update to 0.2.2

https://otland.net/threads/myaac-v0-0-1.251454/page-6#post-2443743

.htaccess.dist

@@ -6,8 +6,7 @@ RewriteEngine On
 # Page parser
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
-RewriteRule ^([A-Za-z0-9-_']+)\.png/?$ tools/signature/index.php?name=$1 [L]
+RewriteRule ^([A-Za-z0-9-_+']+)\.png/?$ tools/signature/index.php?name=$1 [L]
-RewriteRule ^images/items/([0-9]+)\.gif$ tools/item.php?id=$1
 RewriteRule ^characters/([A-Za-z0-9-_+']+)$ index.php?subtopic=characters&name=$1
 RewriteRule ^guilds/([A-Za-z0-9-_+']+)$ index.php?subtopic=guilds&action=show&guild=$1
 RewriteRule ^forum/board/([0-9]+)$ index.php?subtopic=forum&action=show_board&id=$1
@@ -19,10 +18,11 @@ RewriteRule ^account/manage$ index.php?subtopic=accountmanagement
 RewriteRule ^account/create$ index.php?subtopic=createaccount
 RewriteRule ^account/lost$ index.php?subtopic=lostaccount
 RewriteRule ^account/logout$ index.php?subtopic=accountmanagement&action=logout
-RewriteRule ^news/archive/([0-9]+)$ index.php?subtopic=news&archive=true&id=$1
+RewriteRule ^news/archive/([0-9]+)$ index.php?subtopic=newsarchive&id=$1
-RewriteRule ^news/archive$ index.php?subtopic=news&archive=true
+RewriteRule ^news/archive$ index.php?subtopic=newsarchive
 RewriteRule ^highscores/([A-Za-z0-9-_]+)/([A-Za-z0-9-_]+)?$ index.php?subtopic=highscores&list=$1&vocation=$2
 RewriteRule ^highscores/([A-Za-z0-9-_']+)$ index.php?subtopic=highscores&list=$1
+RewriteRule ^polls/([0-9]+)$ index.php?subtopic=polls&id=$1
 RewriteRule ^admin/$ admin/index.php
 RewriteRule ^install/$ install/index.php
 

CHANGELOG

@@ -1,3 +1,83 @@
+[0.2.2 - 22.05.2017]
+	- added missing cache/signature directory
+	- fixed https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2443868
+
+[0.2.1 - 21.05.2017]
+	- added Swedish translation by Sizaro
+	- fixed some bugs with installlation & characters & houses
+
+[0.2.0 - 21.05.2017]
+	- added option to change character sex for premium points
+	- moved site_closed to database, now you can close your site through admin panel
+	- added option to admin panel: clear cache
+	- added experiencetable_rows configurable
+	- optimized OTS_Account->getGroupId(), now its using like 20 queries less
+	- optimized OTS_Player->load($id) function, should be much faster now
+	- fixed displaying on highscores special outfits
+	- fixed skull images displaying
+	- fixed displaying unlimited premium account
+	- fixed bug where players.lookaddons doesn't exist (OTHire etc.) (https://otland.net/threads/myaac-v0-0-1.251454/page-6#post-2442407)
+	- fixed signature tibian for OTHire and other servers that doesnt use accounts.premdays field
+	- fixed when player name in signature containst space
+	- don't show "Create forum thread" when editing
+	- fixed red color table after create account
+	- updated download links, as clients.halfaway.net isn't working anymore
+	- fixed some bugs while installing when field `email_next` or `hidden` already exist
+	- fixed movies unexpected comment
+	- added template_place_holder('center_top') to kathrine template
+
+[0.1.5 - 13.05.2017]
+	- fixed bug with "Integrity constraint violation: 1048 Column 'ip' cannot be null"
+
+[0.1.4 - 13.05.2017]
+	- added outfit shower, in characters, online, and highscores
+	- updated database to version 2
+	- fixed item images (now using item-images.ots.me host by default)
+	- fixed news ticket and posting long newses (https://otland.net/threads/myaac-v0-0-1.251454/page-5#post-2442026)
+	- news body limit increased to 65535 (mysql text field)
+	- removed some unused code from my old server
+	- added spells & monsters to kathrine template
+
+[0.1.3 - 11.05.2017]
+	- this is just release to update version number
+
+[0.1.2 - 11.05.2017]
+	- forgot to update CHANGELOG and MYAAC_VERSION
+
+[0.1.1 - 11.05.2017]
+	- fixed updating myaac_config with database_version to 1
+	- fixed database updater
+
+[0.1.0 - 11.05.2017]
+	- added new feature: change character name for premium points (disabled by default, you can enable it in config under account_change_character_name in config.php)
+	- added automatic database updater (data migrations)
+	- renamed events to hooks
+	- moved hooks to database
+	- now you can use hooks in plugins
+	- set account.type field to 5 on install, if TFS 1.0+
+	- added example plugin
+	- new, latest google analytics code
+	- fixed bug with loading account.name that has numbers in it
+	- fixed many bugs in player editor in admin panel
+	- added error handling to plugin manager and some more verification in
+	- file has been correctly unpacked/uploaded
+	- fixed Statistics page in admin panel when using account.number
+	- fixed bug when creating/recovering account on servers with
+	- account.salt field (TFS 0.3 for example)
+	- fixed forum showing thread with html tags (added from news manager)
+	- new, latest code for youtube videos in movies page
+	- fixed showing vocation images when using $config['online_vocations_images']
+	- many fixes in polls (also importing proper schema)
+	- fixed hovering on buttons in kathrine template (on accountmanagement page)
+	- fixed signatures (many fixes)
+	- added missing gesior signature system
+
+[0.0.6 - 06.05.2017]
+	- fixed bug while installing (https://otland.net/threads/myaac-v0-0-1.251454/page-3#post-2440543)
+	- fixed bug when creating character (not showing errors) (one more time)
+	- fixed support for TFS 0.2 series
+	- added FAQ link
+	
 [0.0.5 - 05.05.2017]
 	- fixed bug when creating character (not showing errors)
 	- Fixed characters loading with names that has been created with other AAC

admin/index.php

@@ -1 +1 @@
-<?php
+<?php

admin/templates/clean/style.css

@@ -40,6 +40,17 @@ h1, h2, h3, h4, h5, h6 {color: #313334; font-weight: bold;}
 	text-align: left;
 }
 
+.table, .table td, .table th{
+	border: 1px solid #ddd;
+}
+
+.table th a:link {color: white; text-decoration: none;}
+.table th a:link		{color: white; text-decoration: none;}
+.table th a:visited	{color: white; text-decoration: none;}
+.table th a:focus		{color: white; text-decoration: none;}
+.table th a:active	{color: white; text-decoration: underline;}
+.table th a:hover		{color: white; text-decoration: underline;}
+
 .table tr:nth-child(odd) {background-color: #d1d1d1}
 
 a.ico { color:#9d9c9a; font-size:10px; text-decoration: none; padding:0 0 0 14px; background-repeat:no-repeat; background-position:0 0; }

common.php

@@ -21,13 +21,14 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.0.5');
+define('MYAAC_VERSION', '0.2.2');
+define('DATABASE_VERSION', 3);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : 'LINUX');
@@ -43,6 +44,11 @@ define('FLAG_CONTENT_COMMANDS', 64);
 define('FLAG_CONTENT_SPELLS', 128);
 define('FLAG_CONTENT_MONSTERS', 256);
 
+// news
+define('NEWS', 1);
+define('TICKET', 2);
+define('ARTICLE', 3);
+
 // directories
 define('BASE', dirname(__FILE__) . '/');
 define('ADMIN', BASE . 'admin/');

config.php

@@ -13,7 +13,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 
@@ -43,11 +43,6 @@ $config = array(
 	// footer
 	'footer' => ''/*'<br/>Your Server &copy; 2016. All rights reserved.'*/,
 
-	// site closed
-	'site_closed' => false,
-	'site_closed_title' => 'Closed',
-	'site_closed_message' => 'Server is under maintance, please visit later.<br/><br/>',
-
 	'debug_level' => 0, // 0 - disabled, 1 - show load time, 2 - show db query counter, 3 - both, 4 - memory usage, 5 - load time & load time, 6 - queries & memory usage, 7 - all
 
 	'language' => 'en', // default language (currently only 'en' available)
@@ -75,6 +70,10 @@ $config = array(
 		//'2' => 'Your Second World Name'
 	),
 
+	// items
+	'outfit_images_url' => 'http://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
+	'item_images_url' => 'http://item-images.ots.me/960/', // set to images/items if you host your own items in images folder
+
 	// account
 	'account_management' => true, // disable if you're using other method to manage users (fe. tfs account manager)
 	'account_mail_verify' => false, // force users to confirm their email addresses when registering account
@@ -84,6 +83,11 @@ $config = array(
 	'account_welcome_mail' => true, // send welcome email when user registers
 	'account_mail_change' => 2, // how many days user need to change email to account - block hackers
 	'account_country' => true, // user will be able to set country of origin when registering account, this information will be viewable in others places aswell
+	'account_change_character_name' => false, // can user change their character name for premium points?
+	'account_change_character_name_points' => 30, // cost of name change
+	'account_change_character_sex' => false, // can user change their character sex for premium points?
+	'account_change_character_sex_points' => 30, // cost of sex change
+	'characters_per_account' => 10,	// max. number of characters per account
 
 	// mail
 	'mail_enabled' => false, // is aac maker configured to send e-mails?
@@ -131,8 +135,6 @@ $config = array(
 		1 => 'Sample town'
 	),
 
-	'characters_per_account' => 10,	// max. number of characters per account
-
 	// guilds
 	'guild_management' => true, // enable guild management system on the site?
 	'guild_need_level' => 1, // min. level to form a guild
@@ -153,6 +155,7 @@ $config = array(
 	'online_vocations' => false, // display vocation statistics?
 	'online_vocations_images' => false, // display vocation images?
 	'online_skulls' => false, // display skull images
+	'online_outfit' => true,
 	'online_afk' => false,
 
 	// support list page
@@ -169,6 +172,7 @@ $config = array(
 	'highscores_vocation_box' => true, // show 'Choose a vocation' box on the highscores (allowing peoples to sort highscores by vocation)?
 	'highscores_vocation' => true, // show player vocation under his nickname?
 	'highscores_frags' => false, // show 'Frags' tab (best fraggers on the server)? Only 0.3
+	'highscores_outfit' => true, // show player outfit?
 	'highscores_country_box' => false, // doesnt work yet! (not implemented)
 	'highscores_groups_hidden' => 4, // this group id and higher won't be shown on the highscores
 
@@ -179,6 +183,7 @@ $config = array(
 		'magic_level' => false,
 		'balance' => false,
 		'marriage_info' => true, // only 0.3
+		'outfit' => true,
 		'creation_date' => true,
 		'quests' => true,
 		'skills' => true,
@@ -212,14 +217,15 @@ $config = array(
 	// other
 	'email_lai_sec_interval' => 60, // time in seconds between e-mails to one account from lost account interface, block spam
 	'google_analytics_id' => '', // e.g.: UA-XXXXXXX-X
-	'experiencetable_columns' => 5, // how many columns to display in experience table page. * 100, 5 = 500 (will show up to 500 level)
+	'experiencetable_columns' => 5, // how many columns to display in experience table page. * experiencetable_rows, 5 = 500 (will show up to 500 level)
+	'experiencetable_rows' => 100, // till how many levels in one column
 
 	'monsters' => array(),
 	'npc' => array()
 );
 
 // download link to client.
-$config['client_download'] = 'http://clients.halfaway.net/windows.php?tibia='. $config['client'] .'';
+$config['client_download'] = 'http://tibia-clients.com/clients/download/'. $config['client'] .'/exe/windows';
-$config['client_download_linux'] = 'http://clients.halfaway.net/linux.php?tibia='. $config['client'] .'';
+$config['client_download_linux'] = 'http://tibia-clients.com/clients/download/'. $config['client'] .'/tar/linux';
 
 ?>

install/includes/schema.sql

@@ -1,7 +1,8 @@
 CREATE TABLE `myaac_account_actions`
 (
   `account_id` INT(11) NOT NULL,
-  `ip` INT(11) NOT NULL DEFAULT '',
+  `ip` INT(11) NOT NULL DEFAULT 0,
+  `ipv6` BINARY(16) NOT NULL DEFAULT 0,
   `date` INT(11) NOT NULL DEFAULT 0,
   `action` VARCHAR(255) NOT NULL DEFAULT '',
   KEY (`account_id`)
@@ -60,7 +61,7 @@ CREATE TABLE `myaac_faq`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
 	`question` VARCHAR(255) NOT NULL DEFAULT '',
-	`answer` VARCHAR(1020) NOT NULL,
+	`answer` VARCHAR(1020) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
@@ -105,6 +106,15 @@ CREATE TABLE `myaac_forum`
 	KEY `section` (`section`)
 ) ENGINE = MyISAM;
 
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+
 CREATE TABLE `myaac_monsters` (
 	`hide_creature` tinyint(1) NOT NULL default '0',
 	`name` varchar(255) NOT NULL,
@@ -125,7 +135,7 @@ CREATE TABLE `myaac_monsters` (
 CREATE TABLE `myaac_movies`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(50) NOT NULL DEFAULT '',
+	`title` VARCHAR(100) NOT NULL DEFAULT '',
 	`youtube_id` VARCHAR(20) NOT NULL,
 	`author` VARCHAR(50) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
@@ -136,8 +146,8 @@ CREATE TABLE `myaac_movies`
 CREATE TABLE `myaac_news`
 (
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(50) NOT NULL,
+	`title` VARCHAR(100) NOT NULL,
-	`body` VARCHAR(10000) NOT NULL,
+	`body` TEXT NOT NULL,
 	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticket, 3 - article',
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`category` TINYINT(1) NOT NULL DEFAULT 0,

install/steps/database.php

@@ -66,6 +66,7 @@ if(!$error) {
 			}
 			
 			if(!$error) {
+				registerDatabaseConfig('database_version', DATABASE_VERSION);
 				$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
 				success($locale['step_database_success_schema']);
 			}
@@ -147,12 +148,14 @@ if(!$error) {
 				if(query("ALTER TABLE `accounts` ADD `email_code` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_new_time`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_code...');
 			}
-			
+
 			if(fieldExist('next_email', 'accounts')) {
-				if(query("ALTER TABLE `accounts` CHANGE `next_email` `email_next` INT(11) NOT NULL DEFAULT 0;")) {
+				if(!fieldExist('email_next', 'accounts')) {
-					$tmp = str_replace('$FIELD$', 'accounts.next_email', $locale['step_database_changing_field']);
+					if(query("ALTER TABLE `accounts` CHANGE `next_email` `email_next` INT(11) NOT NULL DEFAULT 0;")) {
-					$tmp = str_replace('$FIELD_NEW$', 'accounts.email_next', $tmp);
+						$tmp = str_replace('$FIELD$', 'accounts.next_email', $locale['step_database_changing_field']);
-					success($tmp);
+						$tmp = str_replace('$FIELD_NEW$', 'accounts.email_next', $tmp);
+						success($tmp);
+					}
 				}
 			}
 			else if(!fieldExist('email_next', 'accounts')) {
@@ -193,10 +196,12 @@ if(!$error) {
 			}
 
 			if(fieldExist('hide_char', 'players')) {
-				if(query("ALTER TABLE `players` CHANGE `hide_char` `hidden` TINYINT(1) NOT NULL DEFAULT 0;")) {
+				if(!fieldExist('hidden', 'players')) {
-					$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
+					if(query("ALTER TABLE `players` CHANGE `hide_char` `hidden` TINYINT(1) NOT NULL DEFAULT 0;")) {
-					$tmp = str_replace('$FIELD_NEW$', 'players.hidden', $tmp);
+						$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
-					success($tmp);
+						$tmp = str_replace('$FIELD_NEW$', 'players.hidden', $tmp);
+						success($tmp);
+					}
 				}
 			}
 			else if(!fieldExist('hidden', 'players')) {

install/steps/finish.php

@@ -62,16 +62,19 @@ else {
 		}
 
 		if($account_db->isLoaded()) {
-			if($config_salt_enabled)
-				$account_db->setSalt($salt);
-			
 			$account_db->setPassword(encrypt($password));
 			$account_db->setEMail($_SESSION['var_mail_admin']);
 			$account_db->save();
+			
+			if($config_salt_enabled)
+				$account_db->setCustomField('salt', $salt);
+			
 			$account_db->setCustomField('web_flags', 3);
 			$account_db->setCustomField('country', 'us');
 			if(fieldExist('group_id', 'accounts'))
 				$account_db->setCustomField('group_id', $groups->getHighestId());
+			if(fieldExist('type', 'accounts'))
+				$account_db->setCustomField('type', 5);
 
 			if(!$player_db->isLoaded())
 				$player->setAccountId($account_db->getId());
@@ -84,18 +87,23 @@ else {
 			$new_account = $ots->createObject('Account');
 			$new_account->create($account);
 			
-			if($config_salt_enabled)
-				$new_account->setSalt($salt);
-			
 			$new_account->setPassword(encrypt($password));
 			$new_account->setEMail($_SESSION['var_mail_admin']);
+			
 			$new_account->unblock();
 			$new_account->save();
+			
+			if($config_salt_enabled)
+				$new_account->setCustomField('salt', $salt);
+			
 			$new_account->setCustomField('created', time());
 			$new_account->setCustomField('web_flags', 3);
 			$new_account->setCustomField('country', 'us');
 			if(fieldExist('group_id', 'accounts'))
 				$new_account->setCustomField('group_id', $groups->getHighestId());
+			if(fieldExist('type', 'accounts'))
+				$new_account->setCustomField('type', 5);
+
 			$new_account->logAction('Account created.');
 			
 			if(!$player_db->isLoaded())
@@ -138,8 +146,8 @@ else {
 	<?php
 
 		if(!isset($_SESSION['installed'])) {
-			file_get_contents('http://my-aac.org/report_install.php?v=' . MYAAC_VERSION);
+			file_get_contents('http://my-aac.org/report_install.php?v=' . MYAAC_VERSION . '&b=' . urlencode(BASE_URL));
-			$_SESSION['installed'] = false;
+			$_SESSION['installed'] = true;
 		}
 
 		foreach($_SESSION as $key => $value) {

plugins/example.json

@@ -0,0 +1,14 @@
+{
+     "name": "Example Plugin",
+	 "description": "This is just an example of a Plugin for MyAAC.",
+     "version": "1.0",
+	 "author": "nobody",
+	 "contact": "nobody@example.org",
+	 "install": "plugins/example/install.php",
+	 "hooks": {
+		"Example Hook": {
+			"type": "BEFORE_PAGE",
+			"file": "plugins/example/before.php"
+		}
+	 }
+ }

system/cache/signatures/.htaccess

@@ -0,0 +1 @@
+deny from all

system/compat_pages.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/counter.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/database.php

@@ -3,21 +3,32 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 	if(!isset($config['database_type'][0]) || !isset($config['database_user'][0]) || !isset($config['database_password'][0]) || !isset($config['database_name'][0]))
 	{
-		if(isset($config['lua']['sqlType'])) // tfs 0.3
+		if(isset($config['lua']['sqlType'])) {// tfs 0.3
-		{
+			if(isset($config['lua']['mysqlHost'])) {// tfs 0.2
-			$config['otserv_version'] = TFS_03;
+				$config['otserv_version'] = TFS_02;
-			$config['database_type'] = $config['lua']['sqlType'];
+				$config['database_type'] = 'mysql';
-			$config['database_host'] = $config['lua']['sqlHost'];
+				$config['database_host'] = $config['lua']['mysqlHost'];
-			$config['database_port'] = $config['lua']['sqlPort'];
+				$config['database_port'] = $config['lua']['mysqlPort'];
-			$config['database_user'] = $config['lua']['sqlUser'];
+				$config['database_user'] = $config['lua']['mysqlUser'];
-			$config['database_password'] = $config['lua']['sqlPass'];
+				$config['database_password'] = $config['lua']['mysqlPass'];
-			$config['database_name'] = $config['lua']['sqlDatabase'];
+				$config['database_name'] = $config['lua']['mysqlDatabase'];
-
-			$config['database_encryption'] = $config['lua']['encryptionType'];
-			if(!isset($config['database_encryption']) || empty($config['database_encryption'])) // before 0.3.6
 				$config['database_encryption'] = $config['lua']['passwordType'];
+			}
+			else {
+				$config['otserv_version'] = TFS_03;
+				$config['database_type'] = $config['lua']['sqlType'];
+				$config['database_host'] = $config['lua']['sqlHost'];
+				$config['database_port'] = $config['lua']['sqlPort'];
+				$config['database_user'] = $config['lua']['sqlUser'];
+				$config['database_password'] = $config['lua']['sqlPass'];
+				$config['database_name'] = $config['lua']['sqlDatabase'];
+
+				$config['database_encryption'] = $config['lua']['encryptionType'];
+				if(!isset($config['database_encryption']) || empty($config['database_encryption'])) // before 0.3.6
+					$config['database_encryption'] = $config['lua']['passwordType'];
+			}
 		}
-		else if(isset($config['lua']['mysqlHost'])) // tfs 0.2/1.0
+		else if(isset($config['lua']['mysqlHost'])) // tfs 1.0
 		{
 			$config['otserv_version'] = TFS_02;
 			$config['database_type'] = 'mysql';

system/events.php

@@ -1,61 +0,0 @@
-<?php
-/**
- * Events system
- *
- * @package   MyAAC
- * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2017 MyAAC
- * @version   0.0.5
- * @link      http://my-aac.org
- */
-defined('MYAAC') or die('Direct access not allowed!');
-class Event
-{
-	private $_name, $_type, $_callback;
-
-	public function __construct($name, $type, $callback) {
-		$this->_name = $name;
-		$this->_type = $type;
-		$this->_callback = $callback;
-	}
-
-	public function execute($params)
-	{
-		$ret = false;
-		if(is_callable($this->_callback))
-		{
-			$tmp = $this->_callback;
-			$ret = $tmp($params);
-		}
-
-		return $ret;
-	}
-
-	public function name() {return $this->_name;}
-	public function type() {return $this->_type;}
-}
-
-class Events
-{
-	private static $_events = array();
-
-	public function register($event, $type = '', $callback = null) {
-		if(!($event instanceof Event))
-			$event = new Event($event, $type, $callback);
-
-		self::$_events[$event->type()][] = $event;
-	}
-
-	public function trigger($type, $params = array())
-	{
-		$ret = true;
-		if(isset(self::$_events[$type]))
-		{
-			foreach(self::$_events[$type] as $name => $event)
-				$ret = $event->execute($params);
-		}
-
-		return $ret;
-	}
-}
-?>

system/functions.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -148,7 +148,7 @@ function getItemImage($id, $count = 1)
 		$file_name .= '-' . $count;
 
 	global $config;
-	return '<img src="images/items/' . $file_name . '.gif" width="32" height="32" border="0" alt=" ' .$id . '" />';
+	return '<img src="' . $config['item_images_url'] . $file_name . '.gif" width="32" height="32" border="0" alt=" ' .$id . '" />';
 }
 
 function getFlagImage($country)
@@ -255,7 +255,7 @@ function fetchDatabaseConfig($name, &$value)
  */
 function getDatabaseConfig($name)
 {
-	$value = '';
+	$value = NULL;
 	fetchDatabaseConfig($name, $value);
 	return $value;
 }
@@ -598,6 +598,22 @@ function check_name_new_char($name, &$error = '')
 		}
 	}
 
+	$player = new OTS_Player();
+	$player->find($name);
+	if($player->isLoaded()) {
+		$error = 'Player with this name already exist.';
+		return false;
+	}
+
+	//check if was namelocked previously
+	if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
+		$namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
+		if($namelock->rowCount() > 0) {
+			$error =  'Character with this name has been namelocked.';
+			return false;
+		}
+	}
+			
 	$monsters = $db->query(
 			'SELECT ' . $db->fieldName('name') .
 			' FROM ' . $db->tableName(TABLE_PREFIX . 'monsters') .
@@ -808,8 +824,8 @@ function template_header($is_admin = false)
 	</noscript>
 ';
 	if(admin())
-		$ret .= '<script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>
+		$ret .= '<!--script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>
-	<!--script type="text/javascript" src="' . BASE_URL . 'tools/jquery.qtip.js" ></script>
+	<script type="text/javascript" src="' . BASE_URL . 'tools/jquery.qtip.js" ></script>
 	<script type="text/javascript" src="' . BASE_URL . 'tools/admin.js"></script-->
 ';
 	if($config['recaptcha_enabled'])
@@ -852,18 +868,17 @@ function template_ga_code()
 	if(!isset($config['google_analytics_id'][0]))
 		return '';
 
-	return '
+	return "
-<script type="text/javascript">
+<script>
-	var _gaq = _gaq || [];
+  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
-	_gaq.push([\'_setAccount\', \'' . $config['google_analytics_id'] . '\']);
+  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
-	_gaq.push([\'_trackPageview\']);
+  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
+  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
 
-	(function() {
+  ga('create', '" . $config['google_analytics_id'] . "', 'auto');
-	var ga = document.createElement(\'script\'); ga.type = \'text/javascript\'; ga.async = true;
+  ga('send', 'pageview');
-	ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';
+
-	var s = document.getElementsByTagName(\'script\')[0]; s.parentNode.insertBefore(ga, s);
+</script>";
-	})();
-</script>';
 }
 
 function template_form()

system/hooks.php

@@ -0,0 +1,92 @@
+<?php
+/**
+ * Events system
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @version   0.2.2
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+define('HOOK_STARTUP', 1);
+define('HOOK_BEFORE_PAGE', 2);
+define('HOOK_AFTER_PAGE', 3);
+define('HOOK_FINISH', 4);
+define('HOOK_TIBIACOM_ARTICLE', 5);
+define('HOOK_TIBIACOM_BORDER_3', 6);
+define('HOOK_FIRST', HOOK_STARTUP);
+define('HOOK_LAST', HOOK_TIBIACOM_BORDER_3);
+
+$hook_types = array(
+	'STARTUP' => HOOK_STARTUP,
+	'BEFORE_PAGE' => HOOK_BEFORE_PAGE,
+	'AFTER_PAGE' => HOOK_AFTER_PAGE,
+	'FINISH' => HOOK_FINISH,
+	'TIBIACOM_ARTICLE' => HOOK_TIBIACOM_ARTICLE,
+	'TIBIACOM_BORDER_3' => HOOK_TIBIACOM_BORDER_3
+);
+
+class Hook
+{
+	private $_name, $_type, $_file;
+
+	public function __construct($name, $type, $file) {
+		$this->_name = $name;
+		$this->_type = $type;
+		$this->_file = $file;
+	}
+
+	public function execute($params)
+	{
+		/*if(is_callable($this->_callback))
+		{
+			$tmp = $this->_callback;
+			$ret = $tmp($params);
+		}*/
+		
+		global $db, $config, $template_path, $ots;
+		if(file_exists(BASE . $this->_file)) {
+			require(BASE . $this->_file);
+		}
+
+		return true;
+	}
+
+	public function name() {return $this->_name;}
+	public function type() {return $this->_type;}
+}
+
+class Hooks
+{
+	private static $_hooks = array();
+
+	public function register($hook, $type = '', $file = null) {
+		if(!($hook instanceof Hook))
+			$hook = new Hook($hook, $type, $file);
+
+		self::$_hooks[$hook->type()][] = $hook;
+	}
+
+	public function trigger($type, $params = array())
+	{
+		$ret = true;
+		if(isset(self::$_hooks[$type]))
+		{
+			foreach(self::$_hooks[$type] as $name => $hook)
+				$ret = $hook->execute($params);
+		}
+
+		return $ret;
+	}
+	
+	public function load()
+	{
+		global $db;
+		$hooks = $db->query('SELECT `name`, `type`, `file` FROM `' . TABLE_PREFIX . 'hooks`;');
+		foreach($hooks as $hook)
+			$this->register($hook['name'], $hook['type'], $hook['file']);
+	}
+}
+?>

system/init.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/item.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_apc.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_eaccelerator.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_file.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -63,7 +63,7 @@ class Cache_File
 	}
 
 	private function _name($key) {
-		return sprintf("%s/%s%s", $this->dir, $this->prefix, sha1($key));
+		return sprintf("%s%s%s", $this->dir, $this->prefix, sha1($key));
 	}
 }
 ?>

system/libs/cache_xcache.php

@@ -6,7 +6,7 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/data.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/items.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/pot/OTS_Account.php

@@ -187,9 +187,6 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
  */
     public function find($name)
     {
-		if(check_number($name))
-			$this->load((int)$name);
-		
         // finds player's ID
         $id = $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($name) )->fetch();
 
@@ -311,6 +308,25 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
         return $this->data['web_flags'];
     }
 
+	public function hasFlag($flag)
+	{
+		if(!isset($this->data['web_flags'])) {
+			throw new E_OTS_NotLoaded();
+		}
+
+		return ($this->data['web_flags'] & $flag) == $flag;
+	}
+	
+	public function isAdmin()
+	{
+		return $this->hasFlag(FLAG_ADMIN) || $this->isSuperAdmin();
+	}
+
+	public function isSuperAdmin()
+	{
+		return $this->hasFlag(FLAG_SUPER_ADMIN);
+	}
+
     public function getPremDays()
     {
         if( !isset($this->data['lastday']) )
@@ -756,10 +772,17 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			$this->data['banned'] = isset($ban['expires_at']);
 			$this->data['banned_time'] = $ban['expires_at'];
 		}
-		else {
+		else if(tableExist('bans')) {
-			$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
+			if(fieldExist('active', 'bans')) {
-			$this->data['banned'] = $ban['active'];
+				$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
-			$this->data['banned_time'] = $ban['expires'];
+				$this->data['banned'] = $ban['active'];
+				$this->data['banned_time'] = $ban['expires'];
+			}
+			else { // tfs 0.2
+				$ban = $this->db->query('SELECT `time` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `account` = ' . $this->data['id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
+				$this->data['banned'] = $ban['time'] == -1 || $ban['time'] > 0;
+				$this->data['banned_time'] = $ban['time'];
+			}
 		}
     }
 
@@ -829,11 +852,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
 	public function getGroupId()
 	{
-		global $groups;
+		global $db;;
-		if(!isset($groups))
-			$groups = new OTS_Groups_List();
-
-		$group_id = 0;
 		if(fieldExist('group_id', 'accounts')) {
 			$query = $this->db->query('SELECT `group_id` FROM `accounts` WHERE `id` = ' . (int) $this->getId())->fetch();
 			// if anything was found
@@ -841,19 +860,11 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 				return $query['group_id'];
 		}
 		
-        // finds groups of all characters
+		$db->query('SELECT `group_id` FROM `players` WHERE `account_id` = ' . $this->getId() . ' ORDER BY `group_id` DESC LIMIT 1')->fetch();
-        foreach( $this->getPlayersList() as $player)
+		if(isset($query['group_id']))
-        {
+			return $query['group_id'];
-            $group = $player->getGroup();
-
-            // checks if group's access level is higher then previouls found highest
-            if( $group->getId() > $group_id)
-            {
-                $group_id = $group->getId();
-            }
-        }
 		
-		return $group_id;
+		return 0;
 	}
 
 /**
@@ -885,7 +896,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
 	public function logAction($action)
 	{
-		$ip = '127.0.0.1';
+		$ip = '0';
 		if(isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR']))
 			$ip = $_SERVER['REMOTE_ADDR'];
 		else if(isset($_SERVER['HTTP_CLIENT_IP']) && !empty($_SERVER['HTTP_CLIENT_IP']))
@@ -893,15 +904,23 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 		else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']))
 			$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 			
-		return $this->db->query('INSERT INTO ' . $this->db->tableName(TABLE_PREFIX . 'account_actions') . ' (' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('ip') . ', ' . $this->db->fieldName('date') . ', ' . $this->db->fieldName('action') . ') VALUES (' . $this->db->quote($this->getId()).', INET_ATON(' . $this->db->quote($ip) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
+		if(strpos($ip, ":") === false) {
+			$ipv6 = '0';
+		}
+		else {
+			$ipv6 = $ip;
+			$ip = '';
+		}
+
+		return $this->db->query('INSERT INTO `' . TABLE_PREFIX . 'account_actions` (`account_id`, `ip`, `ipv6`, `date`, `action`) VALUES (' . $this->db->quote($this->getId()).', (' . $this->db->quote(ip2long($ip)) . '), (' . ($ipv6 == '0' ? $this->db->quote('') : $this->db->quote(inet_pton($ipv6))) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
 	}
 
 	public function getActionsLog($limit1, $limit2)
 	{
 		$actions = array();
 
-		foreach($this->db->query('SELECT ' . $this->db->fieldName('ip') . ', ' . $this->db->fieldName('date') . ', ' . $this->db->fieldName('action') . ' FROM ' . $this->db->tableName(TABLE_PREFIX . 'account_actions') . ' WHERE ' . $this->db->fieldName('account_id') . ' = ' . $this->data['id'] . ' ORDER by ' . $this->db->fieldName('date') . ' DESC LIMIT ' . $limit1 . ', ' . $limit2 . '')->fetchAll() as $a)
+		foreach($this->db->query('SELECT `ip`, `ipv6`, `date`, `action` FROM `' . TABLE_PREFIX . 'account_actions` WHERE `account_id` = ' . $this->data['id'] . ' ORDER by `date` DESC LIMIT ' . $limit1 . ', ' . $limit2 . '')->fetchAll() as $a)
-			$actions[] = array('ip' => $a['ip'], 'date' => $a['date'], 'action' => $a['action']);
+			$actions[] = array('ip' => $a['ip'], 'ipv6' => $a['ipv6'], 'date' => $a['date'], 'action' => $a['action']);
 
 		return $actions;
 	}

system/libs/pot/OTS_Base_DB.php

@@ -97,6 +97,7 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
     public function query($query)
     {
         $this->queries++;
+		//echo $query . PHP_EOL;
         return parent::query($query);
     }
 

system/libs/pot/OTS_Player.php

@@ -1,4 +1,21 @@
 <?php
+$__load = array();
+/*
+	'loss_experience' => NULL,
+	'loss_items' => NULL,
+	'guild_info' => NULL,
+	'skull_type' => NULL,
+	'skull_time' => NULL,
+	'blessings' => NULL,
+	'direction' => NULL,
+	'stamina' => NULL,
+	'world_id' => NULL,
+	'online' => NULL,
+	'deletion' => NULL,
+	'promotion' => NULL,
+	'marriage' => NULL
+);*/
+
 /**#@+
  * @version 0.0.1
  */
@@ -91,7 +108,6 @@ class OTS_Player extends OTS_Row_DAO
 		POT::SKILL_SHIELD => array('value' => 0, 'tries' => 0),
 		POT::SKILL_FISH => array('value' => 0, 'tries' => 0)
 	);
-
 /**
  * Magic PHP5 method.
  *
@@ -115,28 +131,84 @@ class OTS_Player extends OTS_Row_DAO
  */
     public function load($id)
     {
-		$loss = '';
+		global $__load;
-		if(fieldExist('loss_experience', 'players')) {
+
-			$loss = ', `loss_experience`, `loss_mana`, `loss_skills`, `loss_items`, `loss_containers`';
+		if(!isset($__load['loss_experience']))
+		{
+			$loss = '';
+			if(fieldExist('loss_experience', 'players')) {
+				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
+			}
+
+			$__load['loss_experience'] = $loss;
+		}
+
+		if(!isset($__load['loss_items']))
+		{
+			$loss_items = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items`, `loss_containers`';
+			}
+
+			$__load['loss_items'] = $loss_items;
+		}
+
+		if(!isset($__load['guild_info']))
+		{
+			$guild_info = '';
+			if(!tableExist('guild_members') && fieldExist('guildnick', 'players')) {
+				$guild_info = ', `guildnick`, `rank_id`';
+			}
+
+			$__load['guild_info'] = $guild_info;
 		}
 		
-		$guild_info = '';
+		if(!isset($__load['skull_type']))
-		if(!tableExist('guild_members') && fieldExist('guildnick', 'players')) {
+		{
-			$guild_info = ', `guildnick`, `rank_id`';
+			$skull_type = 'skull';
+			if(fieldExist('skull_type', 'players')) {
+				$skull_type = 'skull_type';
+			}
+
+			$__load['skull_type'] = $skull_type;
 		}
 
-		$skull_type = 'skull';
+		if(!isset($__load['skull_time']))
-		if(fieldExist('skull_type', 'players')) {
+		{
-			$skull_type = 'skull_type';
+			$skull_time = 'skulltime';
+			if(fieldExist('skull_time', 'players')) {
+				$skull_time = 'skull_time';
+			}
+		
+			$__load['skull_time'] = $skull_time;
 		}
 
-		$skull_time = 'skulltime';
+		if(!isset($__load['blessings'])) {
-		if(fieldExist('skull_time', 'players')) {
+			$__load['blessings'] = fieldExist('blessings', 'players');
-			$skull_time = 'skull_time';
+		}
+		if(!isset($__load['direction'])) {
+			$__load['direction'] = fieldExist('direction', 'players');
+		}
+		if(!isset($__load['stamina'])) {
+			$__load['stamina'] = fieldExist('stamina', 'players');
+		}
+		if(!isset($__load['world_id'])) {
+			$__load['world_id'] = fieldExist('world_id', 'players');
+		}
+		if(!isset($__load['online'])) {
+			$__load['online'] = fieldExist('online', 'players');
+		}
+		if(!isset($__load['deletion'])) {
+			$__load['deletion'] = fieldExist('deletion', 'players');
+		}
+		if(!isset($__load['promotion'])) {
+			$__load['promotion'] = fieldExist('promotion', 'players');
+		}
+		if(!isset($__load['marriage'])) {
+			$__load['marriage'] = fieldExist('marriage', 'players');
 		}
-	
         // SELECT query on database
-        $this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . (fieldExist('lookaddons', 'players') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull`' . $guild_info . ', `town_id`' . $loss . ', `balance`' . (fieldExist('blessings', 'players') ? ', `blessings`' : '') . (fieldExist('direction', 'players') ? ', `direction`' : '') . (fieldExist('stamina', 'players') ? ', `stamina`' : '') . (fieldExist('world_id', 'players') ? ', `world_id`' : '') . (fieldExist('online', 'players') ? ', `online`' : '') . ', `' . (fieldExist('deletion', 'players') ? 'deletion' : 'deleted') . '`' . (fieldExist('promotion', 'players') ? ', `promotion`' : '') . (fieldExist('marriage', 'players') ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
+        $this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . (fieldExist('lookaddons', 'players') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 
 		if(!isset($this->data['guildnick']) || $this->data['guildnick'])
 			$this->data['guildnick'] = '';
@@ -278,7 +350,12 @@ class OTS_Player extends OTS_Row_DAO
         {
 			$loss = '';
 			if(fieldExist('loss_experience', 'players')) {
-				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'] . ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
+				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'];
+			}
+			
+			$loss_items = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
 			}
 			
 			$guild_info = '';
@@ -307,7 +384,7 @@ class OTS_Player extends OTS_Row_DAO
 			}
 			
             // UPDATE query on database
-            $this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->data['lastip'] . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
+            $this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->data['lastip'] . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . $loss_items . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
         }
         // creates new player
         else
@@ -315,10 +392,17 @@ class OTS_Player extends OTS_Row_DAO
 			$loss = '';
 			$loss_data = '';
 			if(fieldExist('loss_experience', 'players')) {
-				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`, `loss_items`, `loss_containers`';
+				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
-				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'] . ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
+				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'];
 			}
-			
+
+			$loss_items = '';
+			$loss_items_data = '';
+			if(fieldExist('loss_items', 'players')) {
+				$loss_items = ', `loss_items`, `loss_containers`';
+				$loss_items_data = ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
+			}
+
 			$guild_info = '';
 			$guild_info_data = '';
 			if(!tableExist('guild_members') && fieldExist('guildnick', 'players')) {
@@ -362,7 +446,7 @@ class OTS_Player extends OTS_Row_DAO
 			}
 			
             // INSERT query on database
-            $this->db->query('INSERT INTO ' . $this->db->tableName('players') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('group_id') . ', ' . $this->db->fieldName('sex') . ', ' . $this->db->fieldName('vocation') . ', ' . $this->db->fieldName('experience') . ', ' . $this->db->fieldName('level') . ', ' . $this->db->fieldName('maglevel') . ', ' . $this->db->fieldName('health') . ', ' . $this->db->fieldName('healthmax') . ', ' . $this->db->fieldName('mana') . ', ' . $this->db->fieldName('manamax') . ', ' . $this->db->fieldName('manaspent') . ', ' . $this->db->fieldName('soul') . ', ' . $this->db->fieldName('lookbody') . ', ' . $this->db->fieldName('lookfeet') . ', ' . $this->db->fieldName('lookhead') . ', ' . $this->db->fieldName('looklegs') . ', ' . $this->db->fieldName('looktype') . $lookaddons . ', ' . $this->db->fieldName('posx') . ', ' . $this->db->fieldName('posy') . ', ' . $this->db->fieldName('posz') . ', ' . $this->db->fieldName('cap') . ', `lastlogin`, `lastlogout`, ' . $this->db->fieldName('lastip') . ', ' . $this->db->fieldName('save') . ', ' . $this->db->fieldName('conditions') . ', `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', ' . $this->db->fieldName('town_id') . $loss . ', `balance`' . $blessings . $stamina . $direction . ', ' . $this->db->fieldName('created') . $promotion . ') VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ')');
+            $this->db->query('INSERT INTO ' . $this->db->tableName('players') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('account_id') . ', ' . $this->db->fieldName('group_id') . ', ' . $this->db->fieldName('sex') . ', ' . $this->db->fieldName('vocation') . ', ' . $this->db->fieldName('experience') . ', ' . $this->db->fieldName('level') . ', ' . $this->db->fieldName('maglevel') . ', ' . $this->db->fieldName('health') . ', ' . $this->db->fieldName('healthmax') . ', ' . $this->db->fieldName('mana') . ', ' . $this->db->fieldName('manamax') . ', ' . $this->db->fieldName('manaspent') . ', ' . $this->db->fieldName('soul') . ', ' . $this->db->fieldName('lookbody') . ', ' . $this->db->fieldName('lookfeet') . ', ' . $this->db->fieldName('lookhead') . ', ' . $this->db->fieldName('looklegs') . ', ' . $this->db->fieldName('looktype') . $lookaddons . ', ' . $this->db->fieldName('posx') . ', ' . $this->db->fieldName('posy') . ', ' . $this->db->fieldName('posz') . ', ' . $this->db->fieldName('cap') . ', `lastlogin`, `lastlogout`, ' . $this->db->fieldName('lastip') . ', ' . $this->db->fieldName('save') . ', ' . $this->db->fieldName('conditions') . ', `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', ' . $this->db->fieldName('town_id') . $loss . $loss_items . ', `balance`' . $blessings . $stamina . $direction . ', ' . $this->db->fieldName('created') . $promotion . ') VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . $loss_items_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ')');
             // ID of new group
             $this->data['id'] = $this->db->lastInsertId();
         }

system/libs/timer.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/validator.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/visitors.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/locale/sv/.htaccess

@@ -0,0 +1 @@
+deny from all

system/locale/sv/admin.php

@@ -0,0 +1,9 @@
+<?php
+/**
+ * swedish language file
+ * admin.php
+ *
+ * @author Sizaro <sizaro@live.se>
+ */
+$locale['title'] = 'MyAAC Admin';
+?>

system/locale/sv/install.php

@@ -0,0 +1,93 @@
+<?php
+/**
+ * swedish language file
+ * install.php
+ *
+ * @author Sizaro <sizaro@live.se>
+ */
+$locale['installation'] = 'Installation';
+$locale['steps'] = 'Steg';
+
+$locale['previous'] = 'Föregående';
+$locale['next'] = 'Nästa';
+
+$locale['on'] = 'På';
+$locale['off'] = 'Av';
+
+$locale['loaded'] = 'Laddad';
+$locale['not_loaded'] = 'Inte Laddad';
+
+$locale['please_fill_all'] = 'Vänligen fyll i allt!';
+$locale['already_installed'] = 'MyAAC är redan installerat. Vänligen ta bort <b>install/<b/> mappen.';
+
+// welcome
+$locale['step_welcome'] = 'Välkommen';
+$locale['step_welcome_title'] = 'Välkommen till installatören';
+$locale['step_welcome_desc'] = 'Välj det språk du vill se installatören med';
+
+// license
+$locale['step_license'] = 'Licens';
+$locale['step_license_title'] = 'GNU/GPL Licens';
+
+// requirements
+$locale['step_requirements'] = 'Krav';
+$locale['step_requirements_title'] = 'Kravskontroll';
+$locale['step_requirements_php_version'] = 'PHP Version';
+$locale['step_requirements_write_perms'] = 'Skriv behörigheter';
+$locale['step_requirements_failed'] = 'Installation kommer att inaktiveras tills dessa krav följts. </ B> <br/> Mer information finns i filen <b>README</b>.';
+$locale['step_requirements_extension'] = '$EXTENSION$ PHP extension';
+
+// config
+$locale['step_config'] = 'Konfiguration';
+$locale['step_config_title'] = 'Grundläggande konfiguration';
+$locale['step_config_server_path'] = 'Server mapp';
+$locale['step_config_server_path_desc'] = 'Mappen som innhåller exe filen till The Forgotten Server, där du har din config.lua.';
+$locale['step_config_mail_admin'] = 'Admin E-Post';
+$locale['step_config_mail_admin_desc'] = 'Adress där E-Post från kontaktförmolär kommer att leveraras, till exempel <i>admin@gmail.com</i>';
+
+$locale['step_config_mail_admin_error'] = 'Admin E-Post är inte korrekt.';
+$locale['step_config_mail_address'] = 'Server E-Post';
+$locale['step_config_mail_address_desc'] = 'Adress som kommer att användas för utgående email (från:), till exempel <i>no-reply@your-server.org</i>';
+
+$locale['step_config_mail_address_error'] = 'Server E-Post är inte korrekt.';
+$locale['step_config_client'] = 'Klientversion';
+$locale['step_config_client_desc'] = 'Används för nerladdningssidan och teman.';
+
+// database
+$locale['step_database'] = 'Importera schema';
+$locale['step_database_title'] = 'Importera MySQL schema';
+$locale['step_database_importing'] = 'Din databas är MySQL. Importerar schema nu...';
+$locale['step_database_error_path'] = 'Ange server mapp.';
+$locale['step_database_error_config'] = 'Kan inte hitta konfigurations fil. Är din server mapp korrekt? Gå tillbaka och kolla igen.';
+$locale['step_database_error_database_empty'] = 'Kan inte bestämma databas typ från config.lua. Din OTS stöds inte av MyAAC.';
+$locale['step_database_error_only_mysql'] = 'Denna AAC stöder endast MySQL. Från din konfigurationsfil verkar det som att din OTS använder: $DATABASE_TYPE$ databastypen. Var vänligen ändra din databas till MySQL och följ instruktionerna i installationen igen.';
+$locale['step_database_error_table'] = 'Tabell $TABLE$ finns inte. Importera din OTS databas schema först.';
+$locale['step_database_error_table_exist'] = 'Tabell $TABLE$ finns redan. Ser ut som att din AAC redan är installerad. Hoppar över importering av MySQL schema.';
+$locale['step_database_error_schema'] = 'Fel vid import av schema:';
+$locale['step_database_success_schema'] = 'Lyckades installera $PREFIX$ tabeller.';
+$locale['step_database_error_file'] = '$FILE$ kunde inte öppnas. Kopiera innehållet och klistra in här:';
+$locale['step_database_adding_field'] = 'Lägger till fält';
+$locale['step_database_modifying_field'] = 'Ändrar fält';
+$locale['step_database_changing_field'] = 'Ändrar $FIELD$ till $FIELD_NEW$...';
+$locale['step_database_imported_players'] = 'Importerar spelarprover...';
+$locale['step_database_created_account'] = 'Skapade admin konto...';
+
+// admin account
+$locale['step_admin'] = 'Admin Konto';
+$locale['step_admin_title'] = 'Skapa Admin Konto';
+$locale['step_admin_account'] = 'Admin konto namn';
+$locale['step_admin_account_desc'] = 'Namn på ditt admin konto som kommer att användas för att logga in på hemsidan och servern.';
+$locale['step_admin_account_id'] = 'Admin konto ID';
+$locale['step_admin_account_id_desc'] = 'ID på ditt admin konto som kommer att användas för att logga in på hemsidan och servern.';
+$locale['step_admin_password'] = 'Admin konto lösenord';
+$locale['step_admin_password_desc'] = 'Lösenordet till ditt admin konto.';
+
+// finish
+$locale['step_finish_admin_panel'] = 'Admin Panelen';
+$locale['step_finish_homepage'] = 'hemsida';
+$locale['step_finish'] = 'Klar';
+$locale['step_finish_title'] = 'Installationen klar!';
+$locale['step_finish_desc'] = 'Grattis! <b>MyAAC</b> är redo att användas!<br/>Du kan logga in på $ADMIN_PANEL$, eller titta till $HOMEPAGE$.<br/><br/>
+<font color="red">Var vänligen ta bort installations mappen.</font><br/><br/>
+Var vänligen rapportera buggar och förslag på $LINK$, tack!';
+?>

system/locale/sv/main.php

@@ -0,0 +1,15 @@
+<?php
+/**
+ * swedish language file
+ * main.php
+ *
+ * @author Sizaro <sizaro@live.se>
+ */
+$locale['name']     = 'Swedish';
+$locale['lang']		= 'sv';
+$locale['encoding'] = 'utf-8';
+$locale['direction']= 'ltr';
+
+$locale['error404'] = 'Sidan kunde inte hittas.';
+$locale['news'] = 'Senaste nyheterna';
+?>

system/login.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -73,9 +73,6 @@ else
 				if(isset($_POST['remember_me']))
 					$_SESSION['remember_me'] = true;
 
-				//if(isset($_POST['admin']))
-				//	$_SESSION['admin'] = true;
-			
 				$logged = true;
 
 				$logged_flags = $account_logged->getWebFlags();

system/migrations/1.php

@@ -0,0 +1,16 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';");
+	$db->query("
+	CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+");
+
+?>

system/migrations/2.php

@@ -0,0 +1,6 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "faq` MODIFY `answer` VARCHAR(1020) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
+?>

system/migrations/3.php

@@ -0,0 +1,3 @@
+<?php
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` ADD `ipv6` BINARY(16) NOT NULL DEFAULT 0;");
+?>

system/pages/404.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/accountmanagement.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -177,11 +177,12 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 
 	if($action == "")
 	{
+		$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']);
 		$account_reckey = $account_logged->getCustomField("key");
 		if(!$account_logged->isPremium())
 			$account_status = '<b><font color="red">Free Account</font></b>';
 		else
-			$account_status = '<b><font color="green">Premium Account, '.$account_logged->getPremDays().' days left</font></b>';
+			$account_status = '<b><font color="green">Premium Account, ' . ($freePremium ? 'Unlimited' : $account_logged->getPremDays() . ' days left') . '</font></b>';
 		if(empty($account_reckey))
 			$account_registred = '<b><font color="red">No</font></b>';
 		else
@@ -222,7 +223,21 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 				echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="Message" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div><table><tr><td class="LabelV" >Note:</td><td style="width:100%;" >A request has been submitted to change the email address of this account to <b>'.$account_email_new.'</b>. After <b>'.date("j F Y, G:i:s", $account_email_new_time).'</b> you can accept the new email address and finish the process. Please cancel the request if you do not want your email address to be changed! Also cancel the request if you have no access to the new email address!</td></tr></table><div align="center" ><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Edit" alt="Edit" src="'.$template_path.'/images/buttons/_sbutton_edit.gif" ></div></div></td></tr></form></table></div>    </div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/><br/>';
 			}
 		}
-		echo '<a name="General+Information" ></a><div class="TopButtonContainer" ><div class="TopButton" ><a href="#top" >	<img style="border:0px;" src="'.$template_path.'/images/content/back-to-top.gif" /></a></div></div><div class="TableContainer" ><table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >General Information</div><span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" ><div class="TableContentContainer" >    <table class="TableContent" width="100%" ><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Email Address:</td><td style="width:90%;" >'.$account_email.''.$account_email_change.'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Created:</td><td>'.date("j F Y, G:i:s", $account_created).'</td></td><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Last Login:</td><td>'.date("j F Y, G:i:s", time()).'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Account Status:</td><td>'.$account_status.'</td></tr><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Registred:</td><td>'.$account_registred.'</td></tr></table></div></div><div class="TableShadowContainer" ><div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" ><div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div><div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changepassword" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Password" alt="Change Password" src="'.$template_path.'/images/buttons/_sbutton_changepassword.gif" ></div></div></td></tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><input type="hidden" name=newemail value="" ><input type="hidden" name=newemaildate value=0 ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Email" alt="Change Email" src="'.$template_path.'/images/buttons/_sbutton_changeemail.gif" ></div></div></td></tr></form>	</table></td><td width="100%"></td>';
+		echo '<a name="General+Information" ></a><div class="TopButtonContainer" ><div class="TopButton" ><a href="#top" >	<img style="border:0px;" src="'.$template_path.'/images/content/back-to-top.gif" /></a></div></div><div class="TableContainer" ><table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >General Information</div><span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" ><div class="TableContentContainer" >    <table class="TableContent" width="100%" >
+		<tr style="background-color:'.$config['lightborder'].';" >
+			<td class="LabelV" >Account ' . (USE_ACCOUNT_NAME ? 'Name' : 'Number') . ':</td>
+			<td style="width:90%;" >' . (USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()) . '</td>
+		</tr>
+		<tr style="background-color:'.$config['darkborder'].';" >
+			<td class="LabelV" >Email Address:</td>
+			<td style="width:90%;" >'.$account_email.''.$account_email_change.'</td>
+		</tr>
+		<tr style="background-color:'.$config['lightborder'].';" >
+			<td class="LabelV" >Created:</td>
+			<td>'.date("j F Y, G:i:s", $account_created).'</td>
+		</tr>
+		<tr style="background-color:'.$config['darkborder'].';" >
+		<td class="LabelV" >Last Login:</td><td>'.date("j F Y, G:i:s", time()).'</td></tr><tr style="background-color:'.$config['lightborder'].';" ><td class="LabelV" >Account Status:</td><td>'.$account_status.'</td></tr><tr style="background-color:'.$config['darkborder'].';" ><td class="LabelV" >Registred:</td><td>'.$account_registred.'</td></tr></table></div></div><div class="TableShadowContainer" ><div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" ><div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div><div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changepassword" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Password" alt="Change Password" src="'.$template_path.'/images/buttons/_sbutton_changepassword.gif" ></div></div></td></tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=changeemail" method="post" ><tr><td style="border:0px;" ><input type="hidden" name=newemail value="" ><input type="hidden" name=newemaildate value=0 ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Change Email" alt="Change Email" src="'.$template_path.'/images/buttons/_sbutton_changeemail.gif" ></div></div></td></tr></form>	</table></td><td width="100%"></td>';
 		//show button "register account"
 		if(empty($account_reckey))
 			echo '<td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=registeraccount" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Register Account" alt="Register Account" src="'.$template_path.'/images/buttons/_sbutton_registeraccount.gif" ></div></div></td></tr></form></table></td>';
@@ -234,7 +249,7 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 		foreach($account_logged->getActionsLog(0, 1000) as $action)
 		{
 			echo '<tr style="background-color:' . getStyle($player_number_counter++) . '"><td>'.$action['action'] . '</td><td>' . date("jS F Y H:i:s",$action['date']) . '</td>
-			<td>' . long2ip($action['ip']) . '</td></tr>';
+			<td>' . ($action['ip'] != 0 ? long2ip($action['ip']) : inet_ntop($action['ipv6'])) . '</td></tr>';
 		}
 		echo '</table>
 	
@@ -258,7 +273,52 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 				echo '<td><font color="green"><b>Online</b></font></td>';
 			echo '<td>[<a href="?subtopic=accountmanagement&action=changecomment&name='.urlencode($account_player->getName()).'" >Edit</a>]</td></tr>';
 		}
-		echo '</table>  </div></div><div class="TableShadowContainer" >  <div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" >    <div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div>    <div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Create Character" alt="Create Character" src="'.$template_path.'/images/buttons/_sbutton_createcharacter.gif" ></div></div></td></tr></form></table></td><td style="width:100%;" ></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=deletecharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Delete Character" alt="Delete Character" src="'.$template_path.'/images/buttons/_sbutton_deletecharacter.gif" ></div></div></td></tr></form></table></td></tr></table></td></tr>          </table>        </div>  </table></td></div></tr><br/><br/>';
+		echo '</table>  </div></div><div class="TableShadowContainer" >  <div class="TableBottomShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bm.gif);" >    <div class="TableBottomLeftShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-bl.gif);" ></div>    <div class="TableBottomRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-br.gif);" ></div>  </div></div></td></tr><tr><td><table class="InnerTableButtonRow" cellpadding="0" cellspacing="0" ><tr>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=createcharacter" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Create Character" alt="Create Character" src="'.$template_path.'/images/buttons/_sbutton_createcharacter.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		if($config['account_change_character_name']) {
+			echo '
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=changename" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Change Name" alt="Change Name" src="images/buttons/_sbutton_change_name.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		}
+		if($config['account_change_character_sex']) {
+			echo '
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<form action="?subtopic=accountmanagement&action=changesex" method="post" >
+					<tr>
+						<td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div>
+								<input class="ButtonText" type="image" name="Change Sex" alt="Change Sex" src="images/buttons/_sbutton_change_sex.gif" ></div>
+							</div>
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>';
+		}
+		echo '
+		<td style="width:100%;" ></td>
+		<td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement&action=deletecharacter" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Delete Character" alt="Delete Character" src="'.$template_path.'/images/buttons/_sbutton_deletecharacter.gif" ></div></div></td></tr></form></table></td></tr></table></td></tr>          </table>        </div>  </table></td></div></tr><br/><br/>';
 	}
 //########### CHANGE PASSWORD ##########
 	if($action == "changepassword") {
@@ -652,14 +712,14 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 					{
 						echo 'Here you can see and edit the information about your character.<br/>If you do not want to specify a certain field, just leave it blank.<br/><br/><form action="?subtopic=accountmanagement&action=changecomment" method="post" ><div class="TableContainer" >  <table class="Table5" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Edit Character Information</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" >    <table class="TableContent" width="100%" ><tr><td class="LabelV" >Name:</td><td style="width:80%;" >'.$player_name.'</td></tr><tr><td class="LabelV" >Hide Account:</td><td>';
 						if($player->getCustomField("hidden") == 1) {
-							echo '<input type="checkbox" name="accountvisible"  value="1" checked="checked">';
+							echo '<input type="checkbox" name="accountvisible" id="accountvisible" value="1" checked="checked">';
 						}
 						else
 						{
-							echo '<input type="checkbox" name="accountvisible"  value="1" >';
+							echo '<input type="checkbox" name="accountvisible" id="accountvisible" value="1" >';
 						}
 
-						echo ' check to hide your account information';
+						echo '<label for="accountvisible"> check to hide your account information</label>';
 							if((int)$player->getCustomField('group_id') > 1)
 								echo ' (you will be also hidden on the Team page!)';
 
@@ -682,6 +742,191 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 		}
 	}
 
+	if($action == "changename") {
+		echo '<script type="text/javascript" src="tools/check_name.js"></script>';
+		
+		$name_changed = false;
+		$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
+		$newcharname = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL;
+		if((!$config['account_change_character_name']))
+			echo 'You cant change your character name';
+		else
+		{
+			$points = $account_logged->getCustomField('premium_points');
+			if(isset($_POST['changenamesave']) && $_POST['changenamesave'] == 1) {
+				if($points < $config['account_change_character_name_points'])
+					$errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have <b>'.$points.'<b> premium points.';
+	
+				if(empty($errors) && empty($newcharname))
+					$errors[] = 'Please enter a name for your character!';
+
+				if(empty($errors) && strlen($newcharname) > 25)
+					$errors[] = 'Name is too long. Max. lenght <b>25</b> letters.';
+				else if(empty($errors) && strlen($newcharname) < 3)
+					$errors[] = 'Name is too short. Min. lenght <b>25</b> letters.';
+				
+				if(empty($errors))
+				{
+					$error = '';
+					if(!admin() && !check_name_new_char($newcharname, $error))
+						$errors[] = $error;
+				}
+				
+				if(empty($errors)) {
+					$player = $ots->createObject('Player');
+					$player->load($player_id);
+					if($player->isLoaded()) {
+						$player_account = $player->getAccount();
+						if($account_logged->getId() == $player_account->getId()) {
+							if($player->isOnline()) {
+								$errors[] = 'This character is online.';
+							}
+							
+							if(empty($errors)) {
+								$name_changed = true;
+								$old_name = $player->getName();
+								$player->setName($newcharname);
+								$player->save();
+								$account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']);
+								$account_logged->logAction('Changed name from <b>' . $old_name . '</b> to <b>' . $player->getName() . '</b>.');
+								echo '<div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Character Name Changed</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td>The character <b>'.$old_name.'</b> name has been changed to <b>' . $player->getName() . '</b>.</td></tr>          </table>        </div>  </table></div></td></tr><br><center><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></center>';
+							}
+						}
+						else
+						{
+							$errors[] = 'Character <b>'.$player_name.'</b> is not on your account.';
+						}
+					}
+					else
+					{
+						$errors[] = 'Character with this name doesn\'t exist.';
+					}
+				}
+			}
+
+			if(!$name_changed) {
+				if(!empty($errors)) {
+					echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div><b>The Following Errors Have Occurred:</b><br/>';
+					foreach($errors as $errors) {
+							echo '<li>'.$errors;
+					}
+					echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
+				}
+				echo 'To change a name of character select player and choose a new name.<br/>
+				<font color="red">Change name cost ' . $config['account_change_character_name_points'] . ' premium points. You have ' . $points . ' premium points.</font><br/><br/><form action="?subtopic=accountmanagement&action=changename" method="post" ><input type="hidden" name="changenamesave" value="1"><div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Change Name</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >
+				<table style="width:100%;" >
+					<tr>
+						<td class="LabelV" ><span >Character:</td>
+						<td style="width:90%;" >
+							<select name="player_id">';
+								$players = $account_logged->getPlayersList();
+								foreach($players as $player)
+									echo '<option value="' . $player->getId() . '">' . $player->getName() . '</option>';
+							echo '
+							</select>
+						</td>
+					</tr>
+					<tr>
+						<td class="LabelV" ><span >New Name:</td>
+						<td>
+							<input type="text" name="newcharname" id="newcharname" onkeyup="checkName();" size="25" maxlength="25" >
+							<font size="1" face="verdana,arial,helvetica">
+								<div id="name_check">Please enter your character name.</div>
+							</font>
+						</td>
+					</tr>
+				</table>        </div>  </table></div></td></tr><br/><table style="width:100%" ><tr align="center" ><td><table border="0" cellspacing="0" cellpadding="0" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Submit" alt="Submit" src="'.$template_path.'/images/buttons/_sbutton_submit.gif" ></div></div></td><tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></td></tr></table>';
+			}
+		}
+	}
+
+	if($action == "changesex") {
+		$sex_changed = false;
+		$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
+		$new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;
+		if((!$config['account_change_character_sex']))
+			echo 'You cant change your character sex';
+		else
+		{
+			$points = $account_logged->getCustomField('premium_points');
+			if(isset($_POST['changesexsave']) && $_POST['changesexsave'] == 1) {
+				if($points < $config['account_change_character_sex_points'])
+					$errors[] = 'You need ' . $config['account_change_character_sex_points'] . ' premium points to change sex. You have <b>'.$points.'<b> premium points.';
+	
+				if(empty($errors) && $new_sex != 0 && $new_sex != 1)
+					$errors[] = 'This sex is invalid.';
+				
+				if(empty($errors)) {
+					$player = $ots->createObject('Player');
+					$player->load($player_id);
+					if($player->isLoaded()) {
+						$player_account = $player->getAccount();
+						if($account_logged->getId() == $player_account->getId()) {
+							if($player->isOnline()) {
+								$errors[] = 'This character is online.';
+							}
+							
+							if(empty($errors) && $player->getSex() == $new_sex)
+								$errors[] = 'Sex cannot be same';
+							
+							if(empty($errors)) {
+								$sex_changed = true;
+								$old_sex = $player->getSex();
+								$player->setSex($new_sex);
+								$sexes = array(0 => 'Female', 1 => 'Male');
+								$player->save();
+								$account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']);
+								$account_logged->logAction('Changed sex on character <b>' . $player->getName() . '</b> from <b>' . $sexes[$old_sex] . '</b> to <b>' . $sexes[$new_sex] . '</b>.');
+								echo '<div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Character Sex Changed</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td>The character <b>'.$player->getName().'</b> sex has been changed to <b>' . $sexes[$new_sex] . '</b>.</td></tr>          </table>        </div>  </table></div></td></tr><br><center><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></center>';
+							}
+						}
+						else
+						{
+							$errors[] = 'Character <b>'.$player_name.'</b> is not on your account.';
+						}
+					}
+					else
+					{
+						$errors[] = 'Character with this name doesn\'t exist.';
+					}
+				}
+			}
+
+			if(!$sex_changed) {
+				if(!empty($errors)) {
+					echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div><b>The Following Errors Have Occurred:</b><br/>';
+					foreach($errors as $errors) {
+							echo '<li>'.$errors;
+					}
+					echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
+				}
+				echo 'To change a sex of character select player and choose a new sex.<br/>
+				<font color="red">Change sex cost ' . $config['account_change_character_sex_points'] . ' premium points. You have ' . $points . ' premium points.</font><br/><br/><form action="?subtopic=accountmanagement&action=changesex" method="post" ><input type="hidden" name="changesexsave" value="1"><div class="TableContainer" >  <table class="Table1" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" >        <span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <div class="Text" >Change sex</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span>        <span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span>        <span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>        <span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span>      </div>    </div>    <tr>      <td>        <div class="InnerTableContainer" >
+				<table style="width:100%;" >
+					<tr>
+						<td class="LabelV" ><span >Character:</td>
+						<td style="width:90%;" >
+							<select name="player_id">';
+								$players = $account_logged->getPlayersList();
+								foreach($players as $player)
+									echo '<option value="' . $player->getId() . '">' . $player->getName() . '</option>';
+							echo '
+							</select>
+						</td>
+					</tr>
+					<tr>
+						<td class="LabelV" ><span >New Sex:</td>
+						<td>
+							<select name="new_sex">
+								<option value="0"' . ($player->getSex() == 0 ? ' selected' : '') . '>Female</option>
+								<option value="1"' . ($player->getSex() == 1 ? ' selected' : '') . '>Male</option>
+							</select>
+						</td>
+					</tr>
+				</table>        </div>  </table></div></td></tr><br/><table style="width:100%" ><tr align="center" ><td><table border="0" cellspacing="0" cellpadding="0" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Submit" alt="Submit" src="'.$template_path.'/images/buttons/_sbutton_submit.gif" ></div></div></td><tr></form></table></td><td><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" ><div class="BigButton" style="background-image:url('.$template_path.'/images/buttons/sbutton.gif)" ><div onMouseOver="MouseOverBigButton(this);" onMouseOut="MouseOutBigButton(this);" ><div class="BigButtonOver" style="background-image:url('.$template_path.'/images/buttons/sbutton_over.gif);" ></div><input class="ButtonText" type="image" name="Back" alt="Back" src="'.$template_path.'/images/buttons/_sbutton_back.gif" ></div></div></td></tr></form></table></td></tr></table>';
+			}
+		}
+	}
 //### DELETE character from account ###
 	if($action == "deletecharacter") {
 		$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : NULL;
@@ -750,52 +995,14 @@ Please enter your account name and your password.<br/><a href="?subtopic=createa
 
 //## CREATE CHARACTER on account ###
 	if($action == "createcharacter") {
-		echo '<script type="text/javascript">
+		echo '<script type="text/javascript" src="tools/check_name.js"></script>';
-		eventId = 0;
-		lastSend = 0;
-
-function checkName()
-{
-	if(eventId != 0)
-	{
-		clearInterval(eventId)
-		eventId = 0;
-	}
-
-	if(document.getElementById("newcharname").value=="")
-	{
-		document.getElementById("name_check").innerHTML = \'<b><font color="red">Please enter new character name.</font></b>\';
-		return;
-	}
-
-	//anti flood
-	var date = new Date;
-	var timeNow = parseInt(date.getTime());
-
-	if(lastSend != 0)
-	{
-		if(timeNow - lastSend < 1100)
-		{
-			eventId = setInterval(\'checkName()\', 1100)
-			return;
-		}
-	}
-
-	var newcharname = document.getElementById("newcharname").value;
-	$.get("tools/validate.php", { name: newcharname, uid: Math.random() },
-		function(data){
-			document.getElementById("name_check").innerHTML = data;
-			lastSend = timeNow;
-	});
-	
-	lastSend = timeNow;
-}
-</script>';
 		$newchar_name = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL;
 		$newchar_sex = isset($_POST['newcharsex']) ? $_POST['newcharsex'] : NULL;
 		$newchar_vocation = isset($_POST['newcharvocation']) ? $_POST['newcharvocation'] : NULL;
 		$newchar_town = isset($_POST['newchartown']) ? $_POST['newchartown'] : NULL;
 		$newchar_errors = array();
+		
+		$newchar_created = false;
 		if(isset($_POST['savecharacter']) && $_POST['savecharacter'] == 1) {
 			if(empty($newchar_name))
 				$newchar_errors[] = 'Please enter a name for your character!';
@@ -824,17 +1031,10 @@ function checkName()
 			else
 				$newchar_town = $config['character_towns'][0];
 
-			//check if was namelocked previously
-			if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
-				$namelockSQL = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($newchar_name));
-				if($namelockSQL->rowCount() > 0)
-					$newchar_errors[] = 'Character with this name has been namelocked.';
-			}
-
 			if(empty($newchar_errors))
 			{
 				$error = '';
-				if(!check_name_new_char($newchar_name, $error))
+				if(!admin() && !check_name_new_char($newchar_name, $error))
 					$newchar_errors[] = $error;
 				if($newchar_sex != 1 && $newchar_sex != "0")
 					$newchar_errors[] = 'Sex must be equal <b>0 (female)</b> or <b>1 (male)</b>.';
@@ -855,10 +1055,6 @@ function checkName()
 
 			if(empty($newchar_errors))
 			{
-				$check_name_in_database = $ots->createObject('Player');
-				$check_name_in_database->find($newchar_name);
-				if($check_name_in_database->isLoaded())
-					$newchar_errors[] .= 'This name is already used. Please choose another name!';
 				$number_of_players_on_account = $account_logged->getPlayersList()->count();
 				if($number_of_players_on_account >= $config['characters_per_account'])
 					$newchar_errors[] .= 'You have too many characters on your account <b>('.$number_of_players_on_account.'/'.$config['characters_per_account'].')</b>!';
@@ -897,7 +1093,7 @@ function checkName()
 				}
 				
 				if(fieldExist('lookaddons', 'players'))
-			    $player->setLookAddons($char_to_copy->getLookAddons());
+					$player->setLookAddons($char_to_copy->getLookAddons());
 	
 			    $player->setTownId($newchar_town);
 			    $player->setExperience($char_to_copy->getExperience());
@@ -925,10 +1121,16 @@ function checkName()
 					$player->setLossExperience($char_to_copy->getLossExperience());
 					$player->setLossMana($char_to_copy->getLossMana());
 					$player->setLossSkills($char_to_copy->getLossSkills());
-					$player->setLossItems($char_to_copy->getLossItems());
 				}
+				if(fieldExist('loss_items', 'players')) {
+					$player->setLossItems($char_to_copy->getLossItems());
+					$player->setLossContainers($char_to_copy->getLossContainers());
+				}
+					
 				$player->save();
 				$player->setCustomField("created", time());
+				
+				$newchar_created = true;
 				$account_logged->logAction('Created character <b>' . $player->getName() . '</b>.');
 				unset($player);
 				$player = $ots->createObject('Player');
@@ -958,15 +1160,16 @@ function checkName()
 				}
 			}
 		}
-		else
+
-		{
+		if(count($newchar_errors) > 0) {
-			if(count($newchar_errors) > 0) {
+			echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div>';
-				echo '<div class="SmallBox" >  <div class="MessageContainer" >    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="ErrorMessage" >      <div class="BoxFrameVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="BoxFrameVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></div>      <div class="AttentionSign" style="background-image:url('.$template_path.'/images/content/attentionsign.gif);" /></div>';
+			echo '<b>The Following Errors Have Occurred:</b><br/>';
-				echo '<b>The Following Errors Have Occurred:</b><br/>';
+			foreach($newchar_errors as $newchar_error)
-				foreach($newchar_errors as $newchar_error)
+				echo '<li>'.$newchar_error . '</li>';
-					echo '<li>'.$newchar_error . '</li>';
+			echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
-				echo '</div>    <div class="BoxFrameHorizontal" style="background-image:url('.$template_path.'/images/content/box-frame-horizontal.gif);" /></div>    <div class="BoxFrameEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>    <div class="BoxFrameEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></div>  </div></div><br/>';
+		}
-			}
+		
+		if(!$newchar_created) {
 			echo 'Please choose a name';
 			if(count($config['character_samples']) > 1)
 				echo ', vocation';
@@ -974,7 +1177,14 @@ function checkName()
 			if($account_logged->getPlayersList()->count() >= $config['characters_per_account']) {
 				echo '<b><font color="red"> You have maximum number of characters per account on your account. Delete one before you make new.</font></b>';
 			}
-			echo '<br/><br/><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><input type="hidden" name=savecharacter value="1" ><div class="TableContainer" >  <table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" ><span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >Create Character</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" ><table class="TableContent" width="100%" ><tr class="LabelH" ><td style="width:50%;" ><span >Name</td><td><span >Sex</td></tr><tr class="Odd" ><td><input id="newcharname" name="newcharname" onkeyup="checkName();" value="'.$newchar_name.'" size="30" maxlength="29" ><BR><font size="1" face="verdana,arial,helvetica"><div id="name_check">Please enter your character name.</div></font></td><td>';
+			echo '<br/><br/><form action="?subtopic=accountmanagement&action=createcharacter" method="post" ><input type="hidden" name=savecharacter value="1" ><div class="TableContainer" >  <table class="Table3" cellpadding="0" cellspacing="0" >    <div class="CaptionContainer" >      <div class="CaptionInnerContainer" ><span class="CaptionEdgeLeftTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightTop" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionBorderTop" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionVerticalLeft" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><div class="Text" >Create Character</div>        <span class="CaptionVerticalRight" style="background-image:url('.$template_path.'/images/content/box-frame-vertical.gif);" /></span><span class="CaptionBorderBottom" style="background-image:url('.$template_path.'/images/content/table-headline-border.gif);" ></span><span class="CaptionEdgeLeftBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span><span class="CaptionEdgeRightBottom" style="background-image:url('.$template_path.'/images/content/box-frame-edge.gif);" /></span></div>    </div><tr>      <td>        <div class="InnerTableContainer" >          <table style="width:100%;" ><tr><td><div class="TableShadowContainerRightTop" >  <div class="TableShadowRightTop" style="background-image:url('.$template_path.'/images/content/table-shadow-rt.gif);" ></div></div><div class="TableContentAndRightShadow" style="background-image:url('.$template_path.'/images/content/table-shadow-rm.gif);" >  <div class="TableContentContainer" ><table class="TableContent" width="100%" ><tr class="LabelH" ><td style="width:50%;" ><span >Name</td><td><span >Sex</td></tr><tr class="Odd" >
+			<td>
+				<input id="newcharname" name="newcharname" onkeyup="checkName();" value="'.$newchar_name.'" size="25" maxlength="25" ><br/>
+				<font size="1" face="verdana,arial,helvetica">
+					<div id="name_check">Please enter your character name.</div>
+				</font>
+			</td>
+			<td>';
 			echo '<input type="radio" name="newcharsex" id="newcharsex" value="1" ';
 			if($newchar_sex == 1)
 				echo 'checked="checked" ';

system/pages/admin/changelog.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/dashboard.php

@@ -5,12 +5,85 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Dashboard';
+
+if($cache->enabled()) {
+	if(isset($_GET['clear_cache'])) {
+		if(clearCache())
+			success('Cache cleared.');
+		else
+			error('Error while clearing cache.');
+	}
+
 ?>
+<table class="table">
+	<tr>
+		<th><a href="?p=dashboard&clear_cache" onclick="return confirm('Are you sure?');">Clear cache</a></th>
+	</tr>
+</table>
+<?php
+}
+if(isset($_GET['maintenance'])) {
+	$_status = (int)$_POST['status'];
+	$message = $_POST['message'];
+	if(empty($message)) {
+		error('Message cannot be empty.');
+	}
+	else if(strlen($message) > 255) {
+		error('Message is too long. Maximum length allowed is 255 chars.');
+	}
+	else {
+		$tmp = '';
+		if(fetchDatabaseConfig('site_closed', $tmp))
+			updateDatabaseConfig('site_closed', $_status);
+		else
+			registerDatabaseConfig('site_closed', $_status);
+
+		if(fetchDatabaseConfig('site_closed_message', $tmp))
+			updateDatabaseConfig('site_closed_message', $message);
+		else
+			registerDatabaseConfig('site_closed_message', $message);
+	}
+}
+$is_closed = getDatabaseConfig('site_closed') == '1';
+
+$closed_message = 'Server is under maintenance, please visit later.';
+$tmp = '';
+if(fetchDatabaseConfig('site_closed_message', $tmp))
+	$closed_message = $tmp;
+?>
+<form action="?p=dashboard&maintenance" method="post">
+	<table class="table">
+		<tr>
+			<th colspan="2">Maintenance
+			</th>
+		</tr>
+		<tr>
+			<td>Site status:</td>
+			<td>
+				<select name="status">
+					<option value="0"<?php echo (!$is_closed ? ' selected' : ''); ?>>Open</option>
+					<option value="1"<?php echo ($is_closed ? ' selected' : ''); ?>>Closed</option>
+				</select>
+			</td>
+		</tr>
+		<tr>
+			<td>Message: (only if closed)</td>
+			<td>
+				<textarea name="message" maxlength="255" cols="40" rows="5"><?php echo $closed_message; ?></textarea>
+			<td>
+		</tr>
+		<tr>
+			<td colspan="2">
+				<input type="submit" class="button" value="Update"/>
+			</td>
+	</table>
+</form>
+<br/>
 <div>
 	<?php if($status['online']): ?>
 	<p class="success" style="width: 150px; text-align: center;">Status: Online<br/>
@@ -39,26 +112,69 @@ $title = 'Dashboard';
 </div-->
 <?php if($status['online']): ?>
 <script type="text/javascript">
-	var hidden = false;
 	$(document).ready(function() {
 		$("#status-more").hide();
 		$("#more-button").text("More");
-		hidden = true;
 	});
 
 	$("#more-button").click(function() {
-		if(hidden) {
+		if($("#status-more").is(":hidden")) {
 			$("#more-button").text("Hide");
 			$("#status-more").show();
-			hidden = false;
 		}
 		else {
 			$("#more-button").text("More");
 			$("#status-more").hide();
-			hidden = true;
 		}
 
 		return false;
 	});
 </script>
-<?php endif; ?>
+<?php endif;
+
+function clearCache()
+{
+	global $cache, $template_name;
+
+	$tmp = '';
+	if($cache->fetch('status', $tmp))
+		$cache->delete('status');
+	
+	if($cache->fetch('templates', $tmp))
+		$cache->delete('templates');
+
+	if($cache->fetch('config_lua', $tmp))
+		$cache->delete('config_lua');
+
+	if($cache->fetch('vocations', $tmp))
+		$cache->delete('vocations');
+
+	if($cache->fetch('towns', $tmp))
+		$cache->delete('towns');
+
+	if($cache->fetch('groups', $tmp))
+		$cache->delete('groups');
+
+	if($cache->fetch('visitors', $tmp))
+		$cache->delete('visitors');
+
+	if($cache->fetch('views_counter', $tmp))
+		$cache->delete('views_counter');
+
+	if($cache->fetch('failed_logins', $tmp))
+		$cache->delete('failed_logins');
+
+	if($cache->fetch('news' . $template_name . '_' . NEWS, $tmp))
+		$cache->delete('news' . $template_name . '_' . NEWS);
+
+	if($cache->fetch('news' . $template_name . '_' . TICKET, $tmp))
+		$cache->delete('news' . $template_name . '_' . TICKET);
+
+	if($cache->fetch('news' . $template_name . '_' . ARTICLE, $tmp))
+		$cache->delete('news' . $template_name . '_' . ARTICLE);
+
+	if($cache->fetch('template_ini' . $template_name, $tmp))
+		$cache->delete('template_ini' . $template_name);
+
+	return true;
+}

system/pages/admin/login.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/logs.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -28,7 +28,15 @@ foreach(scandir($aac_path_logs) as $f) {
 	$files[] = array($f, $aac_path_logs);
 }
 
+$server_path_logs = $config['server_path'] . 'logs/';
+if(!file_exists($server_path_logs))
 $server_path_logs = $config['data_path'] . 'logs/';
+
+if(!file_exists($server_path_logs)) {
+	echo '</table>Logs are not available on this server.';
+	return;
+}
+
 foreach(scandir($server_path_logs) as $f) {
 	if($f[0] == '.' || $f == '..')
 		continue;

system/pages/admin/mailer.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/notepad.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/pages.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/phpinfo.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/players.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -93,8 +93,8 @@ if($id > 0) {
 		if(!check_name($name, $_error))
 			echo_error($_error);
 
-		//if(!check_name_new_char($name))
+		//if(!check_name_new_char($name, $_error))
-		//	echo_error('This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.');
+		//	echo_error($_error);
 
 		$player_db = $ots->createObject('Player');
 		$player_db->find($name);
@@ -150,8 +150,10 @@ if($id > 0) {
 		verify_number($look_legs, 'Look legs', 11);
 		$look_type = $_POST['look_type'];
 		verify_number($look_type, 'Look type', 11);
-		$look_addons = $_POST['look_addons'];
+		if(fieldExist('lookaddons', 'players')) {
-		verify_number($look_addons, 'Look addons', 11);
+			$look_addons = $_POST['look_addons'];
+			verify_number($look_addons, 'Look addons', 11);
+		}
 
 		// pos
 		$pos_x = $_POST['pos_x'];
@@ -200,12 +202,16 @@ if($id > 0) {
 			verify_number($loss_items, 'Loss items', 11);
 		}
 		
-		$blessings = $_POST['blessings'];
+		if(fieldExist('blessings', 'players')) {
-		verify_number($blessings, 'Blessings', 2);
+			$blessings = $_POST['blessings'];
+			verify_number($blessings, 'Blessings', 2);
+		}
 		$balance = $_POST['balance'];
 		verify_number($balance, 'Balance', 20);
-		$stamina = $_POST['stamina'];
+		if(fieldExist('stamina', 'players')) {
-		verify_number($stamina, 'Stamina', 20);
+			$stamina = $_POST['stamina'];
+			verify_number($stamina, 'Stamina', 20);
+		}
 
 		$deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true');
 		$hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true');
@@ -238,7 +244,8 @@ if($id > 0) {
 			$player->setLookHead($look_head);
 			$player->setLookLegs($look_legs);
 			$player->setLookType($look_type);
-			$player->setLookAddons($look_addons);
+			if(fieldExist('lookaddons', 'players'))
+				$player->setLookAddons($look_addons);
 			$player->setPosX($pos_x);
 			$player->setPosY($pos_y);
 			$player->setPosZ($pos_z);
@@ -258,9 +265,11 @@ if($id > 0) {
 				$player->setLossContainers($loss_containers);
 				$player->setLossItems($loss_items);
 			}
-			$player->setBlessings($blessings);
+			if(fieldExist('blessings', 'players'))
+				$player->setBlessings($blessings);
 			$player->setBalance($balance);
-			$player->setStamina($stamina);
+			if(fieldExist('stamina', 'players'))
+				$player->setStamina($stamina);
 			if(fieldExist('deletion', 'players'))
 				$player->setCustomField('deletion', $deleted ? '1' : '0');
 			else
@@ -298,7 +307,7 @@ if(!isset($player) || !$player->isLoaded())
 
 $account = $player->getAccount();
 ?>
-<br/><br/>
+<br/>
 <form action="<?php echo $base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post">
 <table class="table" cellspacing="1" cellpadding="4">
 	<tr><th colspan="2">Edit player</th></tr>
@@ -391,7 +400,9 @@ $account = $player->getAccount();
 			Head:<input type="text" name="look_head" size="2" maxlength="11" value="<?php echo $player->getLookHead(); ?>" />
 			Legs:<input type="text" name="look_legs" size="2" maxlength="11" value="<?php echo $player->getLookLegs(); ?>" />
 			Type:<input type="text" name="look_type" size="2" maxlength="11" value="<?php echo $player->getLookType(); ?>" />
+			<?php if(fieldExist('lookaddons', 'players')): ?>
 			Addons:<input type="text" name="look_addons" size="2" maxlength="11" value="<?php echo $player->getLookAddons(); ?>" />
+			<?php endif; ?>
 		</td>
 	</tr>
 	<tr>
@@ -468,19 +479,19 @@ $account = $player->getAccount();
 			<table>
 				<tr style="background-color: transparent;">
 					<td>Loss experience:</td>
-					<td><input type="text" name="lost_experience" size="8" maxlength="11" value="<?php echo $player->getLossExperience(); ?>" /></td>
+					<td><input type="text" name="loss_experience" size="8" maxlength="11" value="<?php echo $player->getLossExperience(); ?>" /></td>
 
 					<td>Loss mana:</td>
-					<td><input type="text" name="lost_mana" size="8" maxlength="11" value="<?php echo $player->getLossMana(); ?>" /></td>
+					<td><input type="text" name="loss_mana" size="8" maxlength="11" value="<?php echo $player->getLossMana(); ?>" /></td>
 					
 					<td>Loss skills:</td>
-					<td><input type="text" name="lost_skills" size="8" maxlength="11" value="<?php echo $player->getLossSkills(); ?>" /></td>
+					<td><input type="text" name="loss_skills" size="8" maxlength="11" value="<?php echo $player->getLossSkills(); ?>" /></td>
 					
 					<td>Loss containers:</td>
-					<td><input type="text" name="lost_containers" size="8" maxlength="11" value="<?php echo $player->getLossContainers(); ?>" /></td>
+					<td><input type="text" name="loss_containers" size="8" maxlength="11" value="<?php echo $player->getLossContainers(); ?>" /></td>
 					
 					<td>Loss items:</td>
-					<td><input type="text" name="lost_items" size="8" maxlength="11" value="<?php echo $player->getLossItems(); ?>" /></td>
+					<td><input type="text" name="loss_items" size="8" maxlength="11" value="<?php echo $player->getLossItems(); ?>" /></td>
 				</tr>
 			</table>
 		</td>
@@ -490,14 +501,17 @@ $account = $player->getAccount();
 		<td colspan="2">
 			<table>
 				<tr style="background-color: transparent;">
+					<?php if(fieldExist('blessings', 'players')): ?>
 					<td>Blessings:</td>
 					<td><input type="text" name="blessings" size="2" maxlength="2" value="<?php echo $player->getBlessings(); ?>" /></td>
-
+					<?php endif; ?>
 					<td>Balance:</td>
 					<td><input type="text" name="balance" size="16" maxlength="20" value="<?php echo $player->getBalance(); ?>" /></td>
 					
+					<?php if(fieldExist('stamina', 'players')): ?>
 					<td>Stamina:</td>
 					<td><input type="text" name="stamina" size="16" maxlength="20" value="<?php echo $player->getStamina(); ?>" /></td>
+					<?php endif; ?>
 				</tr>
 			</table>
 		</td>

system/pages/admin/plugins.php

@@ -5,11 +5,13 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Plugin manager';
+
+require(SYSTEM . 'hooks.php');
 ?>
 <form enctype="multipart/form-data" method="post">
 	<input type="hidden" name="upload_plugin" />
@@ -37,33 +39,100 @@ if(isset($_FILES["plugin"]["name"]))
 	$filename = $file["name"];
 	$tmp_name = $file["tmp_name"];
 	$type = $file["type"];
-	  
+
 	$name = explode(".", $filename);
 	$accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
 
-	if(in_array($type, $accepted_types) && strtolower($name[1]) == 'zip') // check if it is zipped/compressed file
+	if(isset($file['error'])) {
-	{
+        $error = 'Error uploading file';
-		$targetdir = BASE;
+        switch( $file['error'] ) {
-		$targetzip = BASE . 'plugins/' . $name[0] . '.zip';
+            case UPLOAD_ERR_OK:
+                $error = false;
+                break;
+            case UPLOAD_ERR_INI_SIZE:
+            case UPLOAD_ERR_FORM_SIZE:
+                $error .= ' - file too large (limit of '.ini_get('upload_max_filesize').' bytes).';
+                break;
+            case UPLOAD_ERR_PARTIAL:
+                $error .= ' - file upload was not completed.';
+                break;
+            case UPLOAD_ERR_NO_FILE:
+                $error .= ' - zero-length file uploaded.';
+                break;
+            default:
+                $error .= ' - internal error #' . $file['error'];
+                break;
+        }
+	}
 
-		if(move_uploaded_file($tmp_name, $targetzip)) { // move uploaded file
+	if(isset($error) && $error != false) {
-		$zip = new ZipArchive();
+		error($error);
-		$x = $zip->open($targetzip);  // open the zip file to extract
+	}
-		if ($x === true) {
+	else {
-			$zip->extractTo($targetdir); // place in the directory with same name  
+		if(is_uploaded_file($file['tmp_name']) ) {
-			$zip->close();
+			if(in_array($type, $accepted_types) && strtolower($name[1]) == 'zip') // check if it is zipped/compressed file
-				unlink($targetzip); // delete the Zipped file
+			{
-	  
+				$targetdir = BASE;
-				$string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json');
+				$targetzip = BASE . 'plugins/' . $name[0] . '.zip';
-				$plugin_info = json_decode($string, true);
+
-				$message = '<p class="success"><strong>' . $plugin_info['name'] . '</strong> plugin has been successfully installed.</p>';
+				if(move_uploaded_file($tmp_name, $targetzip)) { // move uploaded file
+					$zip = new ZipArchive();
+					$x = $zip->open($targetzip);  // open the zip file to extract
+					if ($x === true) {
+						if($zip->extractTo($targetdir)) { // place in the directory with same name  
+							$string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json');
+							$plugin = json_decode($string, true);
+							if($plugin == NULL) {
+								warning('Cannot load ' . BASE . 'plugins/' . $name[0] . '.json. File might be not valid json code.');
+							}
+							
+							if(isset($plugin['install'])) {
+								if(file_exists(BASE . $plugin['install']))
+									require(BASE . $plugin['install']);
+								else
+									warning('Cannot load install script. Your plugin might be not working correctly.');
+							}
+
+							if(isset($plugin['hooks'])) {
+								foreach($plugin['hooks'] as $_name => $info) {
+									if(isset($hook_types[$info['type']])) {
+										$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';');
+										if($query->rowCount() == 1) { // found something
+											$query = $query->fetch();
+											$db->query('UPDATE `' . TABLE_PREFIX . 'hooks` SET `type` = ' . $hook_types[$info['type']] . ', `file` = ' . $db->quote($info['file']) . ' WHERE `id` = ' . (int)$query['id'] . ';');
+										}
+										else {
+											$db->query('INSERT INTO `' . TABLE_PREFIX . 'hooks` (`id`, `name`, `type`, `file`) VALUES (NULL, ' . $db->quote($_name) . ', ' . $hook_types[$info['type']] . ', ' . $db->quote($info['file']) . ');');
+										}
+									}
+									else
+										warning('Unknown event type: ' . $info['type']);
+								}
+							}
+							success('<strong>' . $plugin['name'] . '</strong> plugin has been successfully installed.');
+						}
+						else {
+							error('There was a problem with extracting zip archive.');
+						}
+						
+						$zip->close();
+						unlink($targetzip); // delete the Zipped file
+					}
+					else {
+						error('There was a problem with opening zip archive.');
+					}
+				}
+				else
+					error('There was a problem with the upload. Please try again.');
+			}
+			else {
+				error('The file you are trying to upload is not a .zip file. Please try again.');
+			}
+		}
+		else {
+			error('Error uploading file - unknown error.');
 		}
 	}
-		else
-			$message = '<p class="error">There was a problem with the upload. Please try again.</p>';
-}
-	else
-		$message = '<p class="error">The file you are trying to upload is not a .zip file. Please try again.</p>';
 }
 
 echo $message;
@@ -78,12 +147,12 @@ echo $message;
 	<th>Contact</th>
 <?php
 	$plugins = array();
-  
+
 	$path = PLUGINS;
 	foreach(scandir($path) as $file)
 	{
 		$file_info = explode('.', $file);
-		if($file == '.' || $file == '..' || $file == 'disabled' || is_dir($file) || !$file_info[1] || $file_info[1] != 'json')
+		if($file == '.' || $file == '..' || $file == 'disabled' || $file == 'example.json' || is_dir($path . $file) || !$file_info[1] || $file_info[1] != 'json')
 			continue;
 		
 		$string = file_get_contents(BASE . 'plugins/' . $file_info[0] . '.json');

system/pages/admin/statistics.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -45,9 +45,9 @@ $title = 'Statistics';
 		<td>
 			<table class="table">
 				<tr><th colspan="3">TOP 10 - Most wealth accounts</th></tr>
-				<tr><th>#</th><th>Account name</th><th>Premium points</th></tr>
+				<tr><th>#</th><th>Account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?></th><th>Premium points</th></tr>
 				<?php
-				$query = $db->query('SELECT premium_points, name FROM accounts ORDER BY premium_points DESC LIMIT 10;');
+				$query = $db->query('SELECT `premium_points`, `' . (USE_ACCOUNT_NAME ? 'name' : 'id') . '` as `name` FROM `accounts` ORDER BY `premium_points` DESC LIMIT 10;');
 				$i = 0;
 				foreach($query as $result)
 				{

system/pages/admin/tools.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/version.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/visitors.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bans.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bugtracker.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/changelog.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/characters.php

@@ -6,14 +6,13 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Characters';
 
 require(SYSTEM . 'item.php');
-
 $groups = new OTS_Groups_List();
 function generate_search_table($script = false)
 {
@@ -60,29 +59,46 @@ function generate_player_lookup($player)
 			$player_eq[$i] = $empty_slots[$i];
 	}
 
-	//for($i = 1; $i < 11; $i++)
+	if(PHP_VERSION_ID == NULL || PHP_VERSION_ID < 70000) {
-	//{
+		for($i = 1; $i < 11; $i++)
-		//if(!itemImageExists($player_eq[$i]))
+		{
-		//	Items::generate($player_eq[$i]);
+			if(!itemImageExists($player_eq[$i]))
-	//}
+				Items::generate($player_eq[$i]);
+		}
+	}
+
+	for($i = 1; $i < 11; $i++)
+	{
+		if(check_number($player_eq[$i]))
+			$player_eq[$i] = getItemImage($player_eq[$i]);
+		else
+			$player_eq[$i] = '<img src="images/items/' . $player_eq[$i] . '.gif" width="32" height="32" border="0" alt=" ' . $player_eq[$i] . '" />';
+	}
+
+	$skulls = array(
+		1 => 'yellow_skull',
+		2 => 'green_skull',
+		3 => 'white_skull',
+		4 => 'red_skull',
+		5 => 'black_skull'
+	);
 
 	return '<table width="100" align="center" cellspacing="0" cellpadding="0" style="background: #808080; border:1px solid #808080;">
 		<tr>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[2]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[6]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[9]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[2].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[6].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[9].'</td></tr>
-				<tr height="11px"><td>'.($player->getSkull() > 0 ? '<img src="images/red_skull.gif">' : '').'</td></tr>
+				<tr height="11px"><td>'.($player->getSkullTime() > 0 && ($player->getSkull() == 4 || $player->getSkull() == 5) ? '<img src="images/' . $skulls[$player->getSkull()] . '.gif">' : '').'</td></tr>
 				</table>
 			</td>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[1]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[4]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[7]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[8]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[1].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[4].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[7].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[8].'</td></tr>
 				</table>
-
 			</td>
 			<td>
 				<table cellspacing="0" style="background: #292929;">
-<tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[3]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[5]).'</td></tr><tr><td style="border:1px solid #808080;">'.getItemImage($player_eq[10]).'</td></tr>
+<tr><td style="border:1px solid #808080;">'.$player_eq[3].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[5].'</td></tr><tr><td style="border:1px solid #808080;">'.$player_eq[10].'</td></tr>
 				</table>
 			</td>
 		</tr>
@@ -148,6 +164,9 @@ if($player->isLoaded() && !$player->isDeleted())
 		<td><img src="<?php echo $template_path; ?>/images/general/blank.gif" width="10" height="1" border="0"></td>
 		<td>
 			<table border="0" cellspacing="1" cellpadding="4" width="100%">
+				<?php if($config['characters']['outfit']): ?>
+				<div style="width:64px;height:64px;border:2px solid #F1E0C6; border-radius:50px; padding:13px; margin-top:38px;margin-left:376px;position:absolute;"><img style="margin-left:<?php echo (in_array($player->getLookType(), array(75, 266, 302)) ? '-0px;margin-top:-0px;width:64px;height:64px;' : '-60px;margin-top:-60px;width:128px;height:128px;'); ?>" src="<?php echo $config['outfit_images_url'] . '?id=' . $player->getLookType() . (fieldExist('lookaddons', 'players') ? '&addons=' . $player->getLookAddons() : '') . '&head=' . $player->getLookHead() . '&body=' . $player->getLookBody() . '&legs=' . $player->getLookLegs() . '&feet=' . $player->getLookFeet() . '"';?>></div>
+				<?php endif; ?>
 				<tr bgcolor="<?php echo $config['vdarkborder']; ?>">
 					<td colspan="2" class="white"><b>Character Information</b></td>
 				</tr>
@@ -227,28 +246,33 @@ if($player->isLoaded() && !$player->isDeleted())
 				$town_field = 'town_id';
 			else if(fieldExist('townid', 'houses'))
 				$town_field = 'townid';
+			else if(!fieldExist('town', 'houses'))
+				$town_field = false;
 			
-			$house = $db->query('SELECT `id`, `paid`, `name`, `' . $town_field . '` FROM `houses` WHERE `owner` = '.$player->getId())->fetch();
+			if(fieldExist('name', 'houses')) {
-			if(isset($house['id']))
+				$house = $db->query('SELECT `id`, `paid`, `name`' . ($town_field != false ? ', `' . $town_field . '` as `town`' : '') . ' FROM `houses` WHERE `owner` = '.$player->getId())->fetch();
-			{
+				if(isset($house['id']))
-				if($house['paid'] > 0)
+				{
-					$add = ' is paid until '.date("M d Y", $house['paid']);
+					$add = '';
+					if($house['paid'] > 0)
+						$add = ' is paid until '.date("M d Y", $house['paid']);
 
-				echo
+					echo
-				'<TR BGCOLOR="'.getStyle(++$rows).'">
+					'<TR BGCOLOR="'.getStyle(++$rows).'">
-					<TD>House:</TD>
+						<TD>House:</TD>
-					<TD>
+						<TD>
-						<TABLE BORDER=0><TR>
+							<TABLE BORDER=0><TR>
-							<TD>'.$house['name'].' ('.$config['towns'][$house[$town_field]].')'.$add.'</TD>
+								<TD>' . (isset($house['name']) ? $house['name'] : $house['id']) . (isset($house['town']) ? ' (' . $config['towns'][$house['town']] . ')' : '') . $add . '</TD>
-							<TD>
+								<TD>
-								<FORM ACTION="?subtopic=houses&page=view" METHOD=post>
+									<FORM ACTION="?subtopic=houses&page=view" METHOD=post>
-									<INPUT TYPE=hidden NAME=house VALUE="'.$house['name'].'">
+										<INPUT TYPE=hidden NAME=house VALUE="'. (isset($house['name']) ? $house['name'] : $house['id']) . '">
-									<INPUT TYPE=image NAME="View" ALT="View" SRC="'.$template_path.'/images/buttons/sbutton_view.gif" BORDER=0 WIDTH=120>
+										<INPUT TYPE=image NAME="View" ALT="View" SRC="'.$template_path.'/images/buttons/sbutton_view.gif" BORDER=0 WIDTH=120>
-								</FORM>
+									</FORM>
-							</TD>
+								</TD>
-						</TR></TABLE>
+							</TR></TABLE>
-					</TD>
+						</TD>
-				</TR>';
+					</TR>';
+				}
 			}
 
 			$rank_of_player = $player->getRank();
@@ -452,9 +476,11 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 			}
 		}
 		else {
+			$mostdamage = '';
+			if(fieldExist('mostdamage_by', 'player_deaths'))
+				$mostdamage = ', `mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified`';
 			$deaths = $db->query('SELECT 
-				`player_id`, `time`, `level`, `killed_by`, `is_player`, 
+				`player_id`, `time`, `level`, `killed_by`, `is_player`' . $mostdamage . ' 
-				`mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified` 
 				FROM `player_deaths` 
 				WHERE `player_id` = ' . $player->getId() . ' ORDER BY `time` DESC LIMIT 10;');
 
@@ -613,13 +639,17 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 				'<TR BGCOLOR='.getStyle(++$rows).'>
 					<TD WIDTH=20%>Created:</TD>';
 					$bannedUntil = '';
+					$banned = array();
 					if(tableExist('account_bans'))
 						$banned = $db->query('SELECT `expires_at` as `expires` FROM `account_bans` WHERE `account_id` = '.$account->getId().' and `expires_at` > ' . time());
+					else if(tableExist('bans')) {
+						if(fieldExist('expires', 'bans'))
+							$banned = $db->query('SELECT `expires` FROM `bans` WHERE (`value` = '.$account->getId().' or `value` = '.$player->getId().') and `active` = 1 and `type` != 2 and `type` != 4 and `expires` > ' . time());
 					else
-						$banned = $db->query('SELECT `expires` FROM `bans` WHERE (`value` = '.$account->getId().' or `value` = '.$player->getId().') and `active` = 1 and `type` != 2 and `type` != 4 and `expires` > ' . time());
+							$banned = $db->query('SELECT `time` as `time` FROM `bans` WHERE (`account` = '.$account->getId().' or `player` = '.$player->getId().') and `type` != 2 and `type` != 4 and `time` > ' . time());
+					}
 					foreach($banned as $ban)
 					{
-						if($ban['type'] != 2 and $ban['type'] != 4)
 						$bannedUntil = ' <font color="red">[Banished '.($ban['expires'] == "-1" ? 'forever' : 'until '.date("d F Y, h:s", $ban['expires'])).']</font>';
 					}
 					echo '<TD>'.date("j F Y, g:i a", $account->getCustomField("created")).$bannedUntil.'</TD>

system/pages/commands.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/createaccount.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -137,14 +137,17 @@ if($step == 'save')
 		{
 			$salt = generateRandomString(10, false, true, true);
 			$password = $salt . $password;
-			$new_account->setSalt($salt);
 		}
 
 		$new_account->setPassword(encrypt($password));
 		$new_account->setEMail($email);
 		$new_account->unblock();
 		$new_account->save();
-		$new_account->setCustomField("created", time());
+		
+		if($config_salt_enabled)
+			$new_account->setCustomField('salt', $salt);
+
+		$new_account->setCustomField('created', time());
 		$new_account->logAction('Account created.');
 
 		if($config['account_country']) {
@@ -199,9 +202,9 @@ If you haven\'t registered on ' . $config['lua']['serverName'] . ' please ignore
 				Your account has been created.<br/><br/>
 				<table width="100%" border="0" cellspacing="1" cellpadding="4">
 					<tr><td bgcolor="<?php echo $config['vdarkborder']; ?>" class="white"><b>Account Created</b></td></tr>
-					<tr><td bgcolor="<?php echo $config['darkborder']; ?>'">
+					<tr><td bgcolor="<?php echo $config['darkborder']; ?>">
 				  <table border="0" cellpadding="1"><tr><td>
-				    <br/>Your account<?php (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> is <b><?php echo $tmp_account; ?></b>.
+				    <br/>Your account<?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> is <b><?php echo $tmp_account; ?></b>.
 
 				You will need the account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> and your password to play on <?php echo $config['lua']['serverName']; ?>.
 				    Please keep your account <?php echo (USE_ACCOUNT_NAME ? 'name' : 'number'); ?> and password in a safe place and
@@ -267,7 +270,7 @@ function checkAccount()
 
 	if(document.getElementById("account_input").value == "")
 	{
-		document.getElementById("acc_check").innerHTML = '<b><font color="red">Please enter account<?php echo (USE_ACCOUNT_NAME ? ' name' : ''); ?>.</font></b>';
+		document.getElementById("acc_check").innerHTML = '<b><font color="red">Please enter account<?php echo (USE_ACCOUNT_NAME ? ' name' : 'number'); ?>.</font></b>';
 		return;
 	}
 

system/pages/creatures.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -303,7 +303,7 @@ if(isset($monster['name']))
 	echo '</TABLE></td></tr>';
 
 	echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%>';
-	$loot = simplexml_load_file($config['server_path'] . 'data/monster/' . $monster['file_path']); 
+	$loot = simplexml_load_file($config['data_path'] . 'monster/' . $monster['file_path']); 
 	if($loot)
 	{ 
 		if($item = $loot->loot->item)

system/pages/custom.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/downloads.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 $title = 'Downloads';

system/pages/experiencestages.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/experiencetable.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -33,7 +33,7 @@ Remember you can also check the respective skill bar in your skill window of the
 					<td><b>Experience</b></td>
 				</tr>
 <?php
-		for($level = $i * 100 + 1; $level < $i * 100 + 101; $level++)
+		for($level = $i * $config['experiencetable_rows'] + 1; $level < $i * $config['experiencetable_rows'] + ($config['experiencetable_rows'] + 1); $level++)
 		{
 ?>
 				<tr bgcolor="<?php echo $config['lightborder']; ?>">

system/pages/faq.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -170,10 +170,12 @@ if($action == 'show_board')
 	}
 
 	echo '<br /><br />Page: '.$links_to_pages.'<br />';
-	$last_threads = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll();
+	$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll();
 	if(isset($last_threads[0]))
 	{
 		echo '<table width="100%"><tr bgcolor="'.$config['vdarkborder'].'" align="center"><td><font color="white" size="1"><b>Thread</b></font></td><td><font color="white" size="1"><b>Thread Starter</b></font></td><td><font color="white" size="1"><b>Replies</b></font></td><td><font color="white" size="1"><b>Views</b></font></td><td><font color="white" size="1"><b>Last Post</b></font></td></tr>';
+		
+		$player = $ots->createObject('Player');
 		foreach($last_threads as $thread)
 		{
 			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
@@ -182,7 +184,17 @@ if($action == 'show_board')
 				echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
 				echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><font color="red">[REMOVE]</font></a>  ';
 			}
-			echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']).'</a><br /><small>'.htmlspecialchars(substr($thread['post_text'], 0, 50)).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
+			
+			$player->load($thread['player_id']);
+			if(!$player->isLoaded()) {
+				error('Forum error: Player not loaded.');
+				die();
+			}
+
+			$player_account = $player->getAccount();
+			$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+			
+			echo '<a href="' . getForumThreadLink($thread['id']) . '">'.($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])) . '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
 			if($thread['last_post'] > 0)
 			{
 				$last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
@@ -226,18 +238,14 @@ if($action == 'show_thread')
 		$player = $ots->createObject('Player');
 		foreach($threads as $thread)
 		{
-			if(isset($thread['promotion'])) {
-				if((int)$thread['promotion'] > 0)
-					$thread['vocation'] + ($thread['promotion'] * 4);
-			}
-			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$thread['vocation']].'<br />Level: '.$thread['level'].'<br />';
-			
 			$player->load($thread['player_id']);
 			if(!$player->isLoaded()) {
-				error('Player not loaded');
+				error('Forum error: Player not loaded.');
 				die();
 			}
 		
+			echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$player->getVocation()].'<br />Level: '.$thread['level'].'<br />';
+	
 			$rank = $player->getRank();
 			if($rank->isLoaded())
 			{
@@ -245,8 +253,11 @@ if($action == 'show_thread')
 				if($guild->isLoaded())
 					echo $rank->getName().' of <a href="'.getGuildLink($guild->getName(), false).'">'.$guild->getName().'</a><br />';
 			}
+			$player_account = $player->getAccount();
+			$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+			
 			$posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch();
-			echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(htmlspecialchars($thread['post_topic']), htmlspecialchars($thread['post_text']), $thread['post_smile']).'</td></tr>
+			echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'</td></tr>
 			<tr bgcolor="'.getStyle($number_of_rows++).'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
 			if($thread['edit_date'] > 0)
 			{

system/pages/guilds.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/highscores.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -99,6 +99,16 @@ $deleted = 'deleted';
 if(fieldExist('deletion', 'players'))
 	$deleted = 'deletion';
 
+$outfit_addons = false;
+$outfit = '';
+if($config['highscores_outfit']) {
+	$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
+	if(fieldExist('lookaddons', 'players')) {
+		$outfit .= ', lookaddons';
+		$outfit_addons = true;
+	}
+}
+
 $offset = $_page * 100;
 if($skill <= POT::SKILL_LAST) { // skills
 	if(fieldExist('skill_fist', 'players')) {// tfs 1.0
@@ -112,14 +122,14 @@ if($skill <= POT::SKILL_LAST) { // skills
 			POT::SKILL_FISH => 'skill_fishing',
 		);
 
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . $outfit . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
 }
 else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 {
-	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . ',COUNT(`player_killers`.`player_id`) as value' .
+	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ',COUNT(`player_killers`.`player_id`) as value' .
 			' FROM `accounts`, `players`, `player_killers` ' .
 			' WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id = player_killers.player_id AND accounts.id = players.account_id' .
 			' GROUP BY `player_id`' .
@@ -129,10 +139,10 @@ else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 else
 {
 	if($skill == POT::SKILL__MAGLEVEL) {
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else { // level
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
 		$list = 'experience';
 	}
 }
@@ -150,6 +160,9 @@ else
 					<td width="11px" class="white">#</td>
 					<?php endif; ?>
 					<td width="10%" class="white"><b>Rank</b></td>
+					<?php if($config['highscores_outfit']): ?>
+					<td class="white"><b>Outfit</b></td>
+					<?php endif; ?>
 					<td width="75%" class="white"><b>Name</b></td>
 					<td width="15%" class="white"><b><?php echo ($skill != 666 ? 'Level' : 'Frags'); ?></b></td>
 					<?php if($skill == POT::SKILL__LEVEL): ?>
@@ -177,15 +190,18 @@ foreach($skills as $player)
 	{
 		if($skill == POT::SKILL__MAGIC)
 			$player['value'] = $player['maglevel'];
-
+		else if($skill == POT::SKILL__LEVEL)
-		if($skill == POT::SKILL__LEVEL)
 			$player['value'] = $player['level'];
 echo '
 		<tr bgcolor="' . getStyle($i) . '">';
 		if($config['account_country'])
 			echo '<td>' . getFlagImage($player['country']) . '</td>';
 echo '
-			<td>' . ($offset + $i) . '.</td>
+			<td>' . ($offset + $i) . '.</td>';
+			if($config['highscores_outfit'])
+			echo '<td><img style="position:absolute;margin-top:' . (in_array($player['looktype'], array(75, 266, 302)) ? '-15px;margin-left:5px' : '-45px;margin-left:-25px') . ';" src="' . $config['outfit_images_url'] . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] . '" alt="" /></td>';
+		
+echo '
 			<td>
 				<a href="' . getPlayerLink($player['name'], false) . '">
 					<font color="' . ($player['online'] > 0 ? 'green' : 'red') . '">' . $player['name'] . '</font>

system/pages/houses.php

@@ -6,12 +6,16 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Houses';
 
+if(!fieldExist('name', 'houses')) {
+	echo 'Houses list is not available on this server.';
+	return;
+}
 $rent = trim(strtolower($config['lua']['houseRentPeriod']));
 if($rent != 'yearly' && $rent != 'monthly' && $rent != 'weekly' && $rent != 'daily')
 	$rent = 'never';
@@ -29,7 +33,8 @@ $type = '';
 		{
 			$beds = array("", "one", "two", "three", "fourth", "fifth");
 			$houseName = $_REQUEST['house'];
-			$house = $db->query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName));
+			$houseId = (check_number($_REQUEST['house']) ? $_REQUEST['house'] : -1);
+			$house = $db->query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName) . ' OR `id` = ' . $db->quote($houseId));
 
 			if($house->rowCount() > 0)
 			{
@@ -63,15 +68,18 @@ $type = '';
 						$houseOwner = $house['owner'];
 						if($houseOwner > 0)
 						{
+							$guild = NULL;
 							echo '<br/><br/>The house has been rented by ';
-							if($house['guild'] == 1)
+							if(isset($house['guild']) && $house['guild'] == 1)
 							{
 								$guild = new OTS_Guild();
 								$guild->load($houseOwner);
 								echo getGuildLink($guild->getName());
 							}
 							else
-								echo getCreatureName($houseOwner) . '.';
+								echo getCreatureName($houseOwner);
+
+							echo '.';
 
 							if($rent != 'never' && $house['paid'] > 0)
 							{

system/pages/lastkills.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/lostaccount.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -317,11 +317,14 @@ if($config['mail_enabled'])
 								{
 									$salt = generateRandomString(10, false, true, true);
 									$new_pass_with_salt = $salt . $new_pass;
-									$account->setSalt($salt);
 								}
 								
 								$account->setPassword(encrypt($new_pass_with_salt));
 								$account->save();
+								
+								if($config_salt_enabled)
+									$account->setCustomField('salt', $salt);
+								
 								echo 'Your account name, new password and new e-mail.<BR>
 								<FORM ACTION="?subtopic=accountmanagement" onsubmit="return validate_form(this)" METHOD=post>
 								<INPUT TYPE=hidden NAME="character" VALUE="">

system/pages/movies.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -26,10 +26,6 @@ There are no movies added yet.
 <?php foreach($movies as $movie): ?>
 	<?php echo $movie['title']; ?><br/>
 	Author: <?php echo $movie['author']; ?><br/>
-	<object width="425" height="344">
+	<iframe width="560" height="315" src="https://www.youtube.com/embed/<?php echo $movie['youtube_id']; ?>" frameborder="0" allowfullscreen></iframe><br/><br/>
-		<param name="movie" value="http://www.youtube.com/v/<?php echo $movie['youtube_id']; ?>&hl=pl&fs=1&color1=0x3a3a3a&color2=0x999999"></param>
-		<param name="allowFullScreen" value="true"></param>
-		<embed src="http://www.youtube.com/v/<?php echo $movie['youtube_id']; ?>&hl=pl&fs=1&color1=0x3a3a3a&color2=0x999999" type="application/x-shockwave-flash" allowfullscreen="true" width="425" height="344"></embed>
-	</object><br/><br/>';
 <?php endforeach; ?>
 </center>

system/pages/news.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -94,13 +94,12 @@ $title = 'Latest News';
 
 $news_cached = false;
 // some constants, used mainly by database (cannot by modified without schema changes)
-define('NEWS', 1);
+define('TITLE_LIMIT', 100);
-define('TICKET', 2);
+define('BODY_LIMIT', 65535); // maximum news body length
-define('ARTICLE', 3);
-
-define('BODY_LIMIT', 10000); // maximum news body length
 
 $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
+if($canEdit)
+	echo '<script type="text/javascript" src="' . BASE_URL . 'tools/tiny_mce/tiny_mce.js"></script>';
 if($canEdit)
 {
 	if(!empty($action))
@@ -141,9 +140,10 @@ if($canEdit)
 				$player_id = $news['player_id'];
 			}
 			else {
-				News::update($id, $p_title, $body, $type, $category, $player_id, $comments);
+				if(News::update($id, $p_title, $body, $type, $category, $player_id, $comments, $errors)) {
-				$action = $p_title = $body = $comments = '';
+					$action = $p_title = $body = $comments = '';
-				$type = $category = $player_id = 0;
+					$type = $category = $player_id = 0;
+				}
 			}
 		}
 		else if($action == 'hide') {
@@ -212,7 +212,7 @@ if(!$news_cached)
 				  <span class="NewsTickerDate">'.date("j M Y", $news['date']).' -</span>
 				  <div id="TickerEntry-'.$rows.'-ShortText" class="NewsTickerShortText">';
 			//if admin show button to delete (hide) ticker
-			$tickers_to_add .= short_text($news['body'], 60).'</div>
+			$tickers_to_add .= short_text(strip_tags($news['body']), 100).'</div>
 				  <div id="TickerEntry-'.$rows.'-FullText" class="NewsTickerFullText">';
 			//if admin show button to delete (hide) ticker
 			$tickers_to_add .= $news['body'] . $admin_options . '</div>
@@ -298,7 +298,7 @@ if(!$news_cached)
 
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td><b>Title:</b></td>
-				<td><input name="title" value="<?php echo (isset($p_title) ? $p_title : ''); ?>" size="50" maxlength="50"/></td>
+				<td><input name="title" value="<?php echo (isset($p_title) ? $p_title : ''); ?>" size="50" maxlength="100"/></td>
 			</tr>
 
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
@@ -371,7 +371,9 @@ if(!$news_cached)
 					<?php endforeach; ?>
 				</td>
 			</tr>
-
+<?php
+			if($action == 'add'):
+?>
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td><b>Create forum thread in section:</b></td>
 				<td>
@@ -384,7 +386,9 @@ if(!$news_cached)
 					</select>
 				</td>
 			</tr>
-
+<?php
+			endif;
+?>
 			<tr bgcolor="<?php echo getStyle($rows++); ?>">
 				<td align="right">
 					<input type="submit" value="Submit"/>
@@ -454,28 +458,41 @@ if(!$news_cached)
 	if($cache->enabled() && !$canEdit)
 		$cache->set('news_' . $template_name . '_' . NEWS, $tmp_content, 120);
 
-		echo $tmp_content;
+	echo $tmp_content;
 }
 else
 	echo $news_cached;
 
 class News
 {
+	static public function verify($title, $body, &$errors)
+	{
+		if(!isset($title[0]) || !isset($body[0])) {
+			$errors[] = 'Please fill all inputs.';
+			return false;
+		}
+
+		if(strlen($title) > TITLE_LIMIT) {
+			$errors[] = 'News title cannot be longer than ' . TITLE_LIMIT . ' characters.';
+			return false;
+		}
+	
+		if(strlen($body) > BODY_LIMIT) {
+			$errors[] = 'News content cannot be longer than ' . BODY_LIMIT . ' characters.';
+			return false;
+		}
+		
+		return true;
+	}
+
 	static public function add($title, $body, $type, $category, $player_id, $comments, &$errors)
 	{
 		global $db;
-		if(strlen($body) <= BODY_LIMIT)
+		if(!News::verify($title, $body, $errors))
-		{
+			return false;
-			if(isset($title[0]) && isset($body[0])) {
-				$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments));
-			}
-			else
-				$errors[] = 'Please fill all inputs.';
-		}
-		else
-			$errors[] = 'News content cannot be longer than ' . BODY_LIMIT . ' characters.';
 
-		return !count($errors);
+		$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments));
+		return true;
 	}
 
 	static public function get($id) {
@@ -483,9 +500,14 @@ class News
 		return $db->select(TABLE_PREFIX . 'news', array('id' => $id));
 	}
 
-	static public function update($id, $title, $body, $type, $category, $player_id, $comments) {
+	static public function update($id, $title, $body, $type, $category, $player_id, $comments, &$errors)
+	{
 		global $db;
+		if(!News::verify($title, $body, $errors))
+			return false;
+
 		$db->update(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'category' => $category, 'last_modified_by' => isset($player_id) ? $player_id : 0, 'last_modified_date' => time(), 'comments' => $comments), array('id' => $id));
+		return true;
 	}
 
 	static public function delete($id, &$errors)

system/pages/newsarchive.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 $_GET['archive'] = true;

system/pages/online.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -41,12 +41,22 @@ $skull_time = 'skulltime';
 if(fieldExist('skull_time', 'players')) {
 	$skull_time = 'skull_time';
 }
-	
+
+$outfit_addons = false;
+$outfit = '';
+if($config['online_outfit']) {
+	$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
+	if(fieldExist('lookaddons', 'players')) {
+		$outfit .= ', lookaddons';
+		$outfit_addons = true;
+	}
+}
+
 $vocs = array(0, 0, 0, 0, 0);
 if(tableExist('players_online')) // tfs 1.0
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`, `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 else
-	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`, ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
+	$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `level`, `vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $order);
 
 $players = 0;
 $data = '';
@@ -56,11 +66,11 @@ foreach($playersOnline as $player)
 	if($config['online_skulls'])
 	{
 		if($player['skulltime'] > 0 && $player['skull'] == 3)
-			$skull = ' <img style="border: 0;" src="images/whiteskull.gif"/>';
+			$skull = ' <img style="border: 0;" src="images/white_skull.gif"/>';
 		elseif($player['skulltime'] > 0 && $player['skull'] == 4)
-			$skull = ' <img style="border: 0;" src="images/redskull.gif"/>';
+			$skull = ' <img style="border: 0;" src="images/red_skull.gif"/>';
 		elseif($player['skulltime'] > 0 && $player['skull'] == 5)
-			$skull = ' <img style="border: 0;" src="images/blackskull.gif"/>';
+			$skull = ' <img style="border: 0;" src="images/black_skull.gif"/>';
 	}
 
 	if(isset($player['promotion'])) {
@@ -72,6 +82,9 @@ foreach($playersOnline as $player)
 	if($config['account_country'])
 		$data .= '<td>' . getFlagImage($player['country']) . '</td>';
 
+	if($config['online_outfit'])
+		$data .= '<TD WIDTH=5%><img style="position:absolute;margin-top:' . (in_array($player['looktype'], array(75, 266, 302)) ? '-20px;margin-left:-0px;' : '-45px;margin-left:-25px;') . '" src="' . $config['outfit_images_url'] . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] . '" alt="" /></td>';
+
 	$data .= '<td>' . getPlayerLink($player['name']) . $skull . '</td>
 		<td>'.$player['level'].'</td>
 		<td>'.$config['vocations'][$player['vocation']].'</td>
@@ -169,7 +182,7 @@ if($config['online_vocations']): ?>
 		<?php
 			for($i = 1; $i < 5; $i++)
 			echo '<tr bgcolor="' . getStyle($i) . '">
-				<td width="25%">' . $config['vocations'][0][$i] . '</td>
+				<td width="25%">' . $config['vocations'][$i] . '</td>
 				<td width="75%">' . $vocs[$i] . '</td>
 			</tr>';
 			?>
@@ -182,9 +195,9 @@ if($config['online_skulls']): ?>
 	<table width="100%" cellspacing="1">
 		<tr>
 			<td style="background: <?php echo $config['darkborder']; ?>;" align="center">
-				<img src="images/whiteskull.gif"/> - 1 - 6 Frags<br/>
+				<img src="images/white_skull.gif"/> - 1 - 6 Frags<br/>
-				<img src="images/redskull.gif"/> - 6+ Frags or Red Skull<br/>
+				<img src="images/red_skull.gif"/> - 6+ Frags or Red Skull<br/>
-				<img src="images/blackskull.gif"/> - 10+ Frags or Black Skull
+				<img src="images/black_skull.gif"/> - 10+ Frags or Black Skull
 			</td>
 		</tr>
 	</table>
@@ -195,6 +208,9 @@ if($config['online_skulls']): ?>
 		<?php if($config['account_country']): ?>
 		<td width="11px"><a href="?subtopic=online&order=country" class="white">#</A></td>
 		<?php endif; ?>
+		<?php if($config['online_outfit']): ?>
+		<td class="white"><b>Outfit</b></td>
+		<?php endif; ?>
 		<td width="60%"><a href="?subtopic=online&order=name" class="white">Name</A></td>
 		<td width="20%"><a href="?subtopic=online&order=level" class="white">Level</A></td>
 		<td width="20%"><a href="?subtopic=online&order=vocation" class="white">Vocation</td>
@@ -205,7 +221,31 @@ if($config['online_skulls']): ?>
 endif;
 
 //search bar
-echo '<BR><FORM ACTION="?subtopic=characters" METHOD=post>  <TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4><TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Search Character</B></TD></TR><TR><TD BGCOLOR="'.$config['darkborder'].'"><TABLE BORDER=0 CELLPADDING=1><TR><TD>Name:</TD><TD><INPUT NAME="name" VALUE=""SIZE=29 MAXLENGTH=29></TD><TD><INPUT TYPE=image NAME="Submit" SRC="'.$template_path.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18></TD></TR></TABLE></TD></TR></TABLE></FORM>';
+echo '<br/>
+<FORM ACTION="?subtopic=characters" METHOD=post>
+	<TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4>
+		<TR>
+			<TD BGCOLOR="'.$config['vdarkborder'].'" class="white">
+				<B>Search Character</B>
+			</TD>
+		</TR>
+		<TR>
+			<TD BGCOLOR="'.$config['darkborder'].'">
+				<TABLE BORDER=0 CELLPADDING=1>
+					<TR>
+						<TD>Name:</TD>
+						<TD>
+							<INPUT NAME="name" VALUE=""SIZE=29 MAXLENGTH=29>
+						</TD>
+						<TD>
+							<INPUT TYPE=image NAME="Submit" SRC="'.$template_path.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18>
+						</TD>
+					</TR>
+				</TABLE>
+			</TD>
+		</TR>
+	</TABLE>
+</FORM>';
 
 /* temporary disable it - shows server offline
 // update online players counter

system/pages/polls.php

@@ -3,17 +3,19 @@
  * Polls
  *
  * @package   MyAAC
- * @author    Gesior <jerzyskalski@wp.pl>
+ * @author    Averatec <pervera.pl & otland.net>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Polls';
 
-/* Polls System By Averatec from pervera.pl & otland.net
+/* Polls System By Averatec from pervera.pl & otland.net */
 
+if(!tableExist('z_polls'))
+	$db->query('
 CREATE TABLE `z_polls` (
   `id` int(11) NOT NULL auto_increment,
   `question` varchar(255) NOT NULL,
@@ -23,17 +25,19 @@ CREATE TABLE `z_polls` (
   `answers` int(11) NOT NULL,
   `votes_all` int(11) NOT NULL,
   PRIMARY KEY  (`id`)
-) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;');
 
-CREATE TABLE `z_polls_answers` (
+if(!tableExist('z_polls_answers'))
+$db->query('
+	CREATE TABLE `z_polls_answers` (
   `poll_id` int(11) NOT NULL,
   `answer_id` int(11) NOT NULL,
   `answer` varchar(255) NOT NULL,
   `votes` int(11) NOT NULL
-) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;');
 
-ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;
+if(!fieldExist('vote', 'accounts'))
-*/
+	$db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;');
 
 function getColorByPercent($percent)
 {
@@ -46,7 +50,8 @@ function getColorByPercent($percent)
 
 	return '';
 }
-
+	$number_of_rows = 0;
+	$showed = false;
     $link = "polls"; // your link to polls in index.php
     $dark = $config['darkborder'];
     $light = $config['lightborder'];
@@ -54,7 +59,7 @@ function getColorByPercent($percent)
     $POLLS = $db->query('SELECT * FROM '.$db->tableName('z_polls').'');
     $level = 20; // need level to vote
 
-    if(empty($_REQUEST['id']) and $_REQUEST['control'] != "true")  // list of polls
+    if(empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))  // list of polls
     {
         $active = $db->query('SELECT * FROM `z_polls` where `end` > '.$time.''); // active polls
         $closed = $db->query('SELECT * FROM `z_polls` where `end` < '.$time.' order by `end` desc'); // closed polls
@@ -62,6 +67,7 @@ function getColorByPercent($percent)
         echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Active Polls</B></TD></TR>';
         echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
         $bgcolor = getStyle($number_of_rows++);
+		$empty_active = false;
         foreach($active as $poll)
         {
             echo '
@@ -90,6 +96,7 @@ function getColorByPercent($percent)
         echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Closed Polls</B></TD></TR>';
         echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
 		$bgcolor = getStyle($number_of_rows++);
+		$empty_closed = false;
         foreach($closed as $poll)
         {
             echo '
@@ -124,6 +131,7 @@ function getColorByPercent($percent)
 	}
 
     /* Checking Account */
+	$allow = false;
     $account_players = $account_logged->getPlayers();
     foreach($account_players as $player)
     {
@@ -132,7 +140,7 @@ function getColorByPercent($percent)
         $allow=true;
     }
 
-    if(!empty($_REQUEST['id']) and $_REQUEST['control'] != "true")
+    if(!empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
     {
         foreach($POLLS as $POLL)
         {
@@ -186,7 +194,7 @@ function getColorByPercent($percent)
 
                 if($POLL['end'] > $time) // active poll
                 {
-                    if($_REQUEST['vote'] == true and $allow == true)
+                    if(isset($_REQUEST['vote']) && $_REQUEST['vote'] == true and $allow == true)
                     {
                         if($account_logged->getCustomField('vote') < $_REQUEST['id'] and !empty($_POST['answer']))
                         {
@@ -305,15 +313,16 @@ function getColorByPercent($percent)
         }
     }
 
-    if(admin() and $_REQUEST['control'] != "true")
+    if(admin() && (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
     {
         echo '<br><a href="?subtopic='.$link.'&control=true"><b>Panel Control</b></a><br><br>';
     }
 
     /* Control Panel - Only Add Poll Function */
 
-    if(admin() and $_REQUEST['control'] == "true")
+    if(admin() && isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
     {
+		$show = false;
         if(isset($_POST['submit']))
         {
             $_SESSION['answers'] = $_POST['answers'];

system/pages/records.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/rules.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/screenshots.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/serverinfo.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/spells.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/team.php

@@ -6,7 +6,7 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/status.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/template.php

@@ -5,7 +5,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.0.5
+ * @version   0.2.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

templates/kathrine/news.php

@@ -1,4 +1,6 @@
 <?php
+defined('MYAAC') or die('Direct access not allowed!');
+
 function news_parse($title, $content, $date, $icon = 0, $author = '', $comments = '')
 {
 	global $template_path;