* update to 0.7.0

* first usage report will be send after 7 days

CHANGELOG

@@ -1,3 +1,57 @@
+[0.7.0 - 20.11.2017]
+	- moved template menus to database, they're now dynamically loaded
+	- added anonymous usage statistics reporting (only if user agrees, first usage report will be send after 7 days)
+	- you can edit them in Admin Panel under 'Menus' option
+	- you can also add custom links, like http://google.pl
+	- added networks (facebook and twitter) and highscores (top 5) boxes to tibiacom template, configurable in templates/tibiacom/config.php
+	- added news ticker for kathrine template
+	- added featured article to tibiacom template (you can add them with add news button)
+	- added tinymce editor to 'Pages' in admin panel
+	- added links to edit/delete/hide custom page directly from page
+	- update forum post after editing news (when forum post has been created)
+	- enabled code plugin for tinymce which enabled raw html code editing
+	- removed videos pages, as it can be easily added using custom Menus and Pages with insert Media
+	- removed bug_report configurable, its now enabled by default
+	- log some error info when mail cannot be send on account create
+	- twig getLink function will now return with full url (BASE_URL included)
+	- verify install post values directly on config page and display error
+	- updated tinymce to version 4.7.2 (from 4.7.0)
+	- updated phpmailer to version 5.2.26 (from 5.2.23)
+	- (#30) (fix) recovering account on servers that doesn't support salts
+	- (fix) account email confirm function
+	- (fix) showing changelog with urls in Admin Panel
+	- (fix) uninstalling plugin
+	- (fix) polls box in tibiacom template
+	- (fix) remove hooks from db on plugin deinstall
+	- (fix) some weird include possibilities with forum and account actions (verify action name)
+	- (fix) loading hooks from plugin installed from command line
+	- (fix) some changelog PHP Notice warning
+	- (internal) moved uninstall logic to Plugins class
+	- (internal) moved tibiacom boxes to separate directory
+	- (internal) moved news tickers to twig template
+	- (internal) moved Forum class to separate file
+	- (internal) moved deprecated functions to compat.php
+	- (internal) added some compat functions that are used by shop system
+	- (internal) renamed constant TICKET -> TICKER
+	- (internal) shortened message functions
+	
+[0.6.6 - 22.10.2017]
+	- fixed some php fatal error on spells page
+	- changed spells.vocations field in db size to 300
+	- please reload your spells after this update!
+
+[0.6.5 - 21.10.2017]
+	- fixed displaying custom pages
+	- fixed adding new group forum board
+	
+[0.6.4 - 20.10.2017]
+	- reverted OTS_Account::getLastLogin() cause its used by tibia11-login plugin
+	
+[0.6.3 - 20.10.2017]
+	- fixed creating account
+	- fixed viewing thread without being logged 
+	- fixed showing premium account status
+	
 [0.6.2 - 20.10.2017]
 	- added forums for guilds and groups
 	- added nice looking menu for my account page in default template

admin/template/template.php

@@ -39,6 +39,7 @@
 						'Dashboard' => 'dashboard',
 						'Mailer' => 'mailer',
 						'Pages' => 'pages',
+						'Menus' => 'menus',
 						'Plugins' => 'plugins',
 						'Statistics' => 'statistics',
 						'Visitors' => 'visitors',

common.php

@@ -21,14 +21,13 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.6.2');
-define('DATABASE_VERSION', 15);
+define('MYAAC_VERSION', '0.7.0');
+define('DATABASE_VERSION', 18);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -46,10 +45,11 @@ define('FLAG_CONTENT_MONSTERS', 256);
 define('FLAG_CONTENT_GALLERY', 512);
 define('FLAG_CONTENT_VIDEOS', 1024);
 define('FLAG_CONTENT_FAQ', 2048);
+define('FLAG_CONTENT_MENUS', 4096);
 
 // news
 define('NEWS', 1);
-define('TICKET', 2);
+define('TICKER', 2);
 define('ARTICLE', 3);
 
 // directories
@@ -65,6 +65,14 @@ define('PLUGINS', BASE . 'plugins/');
 define('TEMPLATES', BASE . 'templates/');
 define('TOOLS', BASE . 'tools/');
 
+// menu categories
+define('MENU_CATEGORY_NEWS', 1);
+define('MENU_CATEGORY_ACCOUNT', 2);
+define('MENU_CATEGORY_COMMUNITY', 3);
+define('MENU_CATEGORY_FORUM', 4);
+define('MENU_CATEGORY_LIBRARY', 5);
+define('MENU_CATEGORY_SHOP', 6);
+
 // otserv versions
 define('OTSERV', 1);
 define('OTSERV_06', 2);

config.php

@@ -13,7 +13,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 
@@ -74,7 +73,7 @@ $config = array(
 		//'2' => 'Your Second World Name'
 	),
 
-	// items
+	// images
 	'outfit_images_url' => 'http://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
 	'item_images_url' => 'http://item-images.ots.me/960/', // set to images/items if you host your own items in images folder
 
@@ -111,7 +110,7 @@ $config = array(
 
 	// reCAPTCHA (prevent spam bots)
 	'recaptcha_enabled' => false, // enable recaptcha verification code
-	'recaptcha_site_key' => '', // get your own public and private keys at https://www.google.com/recaptcha
+	'recaptcha_site_key' => '', // get your own site and secret keys at https://www.google.com/recaptcha
 	'recaptcha_secret_key' => '',
 	'recaptcha_theme' => 'light', // light, dark
 
@@ -214,7 +213,7 @@ $config = array(
 	'gifts_system' => false,
 	
 	// support/system
-	'bug_report' => true,
+	'bug_report' => true, // this configurable has no effect, its always enabled
 	
 	// forum
 	'forum' => 'site', // link to the server forum, set to "site" if you want to use build in forum system, otherwise leave empty if you aren't going to use any forum
@@ -231,6 +230,7 @@ $config = array(
 	'status_port' => '',
 
 	// other
+	'anonymous_usage_statistics' => true,
 	'email_lai_sec_interval' => 60, // time in seconds between e-mails to one account from lost account interface, block spam
 	'google_analytics_id' => '', // e.g.: UA-XXXXXXX-X
 	'experiencetable_columns' => 5, // how many columns to display in experience table page. * experiencetable_rows, 5 = 500 (will show up to 500 level)

index.php

@@ -21,7 +21,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 
@@ -30,20 +29,7 @@
 // ini_set('display_startup_errors', 1);
 // error_reporting(E_ALL);
 
-if(preg_match("/^(.*)\.(gif|jpg|jpeg|tiff|bmp|css|js|less|map|html|php|zip|rar|gz)$/i", $_SERVER['REQUEST_URI'])) {
-	header("HTTP/1.0 404 Not Found");
-	exit;
-}
-
 require_once('common.php');
-require_once(BASE . 'config.local.php');
-
-if(file_exists(BASE . 'install') && (!isset($config['installed']) || !$config['installed']))
-{
-	header('Location: ' . BASE_URL . 'install/');
-	die('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
-}
-
 require_once(SYSTEM . 'functions.php');
 
 $uri = $_SERVER['REQUEST_URI'];
@@ -55,13 +41,9 @@ else
 	$uri = str_replace_first('/', '', $uri);
 
 $uri = str_replace(array('index.php/', '?'), '', $uri);
+define('URI', $uri);
 
-$found = false;
-if(empty($uri) || isset($_REQUEST['template'])) {
-	$_REQUEST['p'] = 'news';
-	$found = true;
-}
-else if(preg_match("/^[A-Za-z0-9-_%\'+]+\.png$/i", $uri)) {
+if(preg_match("/^[A-Za-z0-9-_%\'+]+\.png$/i", $uri)) {
 	$tmp = explode('.', $uri);
 	$_REQUEST['name'] = urldecode($tmp[0]);
 	
@@ -69,84 +51,109 @@ else if(preg_match("/^[A-Za-z0-9-_%\'+]+\.png$/i", $uri)) {
 	include(TOOLS . 'signature/index.php');
 	exit();
 }
-else if(!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(SYSTEM . 'pages/' . $uri . '.php')) {
-	$_REQUEST['p'] = $uri;
+else if(preg_match("/^(.*)\.(gif|jpg|png|jpeg|tiff|bmp|css|js|less|map|html|php|zip|rar|gz)$/i", $_SERVER['REQUEST_URI'])) {
+	header("HTTP/1.0 404 Not Found");
+	exit;
+}
+
+require_once(BASE . 'config.local.php');
+if(file_exists(BASE . 'install') && (!isset($config['installed']) || !$config['installed']))
+{
+	header('Location: ' . BASE_URL . 'install/');
+	die('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
+}
+
+$found = false;
+if(empty($uri) || isset($_REQUEST['template'])) {
+	$_REQUEST['p'] = 'news';
 	$found = true;
 }
 else {
-	$rules = array(
-		'/^account\/manage\/?$/' => array('subtopic' => 'accountmanagement'),
-		'/^account\/create\/?$/' => array('subtopic' => 'createaccount'),
-		'/^account\/lost\/?$/' => array('subtopic' => 'lostaccount'),
-		'/^account\/logout\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'logout'),
-		'/^account\/password\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_password'),
-		'/^account\/register\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'register'),
-		'/^account\/register\/new\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'register_new'),
-		'/^account\/email\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_email'),
-		'/^account\/info\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_info'),
-		'/^account\/character\/create\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'create_character'),
-		'/^account\/character\/name\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_name'),
-		'/^account\/character\/sex\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_sex'),
-		'/^account\/character\/delete\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'delete_character'),
-		'/^account\/character\/comment\/[A-Za-z]+\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment', 'name' => '$3'),
-		'/^account\/character\/comment\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment'),
-		'/^characters\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'characters', 'name' => '$1'),
-		'/^commands\/add\/?$/' => array('subtopic' => 'commands', 'action' => 'add'),
-		'/^commands\/edit\/?$/' => array('subtopic' => 'commands', 'action' => 'edit'),
-		'/^faq\/add\/?$/' => array('subtopic' => 'faq', 'action' => 'add'),
-		'/^faq\/edit\/?$/' => array('subtopic' => 'faq', 'action' => 'edit'),
-		'/^forum\/add_board\/?$/' => array('subtopic' => 'forum', 'action' => 'add_board'),#
-		'/^forum\/edit_board\/?$/' => array('subtopic' => 'forum', 'action' => 'edit_board'),
-		'/^forum\/board\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_board', 'id' => '$2'),
-		'/^forum\/board\/[0-9]+\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_board', 'id' => '$2', 'page' => '$3'),
-		'/^forum\/thread\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_thread', 'id' => '$2'),
-		'/^forum\/thread\/[0-9]+\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_thread', 'id' => '$2', 'page' => '$3'),
-		'/^gallery\/add\/?$/' => array('subtopic' => 'gallery', 'action' => 'add'),
-		'/^gallery\/edit\/?$/' => array('subtopic' => 'gallery', 'action' => 'edit'),
-		'/^gallery\/[0-9]+\/?$/' => array('subtopic' => 'gallery', 'image' => '$1'),
-		'/^gifts\/history\/?$/' => array('subtopic' => 'gifts', 'action' => 'show_history'),
-		'/^guilds\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'guilds', 'action' => 'show', 'guild' => '$1'),
-		'/^highscores\/[A-Za-z0-9-_]+\/[A-Za-z0-9-_]+\/[0-9]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'vocation' => '$2', 'page' => '$3'),
-		'/^highscores\/[A-Za-z0-9-_]+\/[0-9]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'page' => '$2'),
-		'/^highscores\/[A-Za-z0-9-_]+\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'vocation' => '$2'),
-		'/^highscores\/[A-Za-z0-9-_\']+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1'),
-		'/^news\/add\/?$/' => array('subtopic' => 'news', 'action' => 'add'),
-		'/^news\/edit\/?$/' => array('subtopic' => 'news', 'action' => 'edit'),
-		'/^news\/archive\/?$/' => array('subtopic' => 'newsarchive'),
-		'/^news\/archive\/[0-9]+\/?$/' => array('subtopic' => 'newsarchive', 'id' => '$2'),
-		'/^polls\/[0-9]+\/?$/' => array('subtopic' => 'polls', 'id' => '$1'),
-		'/^spells\/[A-Za-z0-9-_%]+\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'spells', 'vocation' => '$1', 'order' => '$2'),
-	);
+	$tmp = strtolower($uri);
+	if(!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(SYSTEM . 'pages/' . $tmp . '.php')) {
+		$_REQUEST['p'] = $uri;
+		$found = true;
+	}
+	else {
+		$rules = array(
+			'/^account\/manage\/?$/' => array('subtopic' => 'accountmanagement'),
+			'/^account\/create\/?$/' => array('subtopic' => 'createaccount'),
+			'/^account\/lost\/?$/' => array('subtopic' => 'lostaccount'),
+			'/^account\/logout\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'logout'),
+			'/^account\/password\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_password'),
+			'/^account\/register\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'register'),
+			'/^account\/register\/new\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'register_new'),
+			'/^account\/email\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_email'),
+			'/^account\/info\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_info'),
+			'/^account\/character\/create\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'create_character'),
+			'/^account\/character\/name\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_name'),
+			'/^account\/character\/sex\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_sex'),
+			'/^account\/character\/delete\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'delete_character'),
+			'/^account\/character\/comment\/[A-Za-z0-9-_%+\']+\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment', 'name' => '$3'),
+			'/^account\/character\/comment\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment'),
+			'/^account\/confirm_email\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'confirm_email', 'v' => '$2'),
+			'/^characters\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'characters', 'name' => '$1'),
+			'/^commands\/add\/?$/' => array('subtopic' => 'commands', 'action' => 'add'),
+			'/^commands\/edit\/?$/' => array('subtopic' => 'commands', 'action' => 'edit'),
+			'/^faq\/add\/?$/' => array('subtopic' => 'faq', 'action' => 'add'),
+			'/^faq\/edit\/?$/' => array('subtopic' => 'faq', 'action' => 'edit'),
+			'/^forum\/add_board\/?$/' => array('subtopic' => 'forum', 'action' => 'add_board'),#
+			'/^forum\/edit_board\/?$/' => array('subtopic' => 'forum', 'action' => 'edit_board'),
+			'/^forum\/board\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_board', 'id' => '$2'),
+			'/^forum\/board\/[0-9]+\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_board', 'id' => '$2', 'page' => '$3'),
+			'/^forum\/thread\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_thread', 'id' => '$2'),
+			'/^forum\/thread\/[0-9]+\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_thread', 'id' => '$2', 'page' => '$3'),
+			'/^gallery\/add\/?$/' => array('subtopic' => 'gallery', 'action' => 'add'),
+			'/^gallery\/edit\/?$/' => array('subtopic' => 'gallery', 'action' => 'edit'),
+			'/^gallery\/[0-9]+\/?$/' => array('subtopic' => 'gallery', 'image' => '$1'),
+			'/^gifts\/history\/?$/' => array('subtopic' => 'gifts', 'action' => 'show_history'),
+			'/^guilds\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'guilds', 'action' => 'show', 'guild' => '$1'),
+			'/^highscores\/[A-Za-z0-9-_]+\/[A-Za-z0-9-_]+\/[0-9]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'vocation' => '$2', 'page' => '$3'),
+			'/^highscores\/[A-Za-z0-9-_]+\/[0-9]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'page' => '$2'),
+			'/^highscores\/[A-Za-z0-9-_]+\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'vocation' => '$2'),
+			'/^highscores\/[A-Za-z0-9-_\']+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1'),
+			'/^news\/add\/?$/' => array('subtopic' => 'news', 'action' => 'add'),
+			'/^news\/edit\/?$/' => array('subtopic' => 'news', 'action' => 'edit'),
+			'/^news\/archive\/?$/' => array('subtopic' => 'newsarchive'),
+			'/^news\/archive\/[0-9]+\/?$/' => array('subtopic' => 'newsarchive', 'id' => '$2'),
+			'/^polls\/[0-9]+\/?$/' => array('subtopic' => 'polls', 'id' => '$1'),
+			'/^spells\/[A-Za-z0-9-_%]+\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'spells', 'vocation' => '$1', 'order' => '$2'),
+			'/^gifts\/history\/?$/' => array('subtopic' => 'gifts', 'action' => 'show_history'),
+		);
 		
-	foreach($rules as $rule => $redirect) {
-		if (preg_match($rule, $uri)) {
-			$tmp = explode('/', $uri);
-			foreach($redirect as $key => $value) {
+		foreach($rules as $rule => $redirect) {
+			if (preg_match($rule, $uri)) {
+				$tmp = explode('/', $uri);
+				foreach($redirect as $key => $value) {
 					
-				if(strpos($value, '$') !== false) {
-					$value = str_replace('$' . $value[1], $tmp[$value[1]], $value);
+					if(strpos($value, '$') !== false) {
+						$value = str_replace('$' . $value[1], $tmp[$value[1]], $value);
+					}
+					
+					$_REQUEST[$key] = $value;
+					$_GET[$key] = $value;
 				}
 				
-				$_REQUEST[$key] = $value;
-				$_GET[$key] = $value;
+				$found = true;
+				break;
 			}
-			
-			$found = true;
-			break;
 		}
 	}
-	
-	if(!$found)
-		$_REQUEST['p'] = $uri;
 }
 
 // define page visited, so it can be used within events system
 $page = isset($_REQUEST['subtopic']) ? $_REQUEST['subtopic'] : (isset($_REQUEST['p']) ? $_REQUEST['p'] : '');
-if(empty($page) || preg_match('/[^A-z0-9\/_\-]/', $page)) {
-	if(!$found)
-		$page = '404';
-	else
-		$page = 'news';
+if(empty($page) || !preg_match('/^[A-z0-9\_\-]+$/', $page)) {
+	$tmp = URI;
+	if(!empty($tmp)) {
+		$page = $tmp;
+	}
+	else {
+		if(!$found)
+			$page = '404';
+		else
+			$page = 'news';
+	}
 }
 
 $page = strtolower($page);
@@ -191,6 +198,41 @@ $hooks = new Hooks();
 $hooks->load();
 $hooks->trigger(HOOK_STARTUP);
 
+// anonymous usage statistics
+// sent only when user agrees
+if(isset($config['anonymous_usage_statistics']) && $config['anonymous_usage_statistics']) {
+	$report_time = 30 * 24 * 60 * 60; // report one time per 30 days
+	$should_report = true;
+	
+	$value = '';
+	if($cache->enabled() && $cache->fetch('last_usage_report', $value)) {
+		$should_report = time() > (int)$value + $report_time;
+	}
+	else {
+		$value = '';
+		if(fetchDatabaseConfig('last_usage_report', $value)) {
+			$should_report = time() > (int)$value + $report_time;
+			if($cache->enabled()) {
+				$cache->set('last_usage_report', $value);
+			}
+		}
+		else {
+			registerDatabaseConfig('last_usage_report', time() - ($report_time - (7 * 24 * 60 * 60))); // first report after a week
+			$should_report = false;
+		}
+	}
+	
+	if($should_report) {
+		require_once(LIBS . 'usage_statistics.php');
+		Usage_Statistics::report();
+		
+		updateDatabaseConfig('last_usage_report', time());
+		if($cache->enabled()) {
+			$cache->set('last_usage_report', time());
+		}
+	}
+}
+
 if($config['views_counter'])
 	require_once(SYSTEM . 'counter.php');
 
@@ -236,6 +278,7 @@ if($config['backward_support']) {
 	$layout_header = template_header();
 	$layout_name = $template_path;
 	$news_content = '';
+	$tickers_content = '';
 	$subtopic = PAGE;
 	$main_content = '';
 	
@@ -276,14 +319,14 @@ if($load_it)
 
 	$ignore = false;
 
-	$logged_access = 0;
+	$logged_access = 1;
 	if($logged && $account_logged && $account_logged->isLoaded()) {
 		$logged_access = $account_logged->getAccess();
 	}
 
 	$query =
 		$db->query(
-			'SELECT `title`, `body`, `php`' .
+			'SELECT `id`, `title`, `body`, `php`, `hidden`' .
 			' FROM `' . TABLE_PREFIX . 'pages`' .
 			' WHERE `name` LIKE ' . $db->quote($page) . ' AND `hidden` != 1 AND `access` <= ' . $db->quote($logged_access));
 	if($query->rowCount() > 0) // found page
@@ -323,11 +366,17 @@ if($load_it)
 		}
 		else
 			$content .= $query['body']; // plain html
+		
+		if(hasFlag(FLAG_CONTENT_PAGES) || superAdmin()) {
+			$content = $twig->render('admin.pages.links.html.twig', array(
+				'page' => array('id' => $query['id'], 'hidden' => $query['hidden'])
+			)) . $content;
+		}
 	}
 	else
 	{
 		$file = SYSTEM . 'pages/' . $page . '.php';
-		if(!@file_exists($file) && !$found)
+		if(!@file_exists($file))
 		{
 			$page = '404';
 			$file = SYSTEM . 'pages/404.php';

install/includes/schema.sql

@@ -84,9 +84,9 @@ CREATE TABLE `myaac_forum_boards`
 	`name` VARCHAR(32) NOT NULL,
 	`description` VARCHAR(255) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`closed` TINYINT(1) NOT NULL DEFAULT 0,
 	`guild` INT(11) NOT NULL DEFAULT 0,
 	`access` INT(11) NOT NULL DEFAULT 0,
+	`closed` TINYINT(1) NOT NULL DEFAULT 0,
 	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE = MyISAM;
@@ -107,7 +107,7 @@ CREATE TABLE `myaac_forum`
 	`author_aid` int(20) NOT NULL default '0',
 	`author_guid` int(20) NOT NULL default '0',
 	`post_text` text NOT NULL,
-	`post_topic` varchar(255) NOT NULL,
+	`post_topic` varchar(255) NOT NULL DEFAULT '',
 	`post_smile` tinyint(1) NOT NULL default '0',
 	`post_date` int(20) NOT NULL default '0',
 	`last_edit_aid` int(20) NOT NULL default '0',
@@ -140,6 +140,87 @@ CREATE TABLE `myaac_items`
 	PRIMARY KEY (`id`)
 ) ENGINE = MyISAM;
 
+CREATE TABLE `myaac_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`template` VARCHAR(255) NOT NULL,
+	`name` VARCHAR(255) NOT NULL,
+	`link` VARCHAR(255) NOT NULL,
+	`category` INT(11) NOT NULL DEFAULT 1,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;
+
+/* MENU_CATEGORY_NEWS kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Latest News', 'news', 1, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'News Archive', 'news/archive', 1, 1);
+/* MENU_CATEGORY_ACCOUNT kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Account Management', 'account/manage', 2, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Create Account', 'account/create', 2, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Lost Account?', 'account/lost', 2, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Server Rules', 'rules', 2, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Downloads', 'downloads', 5, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Report Bug', 'bugtracker', 2, 5);
+/* MENU_CATEGORY_COMMUNITY kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Who is Online?', 'online', 3, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Characters', 'characters', 3, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Guilds', 'guilds', 3, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Highscores', 'highscores', 3, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Last Deaths', 'lastkills', 3, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Houses', 'houses', 3, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Bans', 'bans', 3, 6);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Forum', 'forum', 3, 7);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Team', 'team', 3, 8);
+/* MENU_CATEGORY_LIBRARY kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Monsters', 'creatures', 5, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Spells', 'spells', 5, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Server Info', 'serverInfo', 5, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Commands', 'commands', 5, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Gallery', 'gallery', 5, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Experience Table', 'experienceTable', 5, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'FAQ', 'faq', 5, 6);
+/* MENU_CATEGORY_SHOP kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Buy Points', 'points', 6, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Shop Offer', 'gifts', 6, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Shop History', 'gifts/history', 6, 2);
+/* MENU_CATEGORY_NEWS tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Latest News', 'news', 1, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'News Archive', 'news/archive', 1, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Changelog', 'changelog', 1, 2);
+/* MENU_CATEGORY_ACCOUNT tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Account Management', 'account/manage', 2, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Create Account', 'account/create', 2, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Lost Account?', 'account/lost', 2, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Server Rules', 'rules', 2, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Downloads', 'downloads', 2, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Report Bug', 'bugtracker', 2, 5);
+/* MENU_CATEGORY_COMMUNITY tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Characters', 'characters', 3, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Who Is Online?', 'online', 3, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Highscores', 'highscores', 3, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Last Kills', 'lastkills', 3, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Houses', 'houses', 3, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Guilds', 'guilds', 3, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Polls', 'polls', 3, 6);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Bans', 'bans', 3, 7);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Support List', 'team', 3, 8);
+/* MENU_CATEGORY_FORUM tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Forum', 'forum', 4, 0);
+/* MENU_CATEGORY_LIBRARY tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Creatures', 'creatures', 5, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Spells', 'spells', 5, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Commands', 'commands', 5, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Exp Stages', 'experienceStages', 5, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Gallery', 'gallery', 5, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Server Info', 'serverInfo', 5, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Experience Table', 'experienceTable', 5, 6);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Support List', 'team', 5, 7);
+/* MENU_CATEGORY_SHOP tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Buy Points', 'points', 6, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop Offer', 'gifts', 6, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop History', 'gifts/history', 6, 2);
+
 CREATE TABLE `myaac_monsters` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
 	`hidden` tinyint(1) NOT NULL default 0,
@@ -174,13 +255,15 @@ CREATE TABLE `myaac_news`
 	`id` INT(11) NOT NULL AUTO_INCREMENT,
 	`title` VARCHAR(100) NOT NULL,
 	`body` TEXT NOT NULL,
-	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticket, 3 - article',
+	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticker, 3 - article',
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`category` TINYINT(1) NOT NULL DEFAULT 0,
 	`player_id` INT(11) NOT NULL DEFAULT 0,
 	`last_modified_by` INT(11) NOT NULL DEFAULT 0,
 	`last_modified_date` INT(11) NOT NULL DEFAULT 0,
-	`comments` VARCHAR(50) NOT NULL,
+	`comments` VARCHAR(50) NOT NULL DEFAULT '',
+	`article_text` VARCHAR(300) NOT NULL DEFAULT '',
+	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
 	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE = MyISAM;

install/index.php

@@ -30,16 +30,30 @@ $steps = array(1 => 'welcome', 2 => 'license', 3 => 'requirements', 4 => 'config
 if(!in_array($step, $steps)) // check if step is valid
 	die('ERROR: Unknown step.');
 
+$errors = array();
 if($step == 'database')
 {
 	foreach($_POST['vars'] as $key => $value)
 	{
-		if(empty($value))
+		if($key != 'usage' && empty($value))
 		{
-			$step = 'config';
-			$errors = '<p class="error">' . $locale['please_fill_all'] . '</p>';
+			$errors[] = $locale['please_fill_all'];
 			break;
 		}
+		else if($key == 'mail_admin' && !Validator::email($value))
+		{
+			$errors[] = $locale['step_config_mail_admin_error'];
+			break;
+		}
+		else if($key == 'mail_address' && !Validator::email($value))
+		{
+			$errors[] = $locale['step_config_mail_address_error'];
+			break;
+		}
+	}
+
+	if(!empty($errors)) {
+		$step = 'config';
 	}
 }
 

install/steps/config.php

@@ -79,6 +79,7 @@ echo $twig->render('install.config.html.twig', array(
 	'clients' => $clients,
 	'locale' => $locale,
 	'session' => $_SESSION,
+	'errors' => isset($errors) ? $errors : null,
 	'buttons' => next_buttons()
 ));
 ?>

install/steps/database.php

@@ -23,7 +23,11 @@ if(!$error) {
 					$value .= "/";
 			}
 
-			if($key != 'var_account' && $key != 'var_account_id' && $key != 'var_password') {
+			if($key == 'var_usage') {
+				$content .= '$config[\'anonymous_usage_statistics\'] = ' . ((int)$value == 1 ? 'true' : 'false') . ';';
+				$content .= PHP_EOL;
+			}
+			else if($key != 'var_account' && $key != 'var_account_id' && $key != 'var_password') {
 				$content .= '$config[\'' . str_replace('var_', '', $key) . '\'] = \'' . $value . '\';';
 				$content .= PHP_EOL;
 			}
@@ -85,7 +89,7 @@ if(!$error) {
 		
 			if(!fieldExist('blocked', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `blocked` TINYINT(1) NOT NULL DEFAULT FALSE COMMENT 'internal usage' AFTER `key`;"))
-					success($locale['step_database_adding_field'] . ' accounts.created...');
+					success($locale['step_database_adding_field'] . ' accounts.blocked...');
 			}
 	
 			if(!fieldExist('created', 'accounts')) {
@@ -238,6 +242,7 @@ if(!$error) {
 			$content .= '// place for your configuration directives, so you can later easily update myaac';
 			$content .= PHP_EOL;
 			$content .= "?>";
+			
 			$file = fopen(BASE . 'config.local.php', 'a+');
 			if($file) {
 				if(!$error) {

system/bin/install_plugin.php

@@ -7,6 +7,7 @@ if(php_sapi_name() != "cli") {
 require_once('../../common.php');
 require_once(SYSTEM . 'functions.php');
 require_once(SYSTEM . 'init.php');
+require_once(SYSTEM . 'hooks.php');
 require_once(LIBS . 'plugins.php');
 
 if($argc != 2) {

system/compat.php

@@ -0,0 +1,63 @@
+<?php
+/**
+ * Deprecated functions (compat)
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+function check_name($name, &$errors = '') {
+	if(Validator::characterName($name))
+		return true;
+	
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_account_id($id, &$errors = '') {
+	if(Validator::accountId($id))
+		return true;
+	
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_account_name($name, &$errors = '') {
+	if(Validator::accountName($name))
+		return true;
+	
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_name_new_char($name, &$errors = '') {
+	if(Validator::newCharacterName($name))
+		return true;
+	
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_rank_name($name, &$errors = '') {
+	if(Validator::rankName($name))
+		return true;
+	
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_guild_name($name, &$errors = '') {
+	if(Validator::guildName($name))
+		return true;
+	
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function news_place() {
+	return tickers();
+}
+?>

system/compat_pages.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/counter.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/countries.conf.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/database.php

@@ -1,4 +1,12 @@
 <?php
+/**
+ * Database connection
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @link      http://my-aac.org
+ */
 defined('MYAAC') or die('Direct access not allowed!');
 
 	if(!isset($config['database_type'][0]) || !isset($config['database_user'][0]) || !isset($config['database_password'][0]) || !isset($config['database_name'][0]))

system/functions.php

@@ -5,27 +5,29 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
-function success($message, $return = false) {
-	if($return)
-		return '<p class="success">' . $message . '</p>';
 
-	echo '<p class="success">' . $message . '</p>';
+function message($message, $type, $return)
+{
+	if($return)
+		return '<p class="' . $type . '">' . $message . '</p>';
+	
+	echo '<p class="' . $type . '">' . $message . '</p>';
+	return true;
+}
+function success($message, $return = false) {
+	return message($message, 'success', $return);
 }
 function warning($message, $return = false) {
-	if($return)
-		return '<p class="warning">' . $message . '</p>';
-	
-	echo '<p class="warning">' . $message . '</p>';
+	return message($message, 'warning', $return);
+}
+function note($message, $return = false) {
+	return message($message, 'note', $return);
 }
 function error($message, $return = false) {
-	if($return)
-		return '<p class="error">' . $message . '</p>';
-	
-	echo '<p class="error">' . $message . '</p>';
+	return message($message, 'error', $return);
 }
 
 function longToIp($ip)
@@ -411,42 +413,16 @@ function short_text($text, $limit)
 	return $text;
 }
 
-function news_place()
+function tickers()
 {
-	global $template_path, $news_content;
+	global $tickers_content, $featured_article;
 	
-	$news = '';
-	if(PAGE == 'news')
-	{
-		//add tickers to site - without it tickers will not be showed
-		if(isset($news_content))
-			$news .= $news_content;
-
-		//featured article
-/*		$news .= '  <div id="featuredarticle" class="Box">
-			<div class="Corner-tl" style="background-image:url('.$template_path.'/images/content/corner-tl.gif);"></div>
-			<div class="Corner-tr" style="background-image:url('.$template_path.'/images/content/corner-tr.gif);"></div>
-			<div class="Border_1" style="background-image:url('.$template_path.'/images/content/border-1.gif);"></div>
-			<div class="BorderTitleText" style="background-image:url('.$template_path.'/images/content/title-background-green.gif);"></div>
-			<img class="Title" src="'.$template_path.'/images/strings/headline-featuredarticle.gif" alt="Contentbox headline" />
-			<div class="Border_2">
-			  <div class="Border_3">
-				<div class="BoxContent" style="background-image:url('.$template_path.'/images/content/scroll.gif);">
-		<div id=\'TeaserThumbnail\'><img src="'.$template_path.'/images/news/features.jpg" width=150 height=100 border=0 alt="" /></div><div id=\'TeaserText\'><div style="position: relative; top: -2px; margin-bottom: 2px;" >
-		<b>Tutaj wpisz tytul</b></div>
-		tutaj wpisz tresc newsa<br>
-		zdjecie laduje sie w <i>tibiacom/images/news/features.jpg</i><br>
-		skad sie laduje mozesz zmienic linijke ponad komentarzem
-		</div>        </div>
-			  </div>
-			</div>
-			<div class="Border_1" style="background-image:url('.$template_path.'/images/content/border-1.gif);"></div>
-			<div class="CornerWrapper-b"><div class="Corner-bl" style="background-image:url('.$template_path.'/images/content/corner-bl.gif);"></div></div>
-			<div class="CornerWrapper-b"><div class="Corner-br" style="background-image:url('.$template_path.'/images/content/corner-br.gif);"></div></div>
-		  </div>';*/
+	if(PAGE == 'news') {
+		if(isset($tickers_content))
+			return $tickers_content . $featured_article;
 	}
 
-	return $news;
+	return '';
 }
 
 /**
@@ -485,8 +461,8 @@ function template_header($is_admin = false)
 	<meta http-equiv="content-type" content="text/html; charset=' . $charset . '" />';
 	if(!$is_admin)
 		$ret .= '
-	<title>' . $title_full . '</title>
-	<base href="' . BASE_URL . '" />';
+	<base href="' . BASE_URL . '" />
+	<title>' . $title_full . '</title>';
 
 	$ret .= '
 	<meta name="description" content="' . $config['meta_description'] . '" />
@@ -958,6 +934,7 @@ function str_replace_first($search, $replace, $subject) {
 	if ($pos !== false) {
 		return substr_replace($subject, $replace, $pos, strlen($search));
 	}
+	
 	return $subject;
 }
 
@@ -974,6 +951,63 @@ function unsetSession($key) {
 	unset($_SESSION[$config['session_prefix'] . $key]);
 }
 
+function getTopPlayers($limit = 5) {
+	global $cache, $config, $db;
+	
+	$fetch_from_db = true;
+	if($cache->enabled())
+	{
+		$tmp = '';
+		if($cache->fetch('top_' . $limit . '_level', $tmp))
+		{
+			$players = unserialize($tmp);
+			$fetch_from_db = false;
+		}
+	}
+	
+	if($fetch_from_db)
+	{
+		$deleted = 'deleted';
+		if(fieldExist('deletion', 'players'))
+			$deleted = 'deletion';
+		
+		$players = $db->query('SELECT `name`, `level`, `experience` FROM `players` WHERE `group_id` < ' . $config['highscores_groups_hidden'] . ' AND `' . $deleted . '` = 0 AND account_id != 1 ORDER BY `experience` DESC LIMIT 5')->fetchAll();
+		
+		$i = 0;
+		foreach($players as &$player) {
+			$player['rank'] = ++$i;
+		}
+		
+		if($cache->enabled())
+			$cache->set('top_' . $limit . '_level', serialize($players), 120);
+	}
+	
+	return $players;
+}
+
+function deleteDirectory($dir) {
+	if(!file_exists($dir)) {
+		return true;
+	}
+	
+	if(!is_dir($dir)) {
+		return unlink($dir);
+	}
+	
+	foreach(scandir($dir) as $item) {
+		if($item == '.' || $item == '..') {
+			continue;
+		}
+		
+		if(!deleteDirectory($dir . DIRECTORY_SEPARATOR . $item)) {
+			return false;
+		}
+	}
+	
+	return rmdir($dir);
+}
+
 // validator functions
 require_once(LIBS . 'validator.php');
+require_once(SYSTEM . 'compat.php');
 ?>

system/hooks.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/init.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -48,11 +47,7 @@ $function = new Twig_SimpleFunction('getStyle', function ($i) {
 $twig->addFunction($function);
 
 $function = new Twig_SimpleFunction('getLink', function ($s) {
-	global $config;
-	if($config['friendly_urls'])
-		return $s;
-	
-	return '?' . $s;
+	return getLink($s);
 });
 $twig->addFunction($function);
 
@@ -62,6 +57,11 @@ $function = new Twig_SimpleFunction('hook', function ($hook) {
 });
 $twig->addFunction($function);
 
+$filter = new Twig_SimpleFilter('urlencode', function ($s) {
+	return urlencode($s);
+});
+$twig->addFilter($filter);
+
 // trim values we receive
 if(isset($_POST))
 {

system/item.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache.php

@@ -6,7 +6,6 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_apc.php

@@ -6,7 +6,6 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_eaccelerator.php

@@ -6,7 +6,6 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_file.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/cache_xcache.php

@@ -6,7 +6,6 @@
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/creatures.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/data.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/forum.php

@@ -0,0 +1,285 @@
+<?php
+/**
+ * Forum class
+ *
+ * @package   MyAAC
+ * @author    Gesior <jerzyskalski@wp.pl>
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+class Forum
+{
+	static public function canPost($account)
+	{
+		global $db, $config;
+		
+		if(!$account->isLoaded() || $account->isBanned())
+			return false;
+		
+		if(self::isModerator())
+			return true;
+		
+		return
+			$db->query(
+				'SELECT `id` FROM `players` WHERE `account_id` = ' . $db->quote($account->getId()) .
+				' AND `level` >= ' . $db->quote($config['forum_level_required']) .
+				' LIMIT 1')->rowCount() > 0;
+	}
+	
+	static public function isModerator() {
+		return hasFlag(FLAG_CONTENT_FORUM) || superAdmin();
+	}
+	
+	static public function add_thread($title, $body, $section_id, $player_id, $account_id, &$errors)
+	{
+		global $db;
+		$thread_id = 0;
+		if($db->insert(TABLE_PREFIX . 'forum', array('first_post' => 0, 'last_post' => time(), 'section' => $section_id, 'replies' => 0, 'views' => 0, 'author_aid' => isset($account_id) ? $account_id : 0, 'author_guid' => isset($player_id) ? $player_id : 0, 'post_text' => $body, 'post_topic' => $title, 'post_smile' => 0, 'post_date' => time(), 'last_edit_aid' => 0, 'edit_date' => 0, 'post_ip' => $_SERVER['REMOTE_ADDR']))) {
+			$thread_id = $db->lastInsertId();
+			$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `first_post`=".(int) $thread_id." WHERE `id` = ".(int) $thread_id);
+		}
+		
+		return $thread_id;
+	}
+	
+	static public function add_post($thread_id, $section, $author_aid, $author_guid, $post_text, $post_topic, $smile)
+	{
+		global $db;
+		$db->insert(TABLE_PREFIX . 'forum', array(
+			'first_post' => $thread_id,
+			'section' => $section,
+			'author_aid' => $author_aid,
+			'author_guid' => $author_guid,
+			'post_text' => $post_text,
+			'post_topic' => $post_topic,
+			'post_smile' => $smile,
+			'post_date' => time(),
+			'post_ip' => $_SERVER['REMOTE_ADDR']
+		));
+	}
+	static public function add_board($name, $description, $access, $guild, &$errors)
+	{
+		global $db;
+		if(isset($name[0]) && isset($description[0]))
+		{
+			$query = $db->select(TABLE_PREFIX . 'forum_boards', array('name' => $name));
+			
+			if($query === false)
+			{
+				$query =
+					$db->query(
+						'SELECT ' . $db->fieldName('ordering') .
+						' FROM ' . $db->tableName(TABLE_PREFIX . 'forum_boards') .
+						' ORDER BY ' . $db->fieldName('ordering') . ' DESC LIMIT 1'
+					);
+				
+				$ordering = 0;
+				if($query->rowCount() > 0) {
+					$query = $query->fetch();
+					$ordering = $query['ordering'] + 1;
+				}
+				$db->insert(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'access' => $access, 'guild' => $guild, 'ordering' => $ordering));
+			}
+			else
+				$errors[] = 'Forum board with this name already exists.';
+		}
+		else
+			$errors[] = 'Please fill all inputs.';
+		
+		return !count($errors);
+	}
+	
+	static public function get_board($id) {
+		global $db;
+		return $db->select(TABLE_PREFIX . 'forum_boards', array('id' => $id));
+	}
+	
+	static public function update_board($id, $name, $access, $guild, $description) {
+		global $db;
+		$db->update(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'access' => $access, 'guild' => $guild), array('id' => $id));
+	}
+	
+	static public function delete_board($id, &$errors)
+	{
+		global $db;
+		if(isset($id))
+		{
+			if(self::get_board($id) !== false)
+				$db->delete(TABLE_PREFIX . 'forum_boards', array('id' => $id));
+			else
+				$errors[] = 'Forum board with id ' . $id . ' does not exists.';
+		}
+		else
+			$errors[] = 'id not set';
+		
+		return !count($errors);
+	}
+	
+	static public function toggleHidden_board($id, &$errors)
+	{
+		global $db;
+		if(isset($id))
+		{
+			$query = self::get_board($id);
+			if($query !== false)
+				$db->update(TABLE_PREFIX . 'forum_boards', array('hidden' => ($query['hidden'] == 1 ? 0 : 1)), array('id' => $id));
+			else
+				$errors[] = 'Forum board with id ' . $id . ' does not exists.';
+		}
+		else
+			$errors[] = 'id not set';
+		
+		return !count($errors);
+	}
+	
+	static public function move_board($id, $i, &$errors)
+	{
+		global $db;
+		$query = self::get_board($id);
+		if($query !== false)
+		{
+			$ordering = $query['ordering'] + $i;
+			$old_record = $db->select(TABLE_PREFIX . 'forum_boards', array('ordering' => $ordering));
+			if($old_record !== false)
+				$db->update(TABLE_PREFIX . 'forum_boards', array('ordering' => $query['ordering']), array('ordering' => $ordering));
+			
+			$db->update(TABLE_PREFIX . 'forum_boards', array('ordering' => $ordering), array('id' => $id));
+		}
+		else
+			$errors[] = 'Forum board with id ' . $id . ' does not exists.';
+		
+		return !count($errors);
+	}
+	
+	public static function parseSmiles($text)
+	{
+		$smileys = array(
+			';D' => 1,
+			':D' => 1,
+			':cool:' => 2,
+			';cool;' => 2,
+			':ekk:' => 3,
+			';ekk;' => 3,
+			';o' => 4,
+			';O' => 4,
+			':o' => 4,
+			':O' => 4,
+			':(' => 5,
+			';(' => 5,
+			':mad:' => 6,
+			';mad;' => 6,
+			';rolleyes;' => 7,
+			':rolleyes:' => 7,
+			':)' => 8,
+			';d' => 9,
+			':d' => 9,
+			';)' => 10
+		);
+		
+		foreach($smileys as $search => $replace)
+			$text = str_replace($search, '<img src="images/forum/smile/'.$replace.'.gif" alt="'. $search .'" title="' . $search . '" />', $text);
+		
+		return $text;
+	}
+	
+	public static function parseBBCode($text, $smiles)
+	{
+		$rows = 0;
+		while(stripos($text, '[code]') !== false && stripos($text, '[/code]') !== false )
+		{
+			$code = substr($text, stripos($text, '[code]')+6, stripos($text, '[/code]') - stripos($text, '[code]') - 6);
+			if(!is_int($rows / 2)) { $bgcolor = 'ABED25'; } else { $bgcolor = '23ED25'; } $rows++;
+			$text = str_ireplace('[code]'.$code.'[/code]', '<i>Code:</i><br /><table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #CCCCCC; border-width: 2px"><tr><td>'.$code.'</td></tr></table>', $text);
+		}
+		$rows = 0;
+		while(stripos($text, '[quote]') !== false && stripos($text, '[/quote]') !== false )
+		{
+			$quote = substr($text, stripos($text, '[quote]')+7, stripos($text, '[/quote]') - stripos($text, '[quote]') - 7);
+			if(!is_int($rows / 2)) { $bgcolor = 'AAAAAA'; } else { $bgcolor = 'CCCCCC'; } $rows++;
+			$text = str_ireplace('[quote]'.$quote.'[/quote]', '<table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #007900; border-width: 2px"><tr><td>'.$quote.'</td></tr></table>', $text);
+		}
+		$rows = 0;
+		while(stripos($text, '[url]') !== false && stripos($text, '[/url]') !== false )
+		{
+			$url = substr($text, stripos($text, '[url]')+5, stripos($text, '[/url]') - stripos($text, '[url]') - 5);
+			$text = str_ireplace('[url]'.$url.'[/url]', '<a href="'.$url.'" target="_blank">'.$url.'</a>', $text);
+		}
+		
+		$xhtml = false;
+		$tags = array(
+			'#\[b\](.*?)\[/b\]#si' => ($xhtml ? '<strong>\\1</strong>' : '<b>\\1</b>'),
+			'#\[i\](.*?)\[/i\]#si' => ($xhtml ? '<em>\\1</em>' : '<i>\\1</i>'),
+			'#\[u\](.*?)\[/u\]#si' => ($xhtml ? '<span style="text-decoration: underline;">\\1</span>' : '<u>\\1</u>'),
+			'#\[s\](.*?)\[/s\]#si' => ($xhtml ? '<strike>\\1</strike>' : '<s>\\1</s>'),
+			
+			'#\[guild\](.*?)\[/guild\]#si' => urldecode(generateLink(getGuildLink('$1', false), '$1', true)),
+			'#\[house\](.*?)\[/house\]#si' => urldecode(generateLink(getHouseLink('$1', false), '$1', true)),
+			'#\[player\](.*?)\[/player\]#si' => urldecode(generateLink(getPlayerLink('$1', false), '$1', true)),
+			// TODO: [poll] tag
+			
+			'#\[color=(.*?)\](.*?)\[/color\]#si' => ($xhtml ? '<span style="color: \\1;">\\2</span>' : '<font color="\\1">\\2</font>'),
+			'#\[img\](.*?)\[/img\]#si' => ($xhtml ? '<img src="\\1" border="0" alt="" />' : '<img src="\\1" border="0" alt="">'),
+			'#\[url=(.*?)\](.*?)\[/url\]#si' => '<a href="\\1" title="\\2">\\2</a>',
+//		'#\[email\](.*?)\[/email\]#si' => '<a href="mailto:\\1" title="Email \\1">\\1</a>',
+			'#\[code\](.*?)\[/code\]#si' => '<code>\\1</code>',
+//		'#\[align=(.*?)\](.*?)\[/align\]#si' => ($xhtml ? '<div style="text-align: \\1;">\\2</div>' : '<div align="\\1">\\2</div>'),
+//		'#\[br\]#si' => ($xhtml ? '<br style="clear: both;" />' : '<br>'),
+		);
+		
+		foreach($tags as $search => $replace)
+			$text = preg_replace($search, $replace, $text);
+		
+		return ($smiles == 0 ? Forum::parseSmiles($text) : $text);
+	}
+	
+	public static function showPost($topic, $text, $smiles)
+	{
+		$text = nl2br($text);
+		$post = '';
+		if(!empty($topic))
+			$post .= '<b>'.($smiles == 0 ? self::parseSmiles($topic) : $topic).'</b><hr />';
+		$post .= self::parseBBCode($text, $smiles);
+		return $post;
+	}
+	
+	public static function hasAccess($board_id) {
+		global $sections, $logged, $account_logged, $logged_access;
+		if(!isset($sections[$board_id]))
+			return false;
+		
+		$hasAccess = true;
+		$section = $sections[$board_id];
+		if($section['guild'] > 0) {
+			if($logged) {
+				$guild = new OTS_Guild();
+				$guild->load($section['guild']);
+				$status = false;
+				if($guild->isLoaded()) {
+					$account_players = $account_logged->getPlayers();
+					foreach ($account_players as $player) {
+						if($guild->hasMember($player)) {
+							$status = true;
+						}
+					}
+				}
+				
+				if (!$status) $hasAccess = false;
+			}
+			else {
+				$hasAccess = false;
+			}
+		}
+		
+		if($section['access'] > 0) {
+			if($logged_access < $section['access']) {
+				$hasAccess = false;
+			}
+		}
+		
+		return $hasAccess;
+	}
+}
+?>

system/libs/items.php

@@ -6,12 +6,12 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
-class Items {
+class Items
+{
 	private static $error = '';
 
 	public static function loadFromXML($show = false)

system/libs/items_images.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/phpmailer/class.phpmailer.php

@@ -31,7 +31,7 @@ class PHPMailer
      * The PHPMailer Version number.
      * @var string
      */
-    public $Version = '5.2.23';
+    public $Version = '5.2.26';
 
     /**
      * Email priority.
@@ -440,9 +440,9 @@ class PHPMailer
      *
      * Parameters:
      *   boolean $result        result of the send action
-     *   string  $to            email address of the recipient
-     *   string  $cc            cc email addresses
-     *   string  $bcc           bcc email addresses
+     *   array   $to            email addresses of the recipients
+     *   array   $cc            cc email addresses
+     *   array   $bcc           bcc email addresses
      *   string  $subject       the subject
      *   string  $body          the email body
      *   string  $from          email address of sender
@@ -659,6 +659,8 @@ class PHPMailer
         if ($exceptions !== null) {
             $this->exceptions = (boolean)$exceptions;
         }
+        //Pick an appropriate debug output format automatically
+        $this->Debugoutput = (strpos(PHP_SAPI, 'cli') !== false ? 'echo' : 'html');
     }
 
     /**
@@ -1622,8 +1624,13 @@ class PHPMailer
 
         foreach ($hosts as $hostentry) {
             $hostinfo = array();
-            if (!preg_match('/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*):?([0-9]*)$/', trim($hostentry), $hostinfo)) {
+            if (!preg_match(
+                '/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*|\[[a-fA-F0-9:]+\]):?([0-9]*)$/',
+                trim($hostentry),
+                $hostinfo
+            )) {
                 // Not a valid host entry
+                $this->edebug('Ignoring invalid host: ' . $hostentry);
                 continue;
             }
             // $hostinfo[2]: optional ssl or tls prefix
@@ -1742,6 +1749,7 @@ class PHPMailer
             'dk' => 'da',
             'no' => 'nb',
             'se' => 'sv',
+            'sr' => 'rs'
         );
 
         if (isset($renamed_langcodes[$langcode])) {
@@ -2024,10 +2032,7 @@ class PHPMailer
     {
         $result = '';
 
-        if ($this->MessageDate == '') {
-            $this->MessageDate = self::rfcDate();
-        }
-        $result .= $this->headerLine('Date', $this->MessageDate);
+        $result .= $this->headerLine('Date', $this->MessageDate == '' ? self::rfcDate() : $this->MessageDate);
 
         // To be created automatically by mail()
         if ($this->SingleTo) {
@@ -4033,7 +4038,7 @@ class phpmailerException extends Exception
      */
     public function errorMessage()
     {
-        $errorMsg = '<strong>' . $this->getMessage() . "</strong><br />\n";
+        $errorMsg = '<strong>' . htmlspecialchars($this->getMessage()) . "</strong><br />\n";
         return $errorMsg;
     }
 }

system/libs/phpmailer/class.pop3.php

@@ -34,7 +34,7 @@ class POP3
      * @var string
      * @access public
      */
-    public $Version = '5.2.23';
+    public $Version = '5.2.26';
 
     /**
      * Default POP3 port number.

system/libs/phpmailer/class.smtp.php

@@ -30,7 +30,7 @@ class SMTP
      * The PHPMailer SMTP version number.
      * @var string
      */
-    const VERSION = '5.2.23';
+    const VERSION = '5.2.26';
 
     /**
      * SMTP line break constant.
@@ -81,7 +81,7 @@ class SMTP
      * @deprecated Use the `VERSION` constant instead
      * @see SMTP::VERSION
      */
-    public $Version = '5.2.23';
+    public $Version = '5.2.26';
 
     /**
      * SMTP server port number.
@@ -151,9 +151,8 @@ class SMTP
     public $Timelimit = 300;
 
     /**
-     * @var array patterns to extract smtp transaction id from smtp reply
-     * Only first capture group will be use, use non-capturing group to deal with it
-     * Extend this class to override this property to fulfil your needs.
+     * @var array Patterns to extract an SMTP transaction id from reply to a DATA command.
+     * The first capture group in each regex will be used as the ID.
      */
     protected $smtp_transaction_id_patterns = array(
         'exim' => '/[0-9]{3} OK id=(.*)/',
@@ -161,6 +160,12 @@ class SMTP
         'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
     );
 
+    /**
+     * @var string The last transaction ID issued in response to a DATA command,
+     * if one was detected
+     */
+    protected $last_smtp_transaction_id;
+
     /**
      * The socket for the server connection.
      * @var resource
@@ -227,7 +232,7 @@ class SMTP
                 break;
             case 'html':
                 //Cleans up output a bit for a better looking, HTML-safe output
-                echo htmlentities(
+                echo gmdate('Y-m-d H:i:s') . ' ' . htmlentities(
                     preg_replace('/[\r\n]+/', '', $str),
                     ENT_QUOTES,
                     'UTF-8'
@@ -709,6 +714,7 @@ class SMTP
         $savetimelimit = $this->Timelimit;
         $this->Timelimit = $this->Timelimit * 2;
         $result = $this->sendCommand('DATA END', '.', 250);
+        $this->recordLastTransactionID();
         //Restore timelimit
         $this->Timelimit = $savetimelimit;
         return $result;
@@ -989,7 +995,10 @@ class SMTP
     public function client_send($data)
     {
         $this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
-        return fwrite($this->smtp_conn, $data);
+        set_error_handler(array($this, 'errorHandler'));
+        $result = fwrite($this->smtp_conn, $data);
+        restore_error_handler();
+        return $result;
     }
 
     /**
@@ -1089,8 +1098,10 @@ class SMTP
             $this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
             $this->edebug("SMTP -> get_lines(): \$str is  \"$str\"", self::DEBUG_LOWLEVEL);
             $data .= $str;
-            // If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
-            if ((isset($str[3]) and $str[3] == ' ')) {
+            // If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
+            // or 4th character is a space, we are done reading, break the loop,
+            // string array access is a micro-optimisation over strlen
+            if (!isset($str[3]) or (isset($str[3]) and $str[3] == ' ')) {
                 break;
             }
             // Timed-out? Log and break
@@ -1226,26 +1237,40 @@ class SMTP
     }
 
     /**
-     * Will return the ID of the last smtp transaction based on a list of patterns provided
-     * in SMTP::$smtp_transaction_id_patterns.
+     * Extract and return the ID of the last SMTP transaction based on
+     * a list of patterns provided in SMTP::$smtp_transaction_id_patterns.
+     * Relies on the host providing the ID in response to a DATA command.
      * If no reply has been received yet, it will return null.
-     * If no pattern has been matched, it will return false.
+     * If no pattern was matched, it will return false.
      * @return bool|null|string
      */
-    public function getLastTransactionID()
+    protected function recordLastTransactionID()
     {
         $reply = $this->getLastReply();
 
         if (empty($reply)) {
-            return null;
-        }
-
-        foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
-            if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
-                return $matches[1];
+            $this->last_smtp_transaction_id = null;
+        } else {
+            $this->last_smtp_transaction_id = false;
+            foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
+                if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
+                    $this->last_smtp_transaction_id = $matches[1];
+                }
             }
         }
 
-        return false;
+        return $this->last_smtp_transaction_id;
+    }
+
+    /**
+     * Get the queue/transaction ID of the last SMTP transaction
+     * If no reply has been received yet, it will return null.
+     * If no pattern was matched, it will return false.
+     * @return bool|null|string
+     * @see recordLastTransactionID()
+     */
+    public function getLastTransactionID()
+    {
+        return $this->last_smtp_transaction_id;
     }
 }

system/libs/phpmailer/language/phpmailer.lang-ba.php

@@ -0,0 +1,26 @@
+<?php
+/**
+ * Bosnian PHPMailer language file: refer to English translation for definitive list
+ * @package PHPMailer
+ * @author Ermin Islamagić <ermin@islamagic.com>
+ */
+
+$PHPMAILER_LANG['authenticate']         = 'SMTP Greška: Neuspjela prijava.';
+$PHPMAILER_LANG['connect_host']         = 'SMTP Greška: Ne moguće se spojiti sa SMTP serverom.';
+$PHPMAILER_LANG['data_not_accepted']    = 'SMTP Greška: Podatci nisu prihvaćeni.';
+$PHPMAILER_LANG['empty_message']        = 'Sadržaj poruke je prazan.';
+$PHPMAILER_LANG['encoding']             = 'Nepoznata kriptografija: ';
+$PHPMAILER_LANG['execute']              = 'Nije moguće izvršiti naredbu: ';
+$PHPMAILER_LANG['file_access']          = 'Nije moguće pristupiti datoteci: ';
+$PHPMAILER_LANG['file_open']            = 'Nije moguće otvoriti datoteku: ';
+$PHPMAILER_LANG['from_failed']          = 'SMTP Greška: Slanje sa navedenih e-mail adresa nije uspjelo: ';
+$PHPMAILER_LANG['recipients_failed']    = 'SMTP Greška: Slanje na navedene e-mail adrese nije uspjelo: ';
+$PHPMAILER_LANG['instantiate']          = 'Ne mogu pokrenuti mail funkcionalnost.';
+$PHPMAILER_LANG['invalid_address']      = 'E-mail nije poslan. Neispravna e-mail adresa: ';
+$PHPMAILER_LANG['mailer_not_supported'] = ' mailer nije podržan.';
+$PHPMAILER_LANG['provide_address']      = 'Definišite barem jednu adresu primaoca.';
+$PHPMAILER_LANG['signing']              = 'Greška prilikom prijave: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'Spajanje na SMTP server nije uspjelo.';
+$PHPMAILER_LANG['smtp_error']           = 'SMTP greška: ';
+$PHPMAILER_LANG['variable_set']         = 'Nije moguće postaviti varijablu ili je vratiti nazad: ';
+$PHPMAILER_LANG['extension_missing']    = 'Nedostaje ekstenzija: ';

system/libs/phpmailer/language/phpmailer.lang-nb.php

@@ -1,25 +1,25 @@
 <?php
 /**
- * Norwegian PHPMailer language file: refer to English translation for definitive list
+ * Norwegian Bokmål PHPMailer language file: refer to English translation for definitive list
  * @package PHPMailer
  */
 
 $PHPMAILER_LANG['authenticate']         = 'SMTP Feil: Kunne ikke autentisere.';
 $PHPMAILER_LANG['connect_host']         = 'SMTP Feil: Kunne ikke koble til SMTP tjener.';
-$PHPMAILER_LANG['data_not_accepted']    = 'SMTP Feil: Data ble ikke akseptert.';
-$PHPMAILER_LANG['empty_message']        = 'Meldingsinnholdet er tomt';
-$PHPMAILER_LANG['encoding']             = 'Ukjent tegnkoding: ';
+$PHPMAILER_LANG['data_not_accepted']    = 'SMTP Feil: Datainnhold ikke akseptert.';
+$PHPMAILER_LANG['empty_message']        = 'Melding kropp tomt';
+$PHPMAILER_LANG['encoding']             = 'Ukjent koding: ';
 $PHPMAILER_LANG['execute']              = 'Kunne ikke utføre: ';
 $PHPMAILER_LANG['file_access']          = 'Får ikke tilgang til filen: ';
-$PHPMAILER_LANG['file_open']            = 'Fil feil: Kunne ikke åpne filen: ';
-$PHPMAILER_LANG['from_failed']          = 'Følgende avsenderadresse feilet: ';
-$PHPMAILER_LANG['instantiate']          = 'Kunne ikke initialisere mailfunksjonen.';
-$PHPMAILER_LANG['invalid_address']      = 'Meldingen ble ikke sendt, følgende adresse er ugyldig: ';
-$PHPMAILER_LANG['provide_address']      = 'Du må angi minst en mottakeradresse.';
-$PHPMAILER_LANG['mailer_not_supported'] = ' mailer er ikke supportert.';
-$PHPMAILER_LANG['recipients_failed']    = 'SMTP Feil: Følgende mottagere feilet: ';
-$PHPMAILER_LANG['signing']              = 'Signeringsfeil: ';
-$PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP Connect() feilet.';
-$PHPMAILER_LANG['smtp_error']           = 'SMTP-serverfeil: ';
-$PHPMAILER_LANG['variable_set']         = 'Kan ikke sette eller resette variabelen: ';
-//$PHPMAILER_LANG['extension_missing']    = 'Extension missing: ';
+$PHPMAILER_LANG['file_open']            = 'Fil Feil: Kunne ikke åpne filen: ';
+$PHPMAILER_LANG['from_failed']          = 'Følgende Frå adresse feilet: ';
+$PHPMAILER_LANG['instantiate']          = 'Kunne ikke initialisere post funksjon.';
+$PHPMAILER_LANG['invalid_address']      = 'Ugyldig adresse: ';
+$PHPMAILER_LANG['mailer_not_supported'] = ' sender er ikke støttet.';
+$PHPMAILER_LANG['provide_address']      = 'Du må opppgi minst en mottakeradresse.';
+$PHPMAILER_LANG['recipients_failed']    = 'SMTP Feil: Følgende mottakeradresse feilet: ';
+$PHPMAILER_LANG['signing']              = 'Signering Feil: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP connect() feilet.';
+$PHPMAILER_LANG['smtp_error']           = 'SMTP server feil: ';
+$PHPMAILER_LANG['variable_set']         = 'Kan ikke skrive eller omskrive variabel: ';
+$PHPMAILER_LANG['extension_missing']    = 'Utvidelse mangler: ';

system/libs/phpmailer/language/phpmailer.lang-pt_br.php

@@ -5,6 +5,7 @@
  * @author Paulo Henrique Garcia <paulo@controllerweb.com.br>
  * @author Lucas Guimarães <lucas@lucasguimaraes.com>
  * @author Phelipe Alves <phelipealvesdesouza@gmail.com>
+ * @author Fabio Beneditto <fabiobeneditto@gmail.com>
  */
 
 $PHPMAILER_LANG['authenticate']         = 'Erro de SMTP: Não foi possível autenticar.';
@@ -15,7 +16,7 @@ $PHPMAILER_LANG['encoding']             = 'Codificação desconhecida: ';
 $PHPMAILER_LANG['execute']              = 'Não foi possível executar: ';
 $PHPMAILER_LANG['file_access']          = 'Não foi possível acessar o arquivo: ';
 $PHPMAILER_LANG['file_open']            = 'Erro de Arquivo: Não foi possível abrir o arquivo: ';
-$PHPMAILER_LANG['from_failed']          = 'Os seguintes remententes falharam: ';
+$PHPMAILER_LANG['from_failed']          = 'Os seguintes remetentes falharam: ';
 $PHPMAILER_LANG['instantiate']          = 'Não foi possível instanciar a função mail.';
 $PHPMAILER_LANG['invalid_address']      = 'Endereço de e-mail inválido: ';
 $PHPMAILER_LANG['mailer_not_supported'] = ' mailer não é suportado.';

system/libs/phpmailer/language/phpmailer.lang-rs.php

@@ -23,4 +23,4 @@ $PHPMAILER_LANG['signing']              = 'Грешка приликом при
 $PHPMAILER_LANG['smtp_connect_failed']  = 'Повезивање са SMTP сервером није успело.';
 $PHPMAILER_LANG['smtp_error']           = 'Грешка SMTP сервера: ';
 $PHPMAILER_LANG['variable_set']         = 'Није могуће задати променљиву, нити је вратити уназад: ';
-//$PHPMAILER_LANG['extension_missing']    = 'Extension missing: ';
+$PHPMAILER_LANG['extension_missing']    = 'Недостаје проширење: ';

system/libs/phpmailer/language/phpmailer.lang-tr.php

@@ -6,6 +6,7 @@
  * @author Can Yılmaz
  * @author Mehmet Benlioğlu
  * @author @yasinaydin
+ * @author Ogün Karakuş
  */
 
 $PHPMAILER_LANG['authenticate']         = 'SMTP Hatası: Oturum açılamadı.';
@@ -26,4 +27,4 @@ $PHPMAILER_LANG['signing']              = 'İmzalama hatası: ';
 $PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP connect() fonksiyonu başarısız.';
 $PHPMAILER_LANG['smtp_error']           = 'SMTP sunucu hatası: ';
 $PHPMAILER_LANG['variable_set']         = 'Değişken ayarlanamadı ya da sıfırlanamadı: ';
-//$PHPMAILER_LANG['extension_missing']    = 'Extension missing: ';
+$PHPMAILER_LANG['extension_missing']    = 'Eklenti bulunamadı: ';

system/libs/phpmailer/language/phpmailer.lang-zh_cn.php

@@ -4,13 +4,14 @@
  * @package PHPMailer
  * @author liqwei <liqwei@liqwei.com>
  * @author young <masxy@foxmail.com>
+ * @author Teddysun <i@teddysun.com>
  */
 
 $PHPMAILER_LANG['authenticate']         = 'SMTP 错误：登录失败。';
 $PHPMAILER_LANG['connect_host']         = 'SMTP 错误：无法连接到 SMTP 主机。';
 $PHPMAILER_LANG['data_not_accepted']    = 'SMTP 错误：数据不被接受。';
 $PHPMAILER_LANG['empty_message']        = '邮件正文为空。';
-$PHPMAILER_LANG['encoding']             = '未知编码: ';
+$PHPMAILER_LANG['encoding']             = '未知编码：';
 $PHPMAILER_LANG['execute']              = '无法执行：';
 $PHPMAILER_LANG['file_access']          = '无法访问文件：';
 $PHPMAILER_LANG['file_open']            = '文件错误：无法打开文件：';
@@ -22,6 +23,6 @@ $PHPMAILER_LANG['provide_address']      = '必须提供至少一个收件人地
 $PHPMAILER_LANG['recipients_failed']    = 'SMTP 错误：收件人地址错误：';
 $PHPMAILER_LANG['signing']              = '登录失败：';
 $PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP服务器连接失败。';
-$PHPMAILER_LANG['smtp_error']           = 'SMTP服务器出错: ';
+$PHPMAILER_LANG['smtp_error']           = 'SMTP服务器出错：';
 $PHPMAILER_LANG['variable_set']         = '无法设置或重置变量：';
-//$PHPMAILER_LANG['extension_missing']    = 'Extension missing: ';
+$PHPMAILER_LANG['extension_missing']    = '丢失模块 Extension：';

system/libs/plugins.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -108,7 +107,7 @@ class Plugins {
 											$query = $query->fetch();
 											$db->update(TABLE_PREFIX . 'hooks', array('type' => $hook, 'file' => $info['file']), array('id' => (int)$query['id']));
 										} else {
-											$db->insert(TABLE_PREFIX . 'hooks', array('id' => 'NULL', 'name' => $_name, 'type' => $hook, 'file' => $info['file']));
+											$db->insert(TABLE_PREFIX . 'hooks', array('id' => null, 'name' => $_name, 'type' => $hook, 'file' => $info['file']));
 										}
 									} else
 										self::$warnings[] = 'Unknown event type: ' . $info['type'];
@@ -138,6 +137,66 @@ class Plugins {
 		return false;
 	}
 	
+	public static function uninstall($plugin_name) {
+		global $cache, $db;
+		
+		$filename = BASE . 'plugins/' . $plugin_name . '.json';
+		if(!file_exists($filename)) {
+			self::$error = 'Plugin ' . $plugin_name . ' does not exist.';
+			return false;
+		}
+		else {
+			$string = file_get_contents($filename);
+			$plugin_info = json_decode($string, true);
+			if($plugin_info == false) {
+				self::$error = 'Cannot load plugin info ' . $plugin_name . '.json';
+				return false;
+			}
+			else {
+				if(!isset($plugin_info['uninstall'])) {
+					self::$error = "Plugin doesn't have uninstall options defined. Skipping...";
+					return false;
+				}
+				else {
+					$success = true;
+					foreach($plugin_info['uninstall'] as $file) {
+						$file = BASE . $file;
+						if(!deleteDirectory($file)) {
+							$success = false;
+						}
+					}
+					
+					if (isset($plugin_info['hooks'])) {
+						foreach ($plugin_info['hooks'] as $_name => $info) {
+							if (defined('HOOK_'. $info['type'])) {
+								$hook = constant('HOOK_'. $info['type']);
+								$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';');
+								if ($query->rowCount() == 1) { // found something
+									$query = $query->fetch();
+									$db->delete(TABLE_PREFIX . 'hooks', array('id' => (int)$query['id']));
+								}
+							} else
+								self::$warnings[] = 'Unknown event type: ' . $info['type'];
+						}
+					}
+					
+					if($success) {
+						if($cache->enabled()) {
+							$cache->delete('templates');
+						}
+						
+						return true;
+					}
+					else {
+						self::$error = error_get_last();
+					}
+				}
+			}
+		}
+		
+		return false;
+	}
+	
 	public static function getWarnings() {
 		return self::$warnings;
 	}

system/libs/pot/OTS_Account.php

@@ -334,6 +334,9 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
             throw new E_OTS_NotLoaded();
         }
 
+		if(fieldExist('premdays', 'accounts'))
+			return $this->data['premdays'];
+		
         if($this->data['lastday'] == 0)
             return 0;
         
@@ -341,7 +344,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
         //return $this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday']));
     }
 	
-    public function getLastLogin()
+   public function getLastLogin()
     {
         if( !isset($this->data['lastday']) )
         {
@@ -355,6 +358,9 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
     {
 		global $config;
         if(isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium'])) return true;
+		if(fieldExist('premdays', 'accounts'))
+			return $this->data['premdays'] > 0;
+	
 		return $this->data['lastday'] > time();
         //return ($this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday'])) > 0);
     }

system/libs/spells.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/timer.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/libs/usage_statistics.php

@@ -5,33 +5,28 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
 class Usage_Statistics {
-	public static function report() {
-		$url = 'http://my-acc.org/report_usage.php';
-		//$url = BASE_URL . 'report_usage.php';
+	private static $report_url = 'https://my-aac.org/report_usage.php';
 	
+	public static function report() {
 		$data = json_encode(self::getStats());
+		
 		$options = array(
 			'http' => array(
-				'header'  => 'Content-type: application/json',
-				'method'  => 'POST',
+				'header'  => 'Content-type: application/json' . "\r\n"
+				. 'Content-Length: ' . strlen($data) . "\r\n",
 				'content' => $data
 			)
 		);
 		
 		$context  = stream_context_create($options);
-		$result = file_get_contents($url, false, $context);
-		if ($result === false) {
-			return false;
-		}
+		$result = file_get_contents(self::$report_url, false, $context);
 
-		return true;
-		//var_dump($result);
+		return $result !== false;
 	}
 
 	public static function getStats() {

system/libs/validator.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -365,6 +364,11 @@ class Validator
 	 */
 	public static function guildName($name)
 	{
+		if(empty($name)) {
+			self::$lastError = 'Please enter guild name.';
+			return false;
+		}
+		
 		if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
 			self::$lastError = 'Invalid guild name format.';
 			return false;
@@ -387,6 +391,11 @@ class Validator
 	 */
 	public static function rankName($name)
 	{
+		if(empty($name)) {
+			self::$lastError = 'Please enter rank name.';
+			return false;
+		}
+		
 		if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) {
 			self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
 			return false;

system/libs/visitors.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -107,7 +106,7 @@ class Visitors
 		}
 		
 		global $db;
-		return $db->query('SELECT ' . $db->fieldName('ip') . ', ' . $db->fieldName('lastvisit') . ', ' . $db->fieldName('page') . ' FROM ' . $db->tableName(TABLE_PREFIX . 'visitors') . ' ORDER BY ' . $db->fieldName('lastvisit') . ' DESC')->fetch();
+		return $db->query('SELECT ' . $db->fieldName('ip') . ', ' . $db->fieldName('lastvisit') . ', ' . $db->fieldName('page') . ' FROM ' . $db->tableName(TABLE_PREFIX . 'visitors') . ' ORDER BY ' . $db->fieldName('lastvisit') . ' DESC')->fetchAll();
 	}
 
 	public function getAmountVisitors()

system/libs/weapons.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/locale/en/install.php

@@ -51,6 +51,8 @@ $locale['step_config_mail_address_desc'] = 'Address which will be used for outgo
 $locale['step_config_mail_address_error'] = 'Server E-Mail is not correct.';
 $locale['step_config_client'] = 'Client version';
 $locale['step_config_client_desc'] = 'Used for download page and some templates';
+$locale['step_config_usage'] = 'Usage Statistics';
+$locale['step_config_usage_desc'] = 'Allow MyAAC to report anonymous usage statistics? The data is sent only once per 30 days and is fully confidential.';
 
 // database
 $locale['step_database'] = 'Import schema';
@@ -63,7 +65,7 @@ $locale['step_database_error_only_mysql'] = 'This AAC supports only MySQL. From
 $locale['step_database_error_table'] = 'Table $TABLE$ doesn\'t exist. Please import your OTS database schema first.';
 $locale['step_database_error_table_exist'] = 'Table $TABLE$ already exist. Seems AAC is already installed. Skipping importing MySQL schema..';
 $locale['step_database_error_schema'] = 'Error while importing schema:';
-$locale['step_database_success_schema'] = 'Succesfully installed $PREFIX$ tables.';
+$locale['step_database_success_schema'] = 'Successfully installed $PREFIX$ tables.';
 $locale['step_database_error_file'] = '$FILE$ couldn\'t be opened. Please copy this content and paste there:';
 $locale['step_database_adding_field'] = 'Adding field';
 $locale['step_database_modifying_field'] = 'Modifying field';

system/login.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -13,7 +12,9 @@ $logged = false;
 $logged_flags = 0;
 
 $action = isset($_REQUEST['action']) ? strtolower($_REQUEST['action']) : '';
-if($action == 'logout' && !isset($_REQUEST['account_login']))
+define('ACTION', $action);
+
+if(ACTION == 'logout' && !isset($_REQUEST['account_login']))
 {
 	unsetSession('account');
 	unsetSession('password');

system/migrations/16.php

@@ -0,0 +1,5 @@
+<?php
+
+// change size of spells.vocations
+$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(300) NOT NULL DEFAULT '';");
+?>

system/migrations/17.php

@@ -0,0 +1,88 @@
+<?php
+
+if(!tableExist('myaac_menu')) {
+	$db->query("
+CREATE TABLE `myaac_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`template` VARCHAR(255) NOT NULL,
+	`name` VARCHAR(255) NOT NULL,
+	`link` VARCHAR(255) NOT NULL,
+	`category` INT(11) NOT NULL DEFAULT 1,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE = MyISAM;");
+	
+	$db->query("
+/* MENU_CATEGORY_NEWS kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Latest News', 'news', 1, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'News Archive', 'news/archive', 1, 1);
+/* MENU_CATEGORY_ACCOUNT kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Account Management', 'account/manage', 2, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Create Account', 'account/create', 2, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Lost Account?', 'account/lost', 2, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Server Rules', 'rules', 2, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Downloads', 'downloads', 5, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Report Bug', 'bugtracker', 2, 5);
+/* MENU_CATEGORY_COMMUNITY kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Who is Online?', 'online', 3, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Characters', 'characters', 3, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Guilds', 'guilds', 3, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Highscores', 'highscores', 3, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Last Deaths', 'lastkills', 3, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Houses', 'houses', 3, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Bans', 'bans', 3, 6);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Forum', 'forum', 3, 7);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Team', 'team', 3, 8);
+/* MENU_CATEGORY_LIBRARY kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Monsters', 'creatures', 5, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Spells', 'spells', 5, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Server Info', 'serverInfo', 5, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Commands', 'commands', 5, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Gallery', 'gallery', 5, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Experience Table', 'experienceTable', 5, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'FAQ', 'faq', 5, 6);
+/* MENU_CATEGORY_SHOP kathrine */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Buy Points', 'points', 6, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Shop Offer', 'gifts', 6, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Shop History', 'gifts/history', 6, 2);
+/* MENU_CATEGORY_NEWS tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Latest News', 'news', 1, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'News Archive', 'news/archive', 1, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Changelog', 'changelog', 1, 2);
+/* MENU_CATEGORY_ACCOUNT tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Account Management', 'account/manage', 2, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Create Account', 'account/create', 2, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Lost Account?', 'account/lost', 2, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Server Rules', 'rules', 2, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Downloads', 'downloads', 2, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Report Bug', 'bugtracker', 2, 5);
+/* MENU_CATEGORY_COMMUNITY tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Characters', 'characters', 3, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Who Is Online?', 'online', 3, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Highscores', 'highscores', 3, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Last Kills', 'lastkills', 3, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Houses', 'houses', 3, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Guilds', 'guilds', 3, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Polls', 'polls', 3, 6);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Bans', 'bans', 3, 7);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Support List', 'team', 3, 8);
+/* MENU_CATEGORY_FORUM tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Forum', 'forum', 4, 0);
+/* MENU_CATEGORY_LIBRARY tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Creatures', 'creatures', 5, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Spells', 'spells', 5, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Commands', 'commands', 5, 2);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Exp Stages', 'experienceStages', 5, 3);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Gallery', 'gallery', 5, 4);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Server Info', 'serverInfo', 5, 5);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Experience Table', 'experienceTable', 5, 6);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Support List', 'team', 5, 7);
+/* MENU_CATEGORY_SHOP tibiacom */
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Buy Points', 'points', 6, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop Offer', 'gifts', 6, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop History', 'gifts/history', 6, 2);
+	");
+}
+?>

system/migrations/18.php

@@ -0,0 +1,6 @@
+<?php
+
+$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_text` VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`;");
+$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_image` VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`;");
+
+?>

system/pages/404.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account.php

@@ -1,25 +1,16 @@
 <?php
 /**
  * Account confirm mail
+ * Keept for compability
  *
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Account';
 
-if($action == 'confirm_email')
-{
-	$res = $db->query('SELECT email_hash FROM accounts WHERE email_hash = ' . $db->quote($_GET['v']));
-	if(!$res->rowCount())
-		echo '<div class="note">Your email couldn\'t be verified. Please contact staff to do it manually.</div>';
-	else
-	{
-		$db->update('accounts', array('email_verified' => '1'), array('email_hash' => $_GET['v']));
-		echo '<div class="success">You have now verified your e-mail, this will increase the security of your account. Thank you for doing this.</div>';
-	}
+if($action == 'confirm_email') {
+	require_once(PAGES . 'account/confirm_email.php');
 }
 ?>

system/pages/account/change_comment.php

@@ -6,12 +6,11 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
-$player_name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
+$player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
 $new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;
 $new_hideacc = isset($_POST['accountvisible']) ? (int)$_POST['accountvisible'] : NULL;
 

system/pages/account/change_email.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/change_info.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/change_name.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/change_password.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/change_sex.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/confirm_email.php

@@ -0,0 +1,29 @@
+<?php
+/**
+ * Account confirm mail
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Confirm Email';
+
+$hash = isset($_GET['v']) ? $_GET['v'] : '';
+if(empty($hash)) {
+	warning('Please enter email hash code.<br/>If you copied the link, please try again with full link.');
+	return;
+}
+
+$res = $db->query('SELECT `email_hash` FROM `accounts` WHERE `email_hash` = ' . $db->quote($hash));
+if(!$res->rowCount()) {
+	note("Your email couldn't be verified. Please contact staff to do it manually.");
+}
+else
+{
+	$db->update('accounts', array('email_verified' => '1'), array('email_hash' => $hash));
+	success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this.');
+}
+?>

system/pages/account/create_character.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/delete_character.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/register.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/account/register_new.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/accountmanagement.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -26,6 +25,11 @@ if(!$logged)
 	}
 	else
 	{
+		if($action == 'confirm_email') {
+			require(PAGES . 'account/' . $action . '.php');
+			return;
+		}
+		
 		if(!empty($errors))
 			echo $twig->render('error_box.html.twig', array('errors' => $errors));
 		
@@ -34,8 +38,9 @@ if(!$logged)
 			'account' => USE_ACCOUNT_NAME ? 'Name' : 'Number',
 			'error' => isset($errors[0]) ? $errors[0] : null
 		));
-	return;
 	}
+
+	return;
 }
 
 $errors = array();
@@ -124,7 +129,15 @@ $errors = array();
 			'players' => $account_players
 		));
 	}
-	else if(file_exists(PAGES . 'account/' . $action . '.php')) {
-		require(PAGES . 'account/' . $action . '.php');
+	else {
+		if(!ctype_alnum(str_replace(array('-', '_'), '', $action))) {
+			error('Error: Action contains illegal characters.');
+		}
+		else if(file_exists(PAGES . 'account/' . $action . '.php')) {
+			require(PAGES . 'account/' . $action . '.php');
+		}
+		else {
+			error('This page does not exists.');
+		}
 	}
 ?>

system/pages/admin/changelog.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -17,10 +16,12 @@ if(!file_exists(BASE . 'CHANGELOG')) {
 }
 
 $changelog = file_get_contents(BASE . 'CHANGELOG');
-$changelog = nl2br(htmlspecialchars($changelog));
+$changelog = htmlspecialchars($changelog);
 
 // replace URLs with <a href...> elements
 $changelog = preg_replace('/\s(\w+:\/\/)(\S+)/', ' <a href="\\1\\2" target="_blank">\\1\\2</a>', $changelog);
 
+$changelog = nl2br($changelog);
+
 echo '<div>' . $changelog . '</div>';
 ?>

system/pages/admin/dashboard.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -89,11 +88,8 @@ function clearCache()
 	if($cache->fetch('news' . $template_name . '_' . NEWS, $tmp))
 		$cache->delete('news' . $template_name . '_' . NEWS);
 
-	if($cache->fetch('news' . $template_name . '_' . TICKET, $tmp))
-		$cache->delete('news' . $template_name . '_' . TICKET);
-
-	if($cache->fetch('news' . $template_name . '_' . ARTICLE, $tmp))
-		$cache->delete('news' . $template_name . '_' . ARTICLE);
+	if($cache->fetch('news' . $template_name . '_' . TICKER, $tmp))
+		$cache->delete('news' . $template_name . '_' . TICKER);
 	
 	if($cache->fetch('template_ini' . $template_name, $tmp))
 		$cache->delete('template_ini' . $template_name);

system/pages/admin/items.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/login.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/logs.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/mailer.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/menus.php

@@ -0,0 +1,110 @@
+<?php
+/**
+ * Menus
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2017 MyAAC
+ * @link      http://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+$title = 'Menus';
+
+if(!hasFlag(FLAG_CONTENT_MENUS) && !superAdmin())
+{
+	echo 'Access denied.';
+	return;
+}
+
+if(isset($_REQUEST['template'])) {
+	$template = $_REQUEST['template'];
+	
+	if(isset($_REQUEST['menu'])) {
+		$post_menu = $_REQUEST['menu'];
+		$post_menu_link = $_REQUEST['menu_link'];
+		if(count($post_menu) != count($post_menu_link)) {
+			echo 'Menu count is not equal menu links. Something went wrong when sending form.';
+			return;
+		}
+		
+		$db->query('DELETE FROM `' . TABLE_PREFIX . 'menu` WHERE `template` = ' . $db->quote($template));
+		foreach($post_menu as $category => $menus) {
+			foreach($menus as $i => $menu) {
+				if(empty($menu)) // don't save empty menu item
+					continue;
+				
+				try {
+					$db->insert(TABLE_PREFIX . 'menu', array('template' => $template, 'name' => $menu, 'link' => $post_menu_link[$category][$i], 'category' => $category, 'ordering' => $i));
+				}
+				catch(PDOException $error) {
+					warning('Error while adding menu item (' . $menu . '): ' . $error->getMessage());
+				}
+			}
+		}
+		
+		success('Saved at ' . date('H:i'));
+	}
+	
+	$file = TEMPLATES . $template . '/config.php';
+	if(file_exists($file)) {
+		require_once($file);
+	}
+	else {
+		echo 'Cannot find template config.php file.';
+		return;
+	}
+	
+	if(!isset($config['menu_categories'])) {
+		echo "No menu categories set in template config.php.<br/>This template doesn't support dynamic menus.";
+		return;
+	}
+	
+	echo 'Hint: You can drag menu items.<br/>Editing: ' . $template . ' template.';
+	$menus = array();
+	$menus_db = $db->query('SELECT `name`, `link`, `category`, `ordering` FROM `' . TABLE_PREFIX . 'menu` WHERE `enabled` = 1 AND `template` = ' . $db->quote($template) . ' ORDER BY `ordering` ASC;')->fetchAll();
+	foreach($menus_db as $menu) {
+		$menus[$menu['category']][] = array('name' => $menu['name'], 'link' => $menu['link'], 'ordering' => $menu['ordering']);
+	}
+	
+	$last_id = array();
+	echo '<form method="post" action="?p=menus">';
+	echo '<input type="hidden" name="template" value="' . $template . '"/>';
+	foreach($config['menu_categories'] as $id => $cat) {
+		echo '<h2>' . $cat['name'] . '<img class="add-button" id="add-button-' . $id . '" src="' . BASE_URL . 'images/plus.png" width="16" height="16"/></h2>';
+		echo '<ul class="sortable" id="sortable-' . $id . '">';
+		if(isset($menus[$id])) {
+			$i = 0;
+			foreach($menus[$id] as $menu) {
+				echo '<li class="ui-state-default" id="list-' . $id . '-' . $i . '"><input type="text" name="menu[' . $id . '][]" value="' . $menu['name'] . '"/><input type="text" name="menu_link[' . $id . '][]" value="' . $menu['link'] . '"/><a class="remove-button" id="remove-button-' . $id . '-' . $i . '"><img src="' . BASE_URL . 'images/del.png"/></a></li>';
+				
+				$i++;
+				$last_id[$id] = $i;
+			}
+		}
+			
+		echo '</ul>';
+	}
+	
+	echo '<input type="submit" class="button" value="Update">';
+	echo '<input type="button" class="button" value="Cancel" onclick="window.location = \'' . ADMIN_URL . '?p=menus&template=' . $template . '\';">';
+	echo '</form>';
+	
+	echo $twig->render('admin.menus.js.html.twig', array(
+		'menus' => $menus,
+		'last_id' => $last_id
+	));
+}
+else {
+	$templates = $db->query('SELECT `template` FROM `' . TABLE_PREFIX . 'menu` GROUP BY `template`;')->fetchAll();
+	foreach($templates as $key => $value) {
+		$file = TEMPLATES . $value['template'] . '/config.php';
+		if(!file_exists($file)) {
+			unset($templates[$key]);
+		}
+	}
+	
+	echo $twig->render('admin.menus.form.html.twig', array(
+		'templates' => $templates
+	));
+}
+?>

system/pages/admin/notepad.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -20,7 +19,7 @@ if(isset($_POST['content']))
 	else
 		Notepad::update($account_logged->getId(), $_content);
 
-	echo '<div class="success" style="text-align: center;">Saved at ' . date('g:i A') . '</div>';
+	echo '<div class="success" style="text-align: center;">Saved at ' . date('H:i') . '</div>';
 }
 else
 {

system/pages/admin/pages.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -34,12 +33,13 @@ if(!empty($action))
 	if(isset($_REQUEST['title']))
 		$p_title = $_REQUEST['title'];
 
-	$php = isset($_REQUEST['php']);
-	//if($php)
-	//	$body = $_REQUEST['body'];
-	//else
-	if(isset($_REQUEST['body']))
+	$php = isset($_REQUEST['php']) && $_REQUEST['php'] == 1;
+	if($php)
+		$body = $_REQUEST['body'];
+	else if(isset($_REQUEST['body'])) {
+		//$body = $_REQUEST['body'];
 		$body = html_entity_decode(stripslashes($_REQUEST['body']));
+	}
 
 	if(isset($_REQUEST['access']))
 		$access = $_REQUEST['access'];
@@ -56,7 +56,8 @@ if(!empty($action))
 		}
 	}
 	else if($action == 'delete') {
-		Pages::delete($id, $errors);
+		if(Pages::delete($id, $errors))
+			success('Page with id ' . $id . ' has been deleted');
 	}
 	else if($action == 'edit')
 	{
@@ -90,7 +91,7 @@ $query =
 $pages = array();
 foreach($query as $_page) {
 	$pages[] = array(
-		'link' => getFullLink($_page['name'], $_page['name']),
+		'link' => getFullLink($_page['name'], $_page['name'], true),
 		'title' => substr($_page['title'], 0, 20),
 		'id' => $_page['id'],
 		'hidden' => $_page['hidden']
@@ -133,7 +134,7 @@ class Pages
 			if($query === false)
 				$db->insert(TABLE_PREFIX . 'pages', array('name' => $name, 'title' => $title, 'body' => $body, 'player_id' => $player_id, 'php' => $php ? '1' : '0', 'access' => $access));
 			else
-				$errors[] = 'Page with this words already exists.';
+				$errors[] = 'Page with this link already exists.';
 		}
 		else
 			$errors[] = 'Please fill all inputs.';

system/pages/admin/phpinfo.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/players.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/plugins.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -14,67 +13,16 @@ $title = 'Plugin manager';
 require(SYSTEM . 'hooks.php');
 require(LIBS . 'plugins.php');
 
-function deleteDirectory($dir) {
-	if(!file_exists($dir)) {
-		return true;
-	}
-	
-	if(!is_dir($dir)) {
-		return unlink($dir);
-	}
-	
-	foreach(scandir($dir) as $item) {
-		if($item == '.' || $item == '..') {
-			continue;
-		}
-		
-		if(!deleteDirectory($dir . DIRECTORY_SEPARATOR . $item)) {
-			return false;
-		}
-	}
-	
-	return rmdir($dir);
-}
-
 echo $twig->render('admin.plugins.form.html.twig');
 
 if(isset($_REQUEST['uninstall'])){
 	$uninstall = $_REQUEST['uninstall'];
 	
-	$filename = BASE . 'plugins/' . $uninstall . '.json';
-	if(!file_exists($filename)) {
-		error('Plugin ' . $uninstall . ' does not exist.');
+	if(Plugins::uninstall($uninstall)) {
+		success('Successfully uninstalled plugin ' . $uninstall);
 	}
 	else {
-		if(!isset($plugin_info['uninstall'])) {
-			error("Plugin doesn't have uninstall options defined. Skipping...");
-		}
-		else {
-			$string = file_get_contents($filename);
-			$plugin_info = json_decode($string, true);
-			if($plugin_info == false) {
-				error('Cannot load plugin info ' . $uninstall . '.json');
-			}
-			else {
-				$success = true;
-				foreach($plugin_info['uninstall'] as $file) {
-					$file = BASE . $file;
-					if(!deleteDirectory($file)) {
-						$success = false;
-					}
-				}
-				
-				if($success) {
-					if($cache->enabled()) {
-						$cache->delete('templates');
-					}
-					success('Successfully uninstalled plugin ' . $uninstall);
-				}
-				else {
-					error('Error while uninstalling plugin ' . $uninstall . ': ' . error_get_last());
-				}
-			}
-		}
+		error('Error while uninstalling plugin ' . $plugin_name . ': ' . Plugins::getError());
 	}
 }
 else if(isset($_FILES["plugin"]["name"]))

system/pages/admin/statistics.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/tools.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/version.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/admin/visitors.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bans.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/bugtracker.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -83,7 +82,7 @@ $showed = $post = $reply = false;
                     echo '</TABLE>';
                 }
                 if($bug[2]['status'] != 3)
-                    echo '<br><a href="index.php?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'&reply=true"><b>[REPLY]</b></a>';
+                    echo '<br><a href="?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'&reply=true"><b>[REPLY]</b></a>';
             }
             else
             {
@@ -112,7 +111,7 @@ $showed = $post = $reply = false;
                             $type = 2;
                             $INSERT = $db->query('INSERT INTO `' . TABLE_PREFIX . 'bugtracker` (`account`,`id`,`text`,`reply`,`type`, `who`) VALUES ('.$db->quote($_REQUEST['acc']).','.$db->quote($_REQUEST['id']).','.$db->quote($_POST['text']).','.$db->quote($reply).','.$db->quote($type).','.$db->quote(1).')');
                             $UPDATE = $db->query('UPDATE `' . TABLE_PREFIX . 'bugtracker` SET `status` = '.$_POST['status'].' where `account` = '.$_REQUEST['acc'].' and `id` = '.$_REQUEST['id'].'');
-                            header('Location: index.php?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'');
+                            header('Location: ?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'');
                         }
                     }
                     echo '<br><form method="post" action=""><table><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr><tr><td>Status[OPEN]</td><td><input type=radio name=status value=2></td></tr><tr><td>Status[CLOSED]</td><td><input type=radio name=status value=3></td></tr></table><br><input type="submit" name="finish" value="Submit" class="input2"/></form>';
@@ -138,7 +137,7 @@ $showed = $post = $reply = false;
                 elseif($report['status'] == 1)
                     $value = "<font color=blue>[NEW ANSWER]</font>";
                             
-                echo '<TR BGCOLOR="' . getStyle($i) . '"><td width=75%><a href="index.php?subtopic=bugtracker&control=true&id='.$report['id'].'&acc='.$report['account'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';            
+                echo '<TR BGCOLOR="' . getStyle($i) . '"><td width=75%><a href="?subtopic=bugtracker&control=true&id='.$report['id'].'&acc='.$report['account'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';
                         
                 $showed=true;
                 $i++;
@@ -202,7 +201,7 @@ $showed = $post = $reply = false;
                     echo '</TABLE>';
                 }
                 if($bug[2]['status'] != 3)
-                    echo '<br><a href="index.php?subtopic=bugtracker&id='.$id.'&reply=true"><b>[REPLY]</b></a>';
+                    echo '<br><a href="?subtopic=bugtracker&id='.$id.'&reply=true"><b>[REPLY]</b></a>';
             }
             else
             {
@@ -231,7 +230,7 @@ $showed = $post = $reply = false;
                             $type = 2;
                             $INSERT = $db->query('INSERT INTO `myaac_bugtracker` (`account`,`id`,`text`,`reply`,`type`) VALUES ('.$db->quote($acc).','.$db->quote($id).','.$db->quote($_POST['text']).','.$db->quote($reply).','.$db->quote($type).')');
                             $UPDATE = $db->query('UPDATE `myaac_bugtracker` SET `status` = 1 where `account` = '.$acc.' and `id` = '.$id.'');
-                            header('Location: index.php?subtopic=bugtracker&id='.$id.'');
+                            header('Location: ?subtopic=bugtracker&id='.$id.'');
                         }
                     }
                     echo '<br><form method="post" action=""><table><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr></table><br><input type="submit" name="finish" value="Submit" class="input2"/></form>';
@@ -275,7 +274,7 @@ $showed = $post = $reply = false;
                         $bgcolor = $light;
                     }
 
-                    echo '<TR BGCOLOR="'.$bgcolor.'"><td width=75%><a href="index.php?subtopic=bugtracker&id='.$report['id'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';            
+                    echo '<TR BGCOLOR="'.$bgcolor.'"><td width=75%><a href="?subtopic=bugtracker&id='.$report['id'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';
                     
                     $showed=true;
                 }
@@ -286,7 +285,7 @@ $showed = $post = $reply = false;
                 }
                 echo '</TABLE>';
                 
-                echo '<br><a href="index.php?subtopic=bugtracker&add=true"><b>[ADD REPORT]</b></a>';
+                echo '<br><a href="?subtopic=bugtracker&add=true"><b>[ADD REPORT]</b></a>';
             }
             elseif(isset($_REQUEST['add']) && $_REQUEST['add'] == TRUE)
             {
@@ -320,7 +319,7 @@ $showed = $post = $reply = false;
                         $type = 1;
                         $status = 1;
                         $INSERT = $db->query('INSERT INTO `' . TABLE_PREFIX . 'bugtracker` (`account`,`id`,`text`,`type`,`subject`, `reply`,`status`,`tag`) VALUES ('.$db->quote($acc).','.$db->quote($id_next).','.$db->quote($_POST['text']).','.$db->quote($type).','.$db->quote($_POST['subject']).', 0,'.$db->quote($status).','.$db->quote($_POST['tags']).')');
-                        header('Location: index.php?subtopic=bugtracker&id='.$id_next.'');
+                        header('Location: ?subtopic=bugtracker&id='.$id_next.'');
                     }
                         
                 }
@@ -338,6 +337,6 @@ $showed = $post = $reply = false;
     
     if(admin() and empty($_REQUEST['control']))
     {
-        echo '<br><br><a href="index.php?subtopic=bugtracker&control=true">[ADMIN PANEL]</a>';
+        echo '<br><br><a href="?subtopic=bugtracker&control=true">[ADMIN PANEL]</a>';
     }
 ?> 

system/pages/changelog.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -15,6 +14,7 @@ $_page = isset($_GET['page']) ? $_GET['page'] : 0;
 $id = isset($_GET['id']) ? $_GET['id'] : 0;
 $limit = 30;
 $offset = $_page * $limit;
+$next_page = false;
 ?>
 
 <br/>

system/pages/characters.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/commands.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/createaccount.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -161,7 +160,7 @@ if($save)
 			$hash = md5(generateRandomString(16, true, true) . $email);
 			$new_account->setCustomField('email_hash', $hash);
 
-			$verify_url = BASE_URL . '?p=account&action=confirm_email&v=' . $hash;
+			$verify_url = getLink('account/confirm_email/' . $hash);
 			$server_name = $config['lua']['serverName'];
 			
 			$body_plain = $twig->render('mail.account.verify.plain.html.twig', array(
@@ -182,7 +181,8 @@ if($save)
 			}
 			else
 			{
-				echo '<br /><p class="error">An error occorred while sending email! Account not created. Try again. Error:<br/>' . $mailer->ErrorInfo . '</p>';
+				error('An error occorred while sending email! Account not created. Try again. Error:<br/>' . $mailer->ErrorInfo . '<br/>More info in system/logs/error.log');
+				log_append('error.log', '[createaccount.php] An error occorred while sending email: ' . $mailer->ErrorInfo . '. Error: ' . print_r(error_get_last(), true));
 				$new_account->delete();
 			}
 		}
@@ -201,7 +201,8 @@ if($save)
 				if(_mail($email, 'Your account on ' . $config['lua']['serverName'], $mailBody))
 					echo '<br /><small>These informations were send on email address <b>' . $email . '</b>.';
 				else
-					echo '<br /><p class="error">An error occorred while sending email (<b>' . $email . '</b>)! Error:<br/>' . $mailer->ErrorInfo . '</p>';
+					error('An error occorred while sending email (<b>' . $email . '</b>)! Error:<br/>' . $mailer->ErrorInfo . '<br/>More info in system/logs/error.log');
+					log_append('error.log', '[createaccount.php] An error occorred while sending email: ' . $mailer->ErrorInfo . '. Error: ' . print_r(error_get_last(), true));
 			}
 		}
 

system/pages/creatures.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -38,7 +37,7 @@ if(isset($_POST['reload_monsters']) && $canEdit)
 if($canEdit)
 {
 ?>
-	<form method="post" action="index.php?subtopic=creatures">
+	<form method="post" action="<?php echo getLink('creatures'); ?>">
 		<input type="hidden" name="reload_monsters" value="yes"/>
 		<input type="submit" value="(admin) Reload monsters"/>
 	</form>

system/pages/downloads.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 $title = 'Downloads';

system/pages/experiencestages.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/experiencetable.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/faq.php

@@ -5,7 +5,6 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
@@ -27,6 +26,8 @@ if(strtolower($config['forum']) != 'site')
 if(!$logged)
 	echo  'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
 
+require_once(LIBS . 'forum.php');
+
 $canEdit = hasFlag(FLAG_CONTENT_FORUM) || superAdmin();
 if($canEdit)
 {
@@ -184,267 +185,13 @@ if(!$logged)
 	return;
 }
 
-if(file_exists(PAGES . 'forum/' . $action . '.php')) {
+if(!ctype_alnum(str_replace(array('-', '_'), '', $action))) {
+	error('Error: Action contains illegal characters.');
+}
+else if(file_exists(PAGES . 'forum/' . $action . '.php')) {
 	require(PAGES . 'forum/' . $action . '.php');
 }
-
-class Forum
-{
-	static public function canPost($account)
-	{
-		global $db, $config;
-
-		if(!$account->isLoaded() || $account->isBanned())
-			return false;
-
-		if(self::isModerator())
-			return true;
-
-		return
-			$db->query(
-				'SELECT `id` FROM `players` WHERE `account_id` = ' . $db->quote($account->getId()) .
-				' AND `level` >= ' . $db->quote($config['forum_level_required']) .
-				' LIMIT 1')->rowCount() > 0;
-	}
-
-	static public function isModerator() {
-		return hasFlag(FLAG_CONTENT_FORUM) || admin();
-	}
-	
-	static public function add_post($thread_id, $section, $author_aid, $author_guid, $post_text, $post_topic, $smile)
-	{
-		global $db;
-		$db->insert(TABLE_PREFIX . 'forum', array(
-			'first_post' => $thread_id,
-			'section' => $section,
-			'author_aid' => $author_aid,
-			'author_guid' => $author_guid,
-			'post_text' => $post_text,
-			'post_topic' => $post_topic,
-			'post_smile' => $smile,
-			'post_date' => time(),
-			'post_ip' => $_SERVER['REMOTE_ADDR']
- 		));
-	}
-	static public function add_board($name, $description, $access, $guild, &$errors)
-	{
-		global $db;
-		if(isset($name[0]) && isset($description[0]))
-		{
-			$query = $db->select(TABLE_PREFIX . 'forum_boards', array('name' => $name));
-			
-			if($query === false)
-			{
-				$query =
-					$db->query(
-						'SELECT ' . $db->fieldName('ordering') .
-						' FROM ' . $db->tableName(TABLE_PREFIX . 'forum_boards') .
-						' ORDER BY ' . $db->fieldName('ordering') . ' DESC LIMIT 1'
-					);
-				
-				$ordering = 0;
-				if($query->rowCount() > 0) {
-					$query = $query->fetch();
-					$ordering = $query['ordering'] + 1;
-				}
-				$db->insert(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'access' => $access, 'guild' => $guild, 'ordering' => $ordering));
-			}
-			else
-				$errors[] = 'Forum board with this name already exists.';
-		}
-		else
-			$errors[] = 'Please fill all inputs.';
-		
-		return !count($errors);
-	}
-	
-	static public function get_board($id) {
-		global $db;
-		return $db->select(TABLE_PREFIX . 'forum_boards', array('id' => $id));
-	}
-	
-	static public function update_board($id, $name, $access, $guild, $description) {
-		global $db;
-		$db->update(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'access' => $access, 'guild' => $guild), array('id' => $id));
-	}
-	
-	static public function delete_board($id, &$errors)
-	{
-		global $db;
-		if(isset($id))
-		{
-			if(self::get_board($id) !== false)
-				$db->delete(TABLE_PREFIX . 'forum_boards', array('id' => $id));
-			else
-				$errors[] = 'Forum board with id ' . $id . ' does not exists.';
-		}
-		else
-			$errors[] = 'id not set';
-		
-		return !count($errors);
-	}
-	
-	static public function toggleHidden_board($id, &$errors)
-	{
-		global $db;
-		if(isset($id))
-		{
-			$query = self::get_board($id);
-			if($query !== false)
-				$db->update(TABLE_PREFIX . 'forum_boards', array('hidden' => ($query['hidden'] == 1 ? 0 : 1)), array('id' => $id));
-			else
-				$errors[] = 'Forum board with id ' . $id . ' does not exists.';
-		}
-		else
-			$errors[] = 'id not set';
-		
-		return !count($errors);
-	}
-	
-	static public function move_board($id, $i, &$errors)
-	{
-		global $db;
-		$query = self::get_board($id);
-		if($query !== false)
-		{
-			$ordering = $query['ordering'] + $i;
-			$old_record = $db->select(TABLE_PREFIX . 'forum_boards', array('ordering' => $ordering));
-			if($old_record !== false)
-				$db->update(TABLE_PREFIX . 'forum_boards', array('ordering' => $query['ordering']), array('ordering' => $ordering));
-			
-			$db->update(TABLE_PREFIX . 'forum_boards', array('ordering' => $ordering), array('id' => $id));
-		}
-		else
-			$errors[] = 'Forum board with id ' . $id . ' does not exists.';
-		
-		return !count($errors);
-	}
-	
-	public static function parseSmiles($text)
-	{
-		$smileys = array(
-			';D' => 1,
-			':D' => 1,
-			':cool:' => 2,
-			';cool;' => 2,
-			':ekk:' => 3,
-			';ekk;' => 3,
-			';o' => 4,
-			';O' => 4,
-			':o' => 4,
-			':O' => 4,
-			':(' => 5,
-			';(' => 5,
-			':mad:' => 6,
-			';mad;' => 6,
-			';rolleyes;' => 7,
-			':rolleyes:' => 7,
-			':)' => 8,
-			';d' => 9,
-			':d' => 9,
-			';)' => 10
-		);
-		
-		foreach($smileys as $search => $replace)
-			$text = str_replace($search, '<img src="images/forum/smile/'.$replace.'.gif" alt="'. $search .'" title="' . $search . '" />', $text);
-		
-		return $text;
-	}
-	
-	public static function parseBBCode($text, $smiles)
-	{
-		$rows = 0;
-		while(stripos($text, '[code]') !== false && stripos($text, '[/code]') !== false )
-		{
-			$code = substr($text, stripos($text, '[code]')+6, stripos($text, '[/code]') - stripos($text, '[code]') - 6);
-			if(!is_int($rows / 2)) { $bgcolor = 'ABED25'; } else { $bgcolor = '23ED25'; } $rows++;
-			$text = str_ireplace('[code]'.$code.'[/code]', '<i>Code:</i><br /><table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #CCCCCC; border-width: 2px"><tr><td>'.$code.'</td></tr></table>', $text);
-		}
-		$rows = 0;
-		while(stripos($text, '[quote]') !== false && stripos($text, '[/quote]') !== false )
-		{
-			$quote = substr($text, stripos($text, '[quote]')+7, stripos($text, '[/quote]') - stripos($text, '[quote]') - 7);
-			if(!is_int($rows / 2)) { $bgcolor = 'AAAAAA'; } else { $bgcolor = 'CCCCCC'; } $rows++;
-			$text = str_ireplace('[quote]'.$quote.'[/quote]', '<table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #007900; border-width: 2px"><tr><td>'.$quote.'</td></tr></table>', $text);
-		}
-		$rows = 0;
-		while(stripos($text, '[url]') !== false && stripos($text, '[/url]') !== false )
-		{
-			$url = substr($text, stripos($text, '[url]')+5, stripos($text, '[/url]') - stripos($text, '[url]') - 5);
-			$text = str_ireplace('[url]'.$url.'[/url]', '<a href="'.$url.'" target="_blank">'.$url.'</a>', $text);
-		}
-		
-		$xhtml = false;
-		$tags = array(
-			'#\[b\](.*?)\[/b\]#si' => ($xhtml ? '<strong>\\1</strong>' : '<b>\\1</b>'),
-			'#\[i\](.*?)\[/i\]#si' => ($xhtml ? '<em>\\1</em>' : '<i>\\1</i>'),
-			'#\[u\](.*?)\[/u\]#si' => ($xhtml ? '<span style="text-decoration: underline;">\\1</span>' : '<u>\\1</u>'),
-			'#\[s\](.*?)\[/s\]#si' => ($xhtml ? '<strike>\\1</strike>' : '<s>\\1</s>'),
-			
-			'#\[guild\](.*?)\[/guild\]#si' => urldecode(generateLink(getGuildLink('$1', false), '$1', true)),
-			'#\[house\](.*?)\[/house\]#si' => urldecode(generateLink(getHouseLink('$1', false), '$1', true)),
-			'#\[player\](.*?)\[/player\]#si' => urldecode(generateLink(getPlayerLink('$1', false), '$1', true)),
-			// TODO: [poll] tag
-			
-			'#\[color=(.*?)\](.*?)\[/color\]#si' => ($xhtml ? '<span style="color: \\1;">\\2</span>' : '<font color="\\1">\\2</font>'),
-			'#\[img\](.*?)\[/img\]#si' => ($xhtml ? '<img src="\\1" border="0" alt="" />' : '<img src="\\1" border="0" alt="">'),
-			'#\[url=(.*?)\](.*?)\[/url\]#si' => '<a href="\\1" title="\\2">\\2</a>',
-//		'#\[email\](.*?)\[/email\]#si' => '<a href="mailto:\\1" title="Email \\1">\\1</a>',
-			'#\[code\](.*?)\[/code\]#si' => '<code>\\1</code>',
-//		'#\[align=(.*?)\](.*?)\[/align\]#si' => ($xhtml ? '<div style="text-align: \\1;">\\2</div>' : '<div align="\\1">\\2</div>'),
-//		'#\[br\]#si' => ($xhtml ? '<br style="clear: both;" />' : '<br>'),
-		);
-		
-		foreach($tags as $search => $replace)
-			$text = preg_replace($search, $replace, $text);
-		
-		return ($smiles == 0 ? Forum::parseSmiles($text) : $text);
-	}
-	
-	public static function showPost($topic, $text, $smiles)
-	{
-		$text = nl2br($text);
-		$post = '';
-		if(!empty($topic))
-			$post .= '<b>'.($smiles == 0 ? self::parseSmiles($topic) : $topic).'</b><hr />';
-		$post .= self::parseBBCode($text, $smiles);
-		return $post;
-	}
-	
-	public static function hasAccess($board_id) {
-		global $sections, $logged, $account_logged, $logged_access;
-		if(!isset($sections[$board_id]))
-			return false;
-		
-		$hasAccess = true;
-		$section = $sections[$board_id];
-		if($section['guild'] > 0) {
-			if($logged) {
-				$guild = new OTS_Guild();
-				$guild->load($section['guild']);
-				$status = false;
-				if($guild->isLoaded()) {
-					$account_players = $account_logged->getPlayers();
-					foreach ($account_players as $player) {
-						if($guild->hasMember($player)) {
-							$status = true;
-						}
-					}
-				}
-				
-				if (!$status) $hasAccess = false;
-			}
-			else {
-				$hasAccess = false;
-			}
-		}
-		
-		if($section['access'] > 0) {
-			if($logged_access < $section['access']) {
-				$hasAccess = false;
-			}
-		}
-		
-		return $hasAccess;
-	}
+else {
+	error('This page does not exists.');
 }
+?>

system/pages/forum/edit_post.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum/move_thread.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum/new_post.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum/new_thread.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');

system/pages/forum/remove_post.php

@@ -6,7 +6,6 @@
  * @author    Gesior <jerzyskalski@wp.pl>
  * @author    Slawkens <slawkens@gmail.com>
  * @copyright 2017 MyAAC
- * @version   0.6.2
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');