { // level
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
 		$list = 'experience';
 	}
 }
@@ -150,6 +154,9 @@ else
 					<td width="11px" class="white">#</td>
 					<?php endif; ?>
 					<td width="10%" class="white"><b>Rank</b></td>
+					<?php if($config['highscores_outfit']): ?>
+					<td class="white"><b>Outfit</b></td>
+					<?php endif; ?>
 					<td width="75%" class="white"><b>Name</b></td>
 					<td width="15%" class="white"><b><?php echo ($skill != 666 ? 'Level' : 'Frags'); ?></b></td>
 					<?php if($skill == POT::SKILL__LEVEL): ?>
@@ -177,15 +184,18 @@ foreach($skills as $player)
 	{
 		if($skill == POT::SKILL__MAGIC)
 			$player['value'] = $player['maglevel'];
-
+		else if($skill == POT::SKILL__LEVEL)
-		if($skill == POT::SKILL__LEVEL)
 			$player['value'] = $player['level'];
 echo '
 		<tr bgcolor="' . getStyle($i) . '">';
 		if($config['account_country'])
 			echo '<td>' . getFlagImage($player['country']) . '</td>';
 echo '
-			<td>' . ($offset + $i) . '.</td>
+			<td>' . ($offset + $i) . '.</td>';
+			if($config['highscores_outfit'])
+			echo '<td><img style="position:absolute;margin-top:-45px;margin-left:-25px;" src="' . $config['outfit_images_url'] . '?id=' . $player['looktype'] . '&addons=' . $player['lookaddons'] . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] . '" alt="" /></td>';
+		
+echo '
 			<td>
 				<a href="' . getPlayerLink($player['name'], false) . '">
 					<font color="' . ($player['online'] > 0 ? 'green' : 'red') . '">' . $player['name'] . '</font>

system/pages/houses.php

@@ -6,12 +6,16 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Houses';
 
+if(!fieldExist('name', 'houses')) {
+	echo 'Houses list is not available on this server.';
+	return;
+}
 $rent = trim(strtolower($config['lua']['houseRentPeriod']));
 if($rent != 'yearly' && $rent != 'monthly' && $rent != 'weekly' && $rent != 'daily')
 	$rent = 'never';
@@ -29,7 +33,8 @@ $type = '';
 		{
 			$beds = array("", "one", "two", "three", "fourth", "fifth");
 			$houseName = $_REQUEST['house'];
-			$house = $db->query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName));
+			$houseId = (check_number($_REQUEST['house']) ? $_REQUEST['house'] : -1);
+			$house = $db->query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName) . ' OR `id` = ' . $db->quote($houseId));
 
 			if($house->rowCount() > 0)
 			{

system/pages/lastkills.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/lostaccount.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -317,11 +317,14 @@ if($config['mail_enabled'])
 								{
 									$salt = generateRandomString(10, false, true, true);
 									$new_pass_with_salt = $salt . $new_pass;
-									$account->setSalt($salt);
 								}
 								
 								$account->setPassword(encrypt($new_pass_with_salt));
 								$account->save();
+								
+								if($config_salt_enabled)
+									$account->setCustomField('salt', $salt);
+								
 								echo 'Your account name, new password and new e-mail.<BR>
 								<FORM ACTION="?subtopic=accountmanagement" onsubmit="return validate_form(this)" METHOD=post>
 								<INPUT TYPE=hidden NAME="character" VALUE="">

system/pages/movies.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -26,10 +26,6 @@ There are no movies added yet.
 <?php foreach($movies as $movie): ?>
 	<?php echo $movie['title']; ?><br/>
 	Author: <?php echo $movie['author']; ?><br/>
-	<object width="425" height="344">
+	<iframe width="560" height="315" src="https://www.youtube.com/embed/<?php echo $movie['youtube_id']; ?>" frameborder="0" allowfullscreen></iframe><br/><br/>';
-		<param name="movie" value="http://www.youtube.com/v/<?php echo $movie['youtube_id']; ?>&hl=pl&fs=1&color1=0x3a3a3a&color2=0x999999"></param>
-		<param name="allowFullScreen" value="true"></param>
-		<embed src="http://www.youtube.com/v/<?php echo $movie['youtube_id']; ?>&hl=pl&fs=1&color1=0x3a3a3a&color2=0x999999" type="application/x-shockwave-flash" allowfullscreen="true" width="425" height="344"></embed>
-	</object><br/><br/>';
 <?php endforeach; ?>
 </center>

system/pages/news.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -98,9 +98,12 @@ define('NEWS', 1);
 define('TICKET', 2);
 define('ARTICLE', 3);
 
-define('BODY_LIMIT', 10000); // maximum news body length
+define('TITLE_LIMIT', 100);
+define('BODY_LIMIT', 65535); // maximum news body length
 
 $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
+if($canEdit)
+	echo '<script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>';
 if($canEdit)
 {
 	if(!empty($action))
@@ -141,11 +144,12 @@ if($canEdit)
 				$player_id = $news['player_id'];
 			}
 			else {
-				News::update($id, $p_title, $body, $type, $category, $player_id, $comments);
+				if(News::update($id, $p_title, $body, $type, $category, $player_id, $comments, $errors)) {
 					$action = $p_title = $body = $comments = '';
 					$type = $category = $player_id = 0;
 				}
 			}
+		}
 		else if($action == 'hide') {
 			News::toggleHidden($id, $errors);
 		}
@@ -212,7 +216,7 @@ if(!$news_cached)
 				  <span class="NewsTickerDate">'.date("j M Y", $news['date']).' -</span>
 				  <div id="TickerEntry-'.$rows.'-ShortText" class="NewsTickerShortText">';
 			//if admin show button to delete (hide) ticker
-			$tickers_to_add .= short_text($news['body'], 60).'</div>
+			$tickers_to_add .= short_text(strip_tags($news['body']), 100).'</div>
 				  <div id="TickerEntry-'.$rows.'-FullText" class="NewsTickerFullText">';
 			//if admin show button to delete (hide) ticker
 			$tickers_to_add .= $news['body'] . $admin_options . '</div>
@@ -298,7 +302,7 @@ if(!$news_cached)
 
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td><b>Title:</b></td>
-				<td><input name="title" value="<?php echo (isset($p_title) ? $p_title : ''); ?>" size="50" maxlength="50"/></td>
+				<td><input name="title" value="<?php echo (isset($p_title) ? $p_title : ''); ?>" size="50" maxlength="100"/></td>
 			</tr>
 
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
@@ -461,21 +465,34 @@ else
 
 class News
 {
+	static public function verify($title, $body, &$errors)
+	{
+		if(!isset($title[0]) || !isset($body[0])) {
+			$errors[] = 'Please fill all inputs.';
+			return false;
+		}
+
+		if(strlen($title) > TITLE_LIMIT) {
+			$errors[] = 'News title cannot be longer than ' . TITLE_LIMIT . ' characters.';
+			return false;
+		}
+	
+		if(strlen($body) > BODY_LIMIT) {
+			$errors[] = 'News content cannot be longer than ' . BODY_LIMIT . ' characters.';
+			return false;
+		}
+		
+		return true;
+	}
+
 	static public function add($title, $body, $type, $category, $player_id, $comments, &$errors)
 	{
 		global $db;
-		if(strlen($body) <= BODY_LIMIT)
+		if(!News::verify($title, $body, $errors))
-		{
+			return false;
-			if(isset($title[0]) && isset($body[0])) {
-				$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments));
-			}
-			else
-				$errors[] = 'Please fill all inputs.';
-		}
-		else
-			$errors[] = 'News content cannot be longer than ' . BODY_LIMIT . ' characters.';
 
-		return !count($errors);
+		$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments));
+		return true;
 	}
 
 	static public function get($id) {
@@ -483,9 +500,14 @@ class News
 		return $db->select(TABLE_PREFIX . 'news', array('id' => $id));
 	}
 
-	static public function update($id, $title, $body, $type, $category, $player_id, $comments) {
+	static public function update($id, $title, $body, $type, $category, $player_id, $comments, &$errors)
+	{
 		global $db;
+		if(!News::verify($title, $body, $errors))
+			return false;
+
 		$db->update(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'category' => $category, 'last_modified_by' => isset($player_id) ? $player_id : 0, 'last_modified_date' => time(), 'comments' => $comments), array('id' => $id));
+		return true;
 	}
 
 	static public function delete($id, &$errors)

system/pages/newsarchive.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 $_GET['archive'] = true;

system/pages/online.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -42,11 +42,15 @@ if(fieldExist('skull_time', 'players')) {
 	$skull_time = 'skull_time';
 }
 	
+$outfit = '';
+if($config['online_outfit'])
+	$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype, lookaddons';
+
 $vocs = array(0, 0, 0, 0, 0);
 if(tableExist('players_online')) // tfs 1.0
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 else
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`, ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 
 $players = 0;
 $data = '';
@@ -72,6 +76,9 @@ foreach($playersOnline as $player)
 	if($config['account_country'])
 		$data .= '<td>' . getFlagImage($player['country']) . '</td>';
 
+	if($config['online_outfit'])
+		$data .= '<TD WIDTH=5%><img style="position:absolute;margin-top:' . (in_array($player['looktype'], array(75, 266, 302)) ? '-20px;margin-left:-0px;' : '-45px;margin-left:-25px;') . '" src="' . $config['outfit_images_url'] . '?id=' . $player['looktype'] . '&addons=' . $player['lookaddons'] . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] . '" alt="" /></td>';
+
 	$data .= '<td>' . getPlayerLink($player['name']) . $skull . '</td>
 		<td>'.$player['level'].'</td>
 		<td>'.$config['vocations'][$player['vocation']].'</td>
@@ -169,7 +176,7 @@ if($config['online_vocations']): ?>
 		<?php
 			for($i = 1; $i < 5; $i++)
 			echo '<tr bgcolor="' . getStyle($i) . '">
-				<td width="25%">' . $config['vocations'][0][$i] . '</td>
+				<td width="25%">' . $config['vocations'][$i] . '</td>
 				<td width="75%">' . $vocs[$i] . '</td>
 			</tr>';
 			?>
@@ -195,6 +202,9 @@ if($config['online_skulls']): ?>
 		<?php if($config['account_country']): ?>
 		<td width="11px"><a href="?subtopic=online&order=country" class="white">#</A></td>
 		<?php endif; ?>
+		<?php if($config['online_outfit']): ?>
+		<td class="white"><b>Outfit</b></td>
+		<?php endif; ?>
 		<td width="60%"><a href="?subtopic=online&order=name" class="white">Name</A></td>
 		<td width="20%"><a href="?subtopic=online&order=level" class="white">Level</A></td>
 		<td width="20%"><a href="?subtopic=online&order=vocation" class="white">Vocation</td>
@@ -205,7 +215,31 @@ if($config['online_skulls']): ?>
 endif;
 
 //search bar
-echo '<BR><FORM ACTION="?subtopic=characters" METHOD=post>  <TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4><TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Search Character</B></TD></TR><TR><TD BGCOLOR="'.$config['darkborder'].'"><TABLE BORDER=0 CELLPADDING=1><TR><TD>Name:</TD><TD><INPUT NAME="name" VALUE=""SIZE=29 MAXLENGTH=29></TD><TD><INPUT TYPE=image NAME="Submit" SRC="'.$template_path.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18></TD></TR></TABLE></TD></TR></TABLE></FORM>';
+echo '<br/>
+<FORM ACTION="?subtopic=characters" METHOD=post>
+	<TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4>
+		<TR>
+			<TD BGCOLOR="'.$config['vdarkborder'].'" class="white">
+				<B>Search Character</B>
+			</TD>
+		</TR>
+		<TR>
+			<TD BGCOLOR="'.$config['darkborder'].'">
+				<TABLE BORDER=0 CELLPADDING=1>
+					<TR>
+						<TD>Name:</TD>
+						<TD>
+							<INPUT NAME="name" VALUE=""SIZE=29 MAXLENGTH=29>
+						</TD>
+						<TD>
+							<INPUT TYPE=image NAME="Submit" SRC="'.$template_path.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18>
+						</TD>
+					</TR>
+				</TABLE>
+			</TD>
+		</TR>
+	</TABLE>
+</FORM>';
 
 /* temporary disable it - shows server offline
 // update online players counter

system/pages/polls.php

@@ -3,17 +3,19 @@
  * Polls
  *
  * @package   MyAAC
- * @author    Gesior <jerzyskalski@wp.pl>
+ * @author    Averatec <pervera.pl & otland.net>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Polls';
 
-/* Polls System By Averatec from pervera.pl & otland.net
+/* Polls System By Averatec from pervera.pl & otland.net */
 
+if(!tableExist('z_polls'))
+	$db->query('
 CREATE TABLE `z_polls` (
   `id` int(11) NOT NULL auto_increment,
   `question` varchar(255) NOT NULL,
@@ -23,17 +25,19 @@ CREATE TABLE `z_polls` (
   `answers` int(11) NOT NULL,
   `votes_all` int(11) NOT NULL,
   PRIMARY KEY  (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;');
 
-CREATE TABLE `z_polls_answers` (
+if(!tableExist('z_polls_answers'))
+$db->query('
+	CREATE TABLE `z_polls_answers` (
   `poll_id` int(11) NOT NULL,
   `answer_id` int(11) NOT NULL,
   `answer` varchar(255) NOT NULL,
   `votes` int(11) NOT NULL
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;');
 
-ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;
+if(!fieldExist('vote', 'accounts'))
-*/
+	$db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;');
 
 function getColorByPercent($percent)
 {
@@ -46,7 +50,8 @@ function getColorByPercent($percent)
 
 	return '';
 }
-
+	$number_of_rows = 0;
+	$showed = false;
     $link = "polls"; // your link to polls in index.php
     $dark = $config['darkborder'];
     $light = $config['lightborder'];
@@ -54,7 +59,7 @@ function getColorByPercent($percent)
     $POLLS = $db->query('SELECT * FROM '.$db->tableName('z_polls').'');
     $level = 20; // need level to vote
 
-    if(empty($_REQUEST['id']) and $_REQUEST['control'] != "true")  // list of polls
+    if(empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))  // list of polls
     {
         $active = $db->query('SELECT * FROM `z_polls` where `end` > '.$time.''); // active polls
         $closed = $db->query('SELECT * FROM `z_polls` where `end` < '.$time.' order by `end` desc'); // closed polls
@@ -62,6 +67,7 @@ function getColorByPercent($percent)
         echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Active Polls</B></TD></TR>';
         echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
         $bgcolor = getStyle($number_of_rows++);
+		$empty_active = false;
         foreach($active as $poll)
         {
             echo '
@@ -90,6 +96,7 @@ function getColorByPercent($percent)
         echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Closed Polls</B></TD></TR>';
         echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
 		$bgcolor = getStyle($number_of_rows++);
+		$empty_closed = false;
         foreach($closed as $poll)
         {
             echo '
@@ -124,6 +131,7 @@ function getColorByPercent($percent)
 	}
 
     /* Checking Account */
+	$allow = false;
     $account_players = $account_logged->getPlayers();
     foreach($account_players as $player)
     {
@@ -132,7 +140,7 @@ function getColorByPercent($percent)
         $allow=true;
     }
 
-    if(!empty($_REQUEST['id']) and $_REQUEST['control'] != "true")
+    if(!empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
     {
         foreach($POLLS as $POLL)
         {
@@ -186,7 +194,7 @@ function getColorByPercent($percent)
 
                 if($POLL['end'] > $time) // active poll
                 {
-                    if($_REQUEST['vote'] == true and $allow == true)
+                    if(isset($_REQUEST['vote']) && $_REQUEST['vote'] == true and $allow == true)
                     {
                         if($account_logged->getCustomField('vote') < $_REQUEST['id'] and !empty($_POST['answer']))
                         {
@@ -305,15 +313,16 @@ function getColorByPercent($percent)
         }
     }
 
-    if(admin() and $_REQUEST['control'] != "true")
+    if(admin() && (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
     {
         echo '<br><a href="?subtopic='.$link.'&control=true"><b>Panel Control</b></a><br><br>';
     }
 
     /* Control Panel - Only Add Poll Function */
 
-    if(admin() and $_REQUEST['control'] == "true")
+    if(admin() && isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
     {
+		$show = false;
         if(isset($_POST['submit']))
         {
             $_SESSION['answers'] = $_POST['answers'];

system/pages/records.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/rules.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/screenshots.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/serverinfo.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/spells.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/team.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/status.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/template.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.3
+ * @version   0.1.3
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

templates/kathrine/menu.js

@@ -3,7 +3,7 @@ list[0] = 'news';
 list[1] = 'account';
 list[2] = 'community';
 list[3] = 'library';
-list[4] = 'about';
+list[4] = 'shops';
 
 function initMenu()
 {

templates/kathrine/news.php

@@ -1,4 +1,6 @@
 <?php
+defined('MYAAC') or die('Direct access not allowed!');
+
 function news_parse($title, $content, $date, $icon = 0, $author = '', $comments = '')
 {
 	global $template_path;
@@ -9,7 +11,7 @@ function news_parse($title, $content, $date, $icon = 0, $author = '', $comments
 		$tmp = $template_path.'/images/letters/'.$content[0].'.gif';
 		if(file_exists($tmp)) {
 			$firstLetter = '<img src="' . $tmp . '" alt="'.$content[0].'" BORDER=0 ALIGN=bottom>';
-			$content[0] = '';
+			$content = substr($content, 1);
 		}
 	}
 

templates/kathrine/template.php

@@ -1,23 +1,25 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
     <head>
     	<?php echo template_place_holder('head_start'); ?>
         <link rel="stylesheet" href="<?php echo $template_path; ?>/style.css" type="text/css" />
         <script src="<?php echo $template_path; ?>/menu.js" type="text/javascript"></script>
+		<script type="text/javascript" src="tools/basic.js"></script>
         <script type="text/javascript">
 			var category = '<?php
 				if(in_array(PAGE, array('news', 'newsarchive')))
 					echo 'news';
-				elseif(in_array(PAGE, array('creatures', 'spells', 'online', 'serverinfo', 'downloads', 'commands',
+				elseif(in_array(PAGE, array('creatures', 'spells', 'serverinfo', 'downloads', 'commands',
-					'movies', 'screenshots', 'experiencetable')))
+					'movies', 'screenshots', 'experiencetable', 'faq')))
 						echo 'library';
-				elseif(in_array(PAGE, array('characters', 'guilds', 'highscores', 'wars', 'lastkills', 'houses', 'bans',
+				elseif(in_array(PAGE, array('online', 'characters', 'guilds', 'highscores', 'wars', 'lastkills', 'houses', 'bans',
 					'forum', 'team')))
 						echo 'community';
 				elseif(in_array(PAGE, array('account', 'accountmanagement', 'createaccount', 'lostaccount', 'rules')))
 					echo 'account';
-				elseif(in_array(PAGE, array('faq')))
-					echo 'about';
 				elseif(in_array(PAGE, array('points', 'gifts')))
 					echo 'shops';
 				?>';
@@ -40,7 +42,6 @@
                 <span id="account" onclick="menuSwitch('account');" class="tab">Account</span>
                 <span id="community" onclick="menuSwitch('community');" class="tab">Community</span>
                 <span id="library" onclick="menuSwitch('library');" class="tab">Library</span>
-				<span id="about" onclick="menuSwitch('about');" class="tab">About</span>
                 <?php
                 if($config['gifts_system'])
 				{
@@ -83,6 +84,8 @@
                 </div>
 
                 <div id="community-submenu">
+                    <a href="<?php echo $template['link_online']; ?>">Who is Online?</a>
+                    <span class="separator"></span>
                 	<a href="<?php echo $template['link_characters']; ?>">Characters</a>
                     <span class="separator"></span>
                     <a href="<?php echo $template['link_guilds']; ?>">Guilds</a>
@@ -96,8 +99,10 @@
                     <a href="<?php echo $template['link_highscores']; ?>">Highscores</a>
                     <span class="separator"></span>
                     <a href="<?php echo $template['link_lastkills']; ?>">Last Deaths</a>
+					<?php if(fieldExist('name', 'houses')): ?>
                     <span class="separator"></span>
                     <a href="<?php echo $template['link_houses']; ?>">Houses</a>
+					<?php endif; ?>
                     <span class="separator"></span>
 					<?php if($config['otserv_version'] == TFS_03): ?>
                     <a href="<?php echo $template['link_bans']; ?>">Bans</a>
@@ -113,11 +118,9 @@
                 </div>
 
                 <div id="library-submenu">
-                	<!--a href="<?php echo $template['link_creatures']; ?>">Monsters</a>
+                	<a href="<?php echo $template['link_creatures']; ?>">Monsters</a>
                     <span class="separator"></span>
                     <a href="<?php echo $template['link_spells']; ?>">Spells</a>
-                    <span class="separator"></span-->
-                    <a href="<?php echo $template['link_online']; ?>">Who is Online?</a>
                     <span class="separator"></span>
                     <a href="<?php echo $template['link_serverInfo']; ?>">Server Info</a>
                     <span class="separator"></span>
@@ -130,14 +133,9 @@
                     <a href="<?php echo $template['link_screenshots']; ?>">Screenshots</a>
                     <span class="separator"></span>
                     <a href="<?php echo $template['link_experienceTable']; ?>">Experience Table</a>
-                </div>
+                    <span class="separator"></span>
-
-				<div id="about-submenu">
                     <a href="<?php echo $template['link_faq']; ?>">FAQ</a>
-					<!--a href="<?php echo internalLayoutLink('about'); ?>">About us</a>
-					<a href="<?php echo internalLayoutLink('contact'); ?>">Contact</a-->
                 </div>
-
     			<?php
 				if($config['gifts_system'])
 				{
@@ -146,8 +144,8 @@
 						<a href="' . $template['link_points'] . '">Buy Premium Points</a>
 						<span class="separator"></span>
 						<a href="' . $template['link_gifts'] . '">Shop Offer</a>';
-						if($account_logged)
+						if($logged)
-							echo '<span class="separator"></span><a href="?subtopic=shopsystem&action=show_history">Shop History</a>';
+							echo '<span class="separator"></span><a href="' . $template['link_gifts_history'] . '">Shop History</a>';
 					echo '</div>';
 				}
 				?>
@@ -166,7 +164,7 @@
 								echo '
 								<font color="green"><b>Server Online</b></font> &raquo;
 								Players Online: ' . $status['players'] . ' / ' . $status['playersMax'] . ' &raquo;
-								Monsters: ' . $status['monsters'] . ' &raquo; Uptime: ' . $status['uptimeReadable'] . '';
+								Monsters: ' . $status['monsters'] . ' &raquo; Uptime: ' . (isset($status['uptimeReadable']) ? $status['uptimeReadable'] : 'Unknown') . '';
 							else
 								echo '<font color="red"><b>Server Offline</b></font>';
 							?>

templates/tibiacom/index.php

@@ -1,4 +1,6 @@
 <?php
+defined('MYAAC') or die('Direct access not allowed!');
+
 if(isset($config['boxes']))
 	$config['boxes'] = explode(",", $config['boxes']);
 ?>
@@ -420,6 +422,7 @@ echo "<a href='" . $template['link_downloads'] . "'>
     <div class='RightChain' style='background-image:url(<?php echo $template_path; ?>/images/general/chain.gif);'></div>
   </div>
 </a>
+<?php if(fieldExist('name', 'houses')): ?>
 <a href='<?php echo $template['link_houses']; ?>'>
   <div id='submenu_houses' class='Submenuitem' onMouseOver='MouseOverSubmenuItem(this)' onMouseOut='MouseOutSubmenuItem(this)'>
     <div class='LeftChain' style='background-image:url(<?php echo $template_path; ?>/images/general/chain.gif);'></div>
@@ -428,6 +431,7 @@ echo "<a href='" . $template['link_downloads'] . "'>
     <div class='RightChain' style='background-image:url(<?php echo $template_path; ?>/images/general/chain.gif);'></div>
   </div>
 </a>
+<?php endif; ?>
 <a href='<?php echo $template['link_guilds']; ?>'>
   <div id='submenu_guilds' class='Submenuitem' onMouseOver='MouseOverSubmenuItem(this)' onMouseOut='MouseOutSubmenuItem(this)'>
     <div class='LeftChain' style='background-image:url(<?php echo $template_path; ?>/images/general/chain.gif);'></div>
@@ -692,137 +696,8 @@ echo "</div>";
 	<img class="Title" src="<?php echo $headline; ?>" alt="Contentbox headline" />
     <div class="Border_2">
       <div class="Border_3">
-	<?php
+		<?php $hooks->trigger(HOOK_TIBIACOM_BORDER_3); ?>
-	if(PAGE == 'news' && $config['lua']['serverName'] == "SlaskiOTS" && !isset($_GET['archive']) && !isset($_GET['id']))
-	{
-	?>
-        <div style="background-image:url(<?php echo $template_path; ?>/images/content/scroll.gif);">
-		<table style="clear:both; font-family: Verdana, Arial, Times New Roman, sans-serif;font-size: 10pt; padding: 8px" border=0 cellpadding=0 cellspacing=0 width="100%">
-		<tr><td>
-			Witaj na Śląskim serwerze.<br>Przed rozpoczęciem gry zapoznaj z podstroną <a href="<?php echo internalLayoutLink('serverInfo')?>">Server Info</a>.<br>
-			O pomoc w grze zawsze możesz poprosić na kanale <b>Help</b>.<br><br>
-
-			Ostatnio zarejestrował się:
-			<?php
-				$newestMember = $db->query('SELECT `name` FROM `players` ORDER BY `id` DESC LIMIT 1');
-				$newestMember = $newestMember->fetch();
-				echo getPlayerLink($newestMember['name']) . '. Witamy!';
-			?>
-		</td></tr>
-		</table>
-	</div>
-	<?php
-		if(tableExist('wodz_exphistory'))
-		{
-			$top_enabled = true;
-				function write_top($name, $list, $colspan = 2)
-				{
-					global $config;
-					echo '
-						<TD WIDTH=' . ($colspan == 2 ? '30' : '40') . '% VALIGN="TOP">'.
-							'<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%>
-								<TR BGCOLOR='.$config['vdarkborder'].'>
-									<TD COLSPAN=' . $colspan . ' class="white"><B>TOP 5 - ' . $name . '</B></TD>
-								</TR>';
-
-							$i = 1;
-							foreach($list as $str)
-								echo '<TR BGCOLOR='.getStyle($i++).'>' . $str . '</TR>';
-							echo
-							'</TABLE>
-						</TD>';
-				}
-			?>
 		<div class="BoxContent" style="background-image:url(<?php echo $template_path; ?>/images/content/scroll.gif);">
-			<TABLE BORDER=0 WIDTH=100%>
-				<tr>
-					<?php
-						$vocation_name_short = array(
-							array(
-								1 => 'S',
-								2 => 'D',
-								3 => 'P',
-								4 => 'K'
-							),
-							array(
-								1 => 'MS',
-								2 => 'ED',
-								3 => 'RP',
-								4 => 'EK'
-							)
-						);
-
-						//players
-						$top_array = array();
-						$top_players_query = $db->query(
-							'SELECT `name`, `level`, `experience`, `vocation`, `promotion`, `online` FROM `players`' .
-							' WHERE players.deleted = 0 AND players.group_id < '.$config['highscores_groups_hidden'] .
-							' ORDER BY `experience` DESC' .
-							' LIMIT 5');
-
-						$i = 0;
-						foreach($top_players_query as $player)
-						{
-							$top_array[$i++] =
-								'<TD>' . $i . '.</TD>
-								<TD VALIGN=top>
-									<a href="' . getPlayerLink($player['name'], false) . '">'.($player['online']>0 ? "<font color=\"green\">".$player['name']."</font>" : "<font color=\"red\">".$player['name']."</font>").'</a>
-									<small>('.$player['level'].' '.$vocation_name_short[$player['promotion']][$player['vocation']].')</small>
-								</TD>';
-						}
-						write_top('<a href="' . internalLayoutLink('highscores') . '" class="white">Players</a>', $top_array);
-
-						//powergamers
-						$top_array = array();
-						$today = getZeroDay();
-						$top_powergamers_query = $db->query(
-							'SELECT `wodz_exphistory`.`exp_change` as exp_change, `name`, `players`.`level`, `players`.`experience`, `vocation`, `promotion`, `online`' .
-							' FROM `wodz_exphistory`, `players`' .
-							' WHERE players.id = wodz_exphistory.player_id AND `date` = ' . $today . ' ORDER BY `exp_change` DESC LIMIT 5');
-
-						$i = 0;
-						foreach($top_powergamers_query as $player)
-						{
-							$top_array[$i++] =
-								'<TD>' . $i . '.</TD>
-								<TD VALIGN=top>
-									<a href="' . getPlayerLink($player['name'], false) . '">'.($player['online']>0 ? "<font color=\"green\">".$player['name']."</font>" : "<font color=\"red\">".$player['name']."</font>").'</a>
-									<small>('.$player['level'].' '.$vocation_name_short[$player['promotion']][$player['vocation']].')</small>
-								</TD>
-								<TD><small>' . formatExperience($player['exp_change']) . '</small></TD>';
-						}
-						write_top('<a href="' . internalLayoutLink('powergamers') . '" class="white">Powergamers</a> (Today)', $top_array, 3);
-
-						//guilds
-						$top_array = array();
-						$top_guilds_query = $db->query(
-							'SELECT `name`, `total_level`' .
-							' FROM `guilds`' .
-							' ORDER BY `total_level` DESC' .
-							' LIMIT 5');
-
-						$i = 0;
-						foreach($top_guilds_query as $guild)
-						{
-							$top_array[$i++] =
-								'<TD>' . $i . '.</TD>
-								<TD>' . getGuildLink($guild['name']) . '</TD>
-								<TD><small>' . $guild['total_level'] . '</small></TD>';
-						}
-						write_top('<a href="' . internalLayoutLink('guilds') . '" class="white">Guilds</a>', $top_array, 3);
-					?>
-				</tr>
-			</table>
-	<?php
-		}
-	}
-	else
-	{
-	?>
-	<div class="BoxContent" style="background-image:url(<?php echo $template_path; ?>/images/content/scroll.gif);">
-	<?php
-	}
-	?>
 			<?php echo template_place_holder('center_top') . $content; ?>
 		</div>
       </div>

templates/tibiacom/news.php

@@ -1,4 +1,6 @@
 <?php
+defined('MYAAC') or die('Direct access not allowed!');
+
 function news_parse($title, $content, $date, $icon = 0, $author = '', $comments = '')
 {
 	global $template_path;
@@ -8,7 +10,7 @@ function news_parse($title, $content, $date, $icon = 0, $author = '', $comments
 		$tmp = $template_path.'/images/letters/'.$content[0].'.gif';
 		if(file_exists($tmp)) {
 			$firstLetter = '<img src="' . $tmp . '" alt="'.$content[0].'" BORDER=0 ALIGN=bottom>';
-			$content[0] = '';
+			$content = substr($content, 1);
 		}
 	}
 

tools/check_name.js

@@ -0,0 +1,39 @@
+		eventId = 0;
+		lastSend = 0;
+
+function checkName()
+{
+	if(eventId != 0)
+	{
+		clearInterval(eventId)
+		eventId = 0;
+	}
+
+	if(document.getElementById("newcharname").value=="")
+	{
+		document.getElementById("name_check").innerHTML = '<b><font color="red">Please enter new character name.</font></b>';
+		return;
+	}
+
+	//anti flood
+	var date = new Date;
+	var timeNow = parseInt(date.getTime());
+
+	if(lastSend != 0)
+	{
+		if(timeNow - lastSend < 1100)
+		{
+			eventId = setInterval('checkName()', 1100)
+			return;
+		}
+	}
+
+	var newcharname = document.getElementById("newcharname").value;
+	$.get("tools/validate.php", { name: newcharname, uid: Math.random() },
+		function(data){
+			document.getElementById("name_check").innerHTML = data;
+			lastSend = timeNow;
+	});
+	
+	lastSend = timeNow;
+}

tools/signature/gd.class.php

@@ -42,6 +42,11 @@
 		}
 
 
+		public function save($player_id)
+		{
+			imagepng($this->instance, SIGNATURES_CACHE . $player_id . '.png');
+			imagedestroy($this->instance);
+		}
 		/**
 		 * @access public
 		 * @return null
@@ -210,7 +215,7 @@
 					imagepng( $this->instance, $path, 9 );
 				}
 				imagedestroy( $this->instance );
-				unset( $this );
+				unset( $this->instance );
 			}
 		}
 	}

tools/signature/gesior.php

@@ -0,0 +1,52 @@
+<?php
+	defined('MYAAC') or die('Direct access not allowed!');
+
+	$player = $ots->createObject( 'Player' );
+	$player->find($_GET['name']);
+	if(function_exists('imagecreatefrompng'))
+	{
+		if($player->isLoaded())
+		{
+			$file = SIGNATURES_CACHE.$player->getId().'.png';
+			if ( file_exists( $file ) and ( time( ) < ( filemtime($file) + ( 60 * $config['signature_cache_time'] ) ) ) )
+			{
+				header( 'Content-type: image/png' );
+				readfile( SIGNATURES_CACHE.$player->getId().'.png' );
+			}
+			else
+			{
+				$image = imagecreatefrompng(SIGNATURES_BACKGROUNDS . 'signature.png');
+				$color= imagecolorallocate($image , 255, 255, 255);
+				imagettftext($image , 12, 0, 20, 32, $color, SIGNATURES_FONTS . 'font.ttf' , 'Name:');
+				imagettftext($image , 12, 0, 70, 32, $color, SIGNATURES_FONTS . 'font.ttf' , $player->getName());
+
+				imagettftext($image , 12, 0, 20, 52, $color, SIGNATURES_FONTS . 'font.ttf' , 'Level:');
+				imagettftext($image , 12, 0, 70, 52, $color, SIGNATURES_FONTS . 'font.ttf' , $player->getLevel() . ' ' . $config['vocations'][$player->getVocation()]);
+
+				$rank = $player->getRank();
+				if($rank->isLoaded())
+				{
+					imagettftext($image , 12, 0, 20, 75, $color, SIGNATURES_FONTS . 'font.ttf' , 'Guild:');
+					imagettftext($image , 12, 0, 70, 75, $color, SIGNATURES_FONTS . 'font.ttf' , $player->getRank()->getName() . ' of the ' . $$rank->getGuild()->getName());
+				}
+				imagettftext($image , 12, 0, 20, 95, $color, SIGNATURES_FONTS . 'font.ttf' , 'Last Login:');
+				imagettftext($image , 12, 0, 100, 95, $color, SIGNATURES_FONTS . 'font.ttf' , (($player->getLastLogin() > 0) ? date("j F Y, g:i a", $player->getLastLogin()) : 'Never logged in.'));
+				imagepng($image, SIGNATURES_CACHE . $player->getID() . '.png');
+				imagedestroy($image);
+
+				header('Content-type: image/png');
+				readfile(SIGNATURES_CACHE . $player->getId().'.png');
+			}
+		}
+		else
+		{
+			header('Content-type: image/png');
+			readfile(SIGNATURES_IMAGES . 'nocharacter.png');
+		}
+	}
+	else
+	{
+		header('Content-type: image/png');
+		readfile(SIGNATURES_IMAGES . 'nogd.png');
+	}
+?>