* update to 0.7.4

* update TODO

CHANGELOG

@@ -1,343 +1,374 @@
+[0.7.4 - 24.12.2017]
+	* fixed mysql fatal error on tibiacom template - top 5 box
+	* fixed displaying of level percent bar on tibian signature
+	* inform user about Twig cache failure on installation, instead of http 500 error
+	* when dir system/cache is not writable by the webserver, then show some nice notice to the user about it instead of http 500 error
+	* remember client version select and usage stats checkbox in session on install
+	* automatically update highscores_ids_hidden for users who installed myaac before (migration)
+
+[0.7.3 - 18.12.2017]
+	* auto generate myaac cache & session prefix on install to be unique across installations
+	* fixed hiding shop system menu on tibiacom template when disabled in config
+	* prevent adding duplicated newses with installation
+	* some changes to sample characters: chanced town_id to 1, posx: 1000, posy: 1000, posz: 1000 and default group_id to 1 so you can change in-game outfits and they will be used
+	* added version 772 constant to install client choose (OTHire)
+	* better solution for hidding samples (configurable) - highscores_ids_hidden
+	* fixed account.login redirect not working on tibiacom template
+	* installation: warn about wrong admin account name/id and password
+	* fixed last menu closing in tibiacom template
+	* updated polish locale (translation) on install 
+	* (internal) removed some duplicated code on install finish
+	* (internal) renamed installation step files to be in correct order
+	* added TODO file
+
+[0.7.1 - 13.12.2017]
+	* added changelog menu item to kathrine template
+	* fixed some php short tag in changelogs page
+	* fixed guild change description back button
+	* removed duplicated "Support List" menu item from tibiacom template
+	* changed some notice when version check is failed
+	* (internal) moved changelog to twig
+
 [0.7.0 - 20.11.2017]
-	- moved template menus to database, they're now dynamically loaded
-	- added anonymous usage statistics reporting (only if user agrees, first usage report will be send after 7 days)
-	- you can edit them in Admin Panel under 'Menus' option
-	- you can also add custom links, like http://google.pl
-	- added networks (facebook and twitter) and highscores (top 5) boxes to tibiacom template, configurable in templates/tibiacom/config.php
-	- added news ticker for kathrine template
-	- added featured article to tibiacom template (you can add them with add news button)
-	- added tinymce editor to 'Pages' in admin panel
-	- added links to edit/delete/hide custom page directly from page
-	- update forum post after editing news (when forum post has been created)
-	- enabled code plugin for tinymce which enabled raw html code editing
-	- removed videos pages, as it can be easily added using custom Menus and Pages with insert Media
-	- removed bug_report configurable, its now enabled by default
-	- log some error info when mail cannot be send on account create
-	- twig getLink function will now return with full url (BASE_URL included)
-	- verify install post values directly on config page and display error
-	- updated tinymce to version 4.7.2 (from 4.7.0)
-	- updated phpmailer to version 5.2.26 (from 5.2.23)
-	- (#30) (fix) recovering account on servers that doesn't support salts
-	- (fix) account email confirm function
-	- (fix) showing changelog with urls in Admin Panel
-	- (fix) uninstalling plugin
-	- (fix) polls box in tibiacom template
-	- (fix) remove hooks from db on plugin deinstall
-	- (fix) some weird include possibilities with forum and account actions (verify action name)
-	- (fix) loading hooks from plugin installed from command line
-	- (fix) some changelog PHP Notice warning
-	- (internal) moved uninstall logic to Plugins class
-	- (internal) moved tibiacom boxes to separate directory
-	- (internal) moved news tickers to twig template
-	- (internal) moved Forum class to separate file
-	- (internal) moved deprecated functions to compat.php
-	- (internal) added some compat functions that are used by shop system
-	- (internal) renamed constant TICKET -> TICKER
-	- (internal) shortened message functions
+	* moved template menus to database, they're now dynamically loaded
+	* added anonymous usage statistics reporting (only if user agrees, first usage report will be send after 7 days)
+	* you can edit them in Admin Panel under 'Menus' option
+	* you can also add custom links, like http://google.pl
+	* added networks (facebook and twitter) and highscores (top 5) boxes to tibiacom template, configurable in templates/tibiacom/config.php
+	* added news ticker for kathrine template
+	* added featured article to tibiacom template (you can add them with add news button)
+	* added tinymce editor to 'Pages' in admin panel
+	* added links to edit/delete/hide custom page directly from page
+	* update forum post after editing news (when forum post has been created)
+	* enabled code plugin for tinymce which enabled raw html code editing
+	* removed videos pages, as it can be easily added using custom Menus and Pages with insert Media
+	* removed bug_report configurable, its now enabled by default
+	* log some error info when mail cannot be send on account create
+	* twig getLink function will now return with full url (BASE_URL included)
+	* verify install post values directly on config page and display error
+	* updated tinymce to version 4.7.2 (from 4.7.0)
+	* updated phpmailer to version 5.2.26 (from 5.2.23)
+	* (#30) (fix) recovering account on servers that doesn't support salts
+	* (fix) account email confirm function
+	* (fix) showing changelog with urls in Admin Panel
+	* (fix) uninstalling plugin
+	* (fix) polls box in tibiacom template
+	* (fix) remove hooks from db on plugin deinstall
+	* (fix) some weird include possibilities with forum and account actions (verify action name)
+	* (fix) loading hooks from plugin installed from command line
+	* (fix) some changelog PHP Notice warning
+	* (internal) moved uninstall logic to Plugins class
+	* (internal) moved tibiacom boxes to separate directory
+	* (internal) moved news tickers to twig template
+	* (internal) moved Forum class to separate file
+	* (internal) moved deprecated functions to compat.php
+	* (internal) added some compat functions that are used by shop system
+	* (internal) renamed constant TICKET -> TICKER
+	* (internal) shortened message functions
 	
 [0.6.6 - 22.10.2017]
-	- fixed some php fatal error on spells page
-	- changed spells.vocations field in db size to 300
-	- please reload your spells after this update!
+	* fixed some php fatal error on spells page
+	* changed spells.vocations field in db size to 300
+	* please reload your spells after this update!
 
 [0.6.5 - 21.10.2017]
-	- fixed displaying custom pages
-	- fixed adding new group forum board
+	* fixed displaying custom pages
+	* fixed adding new group forum board
 	
 [0.6.4 - 20.10.2017]
-	- reverted OTS_Account::getLastLogin() cause its used by tibia11-login plugin
+	* reverted OTS_Account::getLastLogin() cause its used by tibia11-login plugin
 	
 [0.6.3 - 20.10.2017]
-	- fixed creating account
-	- fixed viewing thread without being logged 
-	- fixed showing premium account status
+	* fixed creating account
+	* fixed viewing thread without being logged 
+	* fixed showing premium account status
 	
 [0.6.2 - 20.10.2017]
-	- added forums for guilds and groups
-	- added nice looking menu for my account page in default template
-	- new command line tool: install_plugin.php - can be used to install plugins from command line. Usage: "php install_plugin.php path_to_file"
-	- added new tooltip to view characters equipment item name and monster loot
-	- added items.xml loader class and weapons.xml loader class
-	- minimum PHP version to install AAC is now 5.3.0 cause of Anonymous functions used by Twig
-	- Added 'Are you sure?' popup when uninstalling plugin
-	- added some warnings when plugin json file is incomplete
-	- fixed showing in characters ban expires when is unlimited
-	- fixed displaying monster loot when item.name in loot is used instead of item.id
-	- load also runes into spells table
-	- display plugin uninstall option only if its possible
-	- after changing template you will be redirected to latest viewed page
-	- display gallery add image form only on main gallery page
-	- (internal) moved most of guilds html-in-php code to twig
-	- (internal) moved spells page to twig template
-	- (internal) removed useless spells.spell column that was duplicate of spells.words
-	- (internal) save monster loot in database in json format instead loading it every time from xml file
-	- (internal) store monster voices and immunities in json format
-	- (internal) moved buttons to separate template
-	- (internal) moved online search form to twig
-	- (internal) added new function getItemNameById($id)
-	- (internal) Moved plugin install logic to a new class: Plugins
-	- (internal) changed spells.vocations database field to store json data instead of comma separated
-	- (internal) removed $hook_types array, using defined() and constant() functions now
-	- (internal) removed useless monsters.gfx_name field from database
-	- (internal) renamed database field monsters.hide_creature to hidden
-	- (internal) renamed existing Items class to Items_Images
-	- (internal) optimized Spells class
-	- (internal) new function: OTS_Guild::hasMember(OTS_Player $player)
-	- (internal) new function: Forum::hasAccess($board_id)
+	* added forums for guilds and groups
+	* added nice looking menu for my account page in default template
+	* new command line tool: install_plugin.php - can be used to install plugins from command line. Usage: "php install_plugin.php path_to_file"
+	* added new tooltip to view characters equipment item name and monster loot
+	* added items.xml loader class and weapons.xml loader class
+	* minimum PHP version to install AAC is now 5.3.0 cause of Anonymous functions used by Twig
+	* Added 'Are you sure?' popup when uninstalling plugin
+	* added some warnings when plugin json file is incomplete
+	* fixed showing in characters ban expires when is unlimited
+	* fixed displaying monster loot when item.name in loot is used instead of item.id
+	* load also runes into spells table
+	* display plugin uninstall option only if its possible
+	* after changing template you will be redirected to latest viewed page
+	* display gallery add image form only on main gallery page
+	* (internal) moved most of guilds html-in-php code to twig
+	* (internal) moved spells page to twig template
+	* (internal) removed useless spells.spell column that was duplicate of spells.words
+	* (internal) save monster loot in database in json format instead loading it every time from xml file
+	* (internal) store monster voices and immunities in json format
+	* (internal) moved buttons to separate template
+	* (internal) moved online search form to twig
+	* (internal) added new function getItemNameById($id)
+	* (internal) Moved plugin install logic to a new class: Plugins
+	* (internal) changed spells.vocations database field to store json data instead of comma separated
+	* (internal) removed $hook_types array, using defined() and constant() functions now
+	* (internal) removed useless monsters.gfx_name field from database
+	* (internal) renamed database field monsters.hide_creature to hidden
+	* (internal) renamed existing Items class to Items_Images
+	* (internal) optimized Spells class
+	* (internal) new function: OTS_Guild::hasMember(OTS_Player $player)
+	* (internal) new function: Forum::hasAccess($board_id)
 	
 [0.6.1 - 17.10.2017]
-	- fixed signatures loading
-	- new configurable: session_prefix, to allow more websites on one machine (must be unique for every website on your dedicated server!)
-	- better error handling for monsters and spells loader (save errors to system/logs/error.log)
-	- check if file exist before loading (monsters and spells)
-	- (internal) Account::getAccess() = Account::getGroupId()
-	- (internal) moved account actions (pages) to account/ directory
-	- (internal) moved forum actions (pages) to forum/ directory
-	- (internal) moved forum.edit_post to twig templates
+	* fixed signatures loading
+	* new configurable: session_prefix, to allow more websites on one machine (must be unique for every website on your dedicated server!)
+	* better error handling for monsters and spells loader (save errors to system/logs/error.log)
+	* check if file exist before loading (monsters and spells)
+	* (internal) Account::getAccess() = Account::getGroupId()
+	* (internal) moved account actions (pages) to account/ directory
+	* (internal) moved forum actions (pages) to forum/ directory
+	* (internal) moved forum.edit_post to twig templates
 
 [0.6.0 - 16.10.2017]
-	- added faq management - add/edit/move/hide/delete from website
-	- new account.login view for tibiacom template
-	- monsters and spells are now being loaded at the installation of the AAC
-	- fix for php versions under 5.5 where empty() function supported only variables
-	- added missing change email and change info buttons to account.management default template
-	- added new indicator icons for create account, create character and change character name
-	- fixed config loader when some inline comments are present
-	- fixed editing page in admin panel that contains some html code
-	- fixed forum new post on mac os and some specific mysql versions
-	- attempt to fix incorrect views counter behavior (its resetting to 0 in some cases)
-	- enabled cache http headers for signatures
-	- check if monster file exist before loading it
-	- fixed if plugin zip file name contains dot (.)
-	- renamed screenshots to gallery and movies to videos
-	- moved install pages to twig
-	- fixed Account::getGuildAccess function
-	- removed never used library from sources - dwoo
-	- moved check_* functions to class Validator
-	- from now all validators ajax requests will fire onblur instead of onkeyup
-	- ajax requests returns now json instead of xml
-	- added 404 response when file is not found
+	* added faq management - add/edit/move/hide/delete from website
+	* new account.login view for tibiacom template
+	* monsters and spells are now being loaded at the installation of the AAC
+	* fix for php versions under 5.5 where empty() function supported only variables
+	* added missing change email and change info buttons to account.management default template
+	* added new indicator icons for create account, create character and change character name
+	* fixed config loader when some inline comments are present
+	* fixed editing page in admin panel that contains some html code
+	* fixed forum new post on mac os and some specific mysql versions
+	* attempt to fix incorrect views counter behavior (its resetting to 0 in some cases)
+	* enabled cache http headers for signatures
+	* check if monster file exist before loading it
+	* fixed if plugin zip file name contains dot (.)
+	* renamed screenshots to gallery and movies to videos
+	* moved install pages to twig
+	* fixed Account::getGuildAccess function
+	* removed never used library from sources - dwoo
+	* moved check_* functions to class Validator
+	* from now all validators ajax requests will fire onblur instead of onkeyup
+	* ajax requests returns now json instead of xml
+	* added 404 response when file is not found
 
 [0.5.1 - 11.10.2017]
-	- fixed forum add/edit board
-	- new configurable: highscores_length, how much highscores to display
-	- fixed highscores links (ALL, previous and next page)
-	- update templates cache when installing/uninstalling plugin
-	- moved character deaths and frags table generation to twig
-	- fixed some bug when you uninstall plugin and then try to install again on the same page
-	- check if plugin exist before uninstalling
-	- fixed some warning in OTS_Base_DB
+	* fixed forum add/edit board
+	* new configurable: highscores_length, how much highscores to display
+	* fixed highscores links (ALL, previous and next page)
+	* update templates cache when installing/uninstalling plugin
+	* moved character deaths and frags table generation to twig
+	* fixed some bug when you uninstall plugin and then try to install again on the same page
+	* check if plugin exist before uninstalling
+	* fixed some warning in OTS_Base_DB
 
 [0.5.0 - 10.10.2017]
-	- moved .htaccess rules to plain php (index.php)
-	- updated tinymce to the latest (4.7.0) version, you can now embed code, for example youtube videos
-	- added option to uninstall plugin
-	- added option to require specified myaac, php or database version for plugins, without that plugin won't be installed
-	- change accountmanagement links to use friendly_urls
-	- fixed creating new forum thread
-	- sample characters are now assigned to admin account and have group_id 4 to not be shown on highscores
-	- added links loaded from database to admin panel - for future plugins
-	- print some info to error.log when can't find config.lua
-	- some fixes in account changecomment action
-	- show info when account name/number or password is empty on login
-	- fixed showing account login errors
-	- added few characters hooks
-	- fixed some kathrine template js bug when shop is disabled
-	- you can now use slash '/' in custom pages loaded from database
-	- added new twig function getLink that convert link taking into account config.friendly_urls
-	- internalLayoutLink -> getLink
+	* moved .htaccess rules to plain php (index.php)
+	* updated tinymce to the latest (4.7.0) version, you can now embed code, for example youtube videos
+	* added option to uninstall plugin
+	* added option to require specified myaac, php or database version for plugins, without that plugin won't be installed
+	* change accountmanagement links to use friendly_urls
+	* fixed creating new forum thread
+	* sample characters are now assigned to admin account and have group_id 4 to not be shown on highscores
+	* added links loaded from database to admin panel - for future plugins
+	* print some info to error.log when can't find config.lua
+	* some fixes in account changecomment action
+	* show info when account name/number or password is empty on login
+	* fixed showing account login errors
+	* added few characters hooks
+	* fixed some kathrine template js bug when shop is disabled
+	* you can now use slash '/' in custom pages loaded from database
+	* added new twig function getLink that convert link taking into account config.friendly_urls
+	* internalLayoutLink -> getLink
 
 [0.4.3 - 05.10.2017]
-	- better config loader taken from latest gesior, you can now include files in your config by doing dofile('config.local.lua')
-	- fixed country detection in create account
-	- fixed showing of character deaths and frags
-	- fixed https://otland.net/threads/myaac-v0-0-1.251454/page-13#post-2466303
-	- fixed https://otland.net/threads/myaac-v0-0-1.251454/page-13#post-2466313
-	- fixed rook sample, which will now have level 1, 150 health, 0 mana, and 400 cap.
-	- fixed samples being deleted by tfs 1.0+ cause of 'deletion' field set to 1
-	- pages loaded from database have higher priority than normal .php pages, so they will be loaded first if they exist
-	- moved many pages to twig templates
-	- change download client links from clients.halfaway.net to tibia-clients.com
-	- added bugtracker to kathrine template
-	- added CREDITS file
+	* better config loader taken from latest gesior, you can now include files in your config by doing dofile('config.local.lua')
+	* fixed country detection in create account
+	* fixed showing of character deaths and frags
+	* fixed https://otland.net/threads/myaac-v0-0-1.251454/page-13#post-2466303
+	* fixed https://otland.net/threads/myaac-v0-0-1.251454/page-13#post-2466313
+	* fixed rook sample, which will now have level 1, 150 health, 0 mana, and 400 cap.
+	* fixed samples being deleted by tfs 1.0+ cause of 'deletion' field set to 1
+	* pages loaded from database have higher priority than normal .php pages, so they will be loaded first if they exist
+	* moved many pages to twig templates
+	* change download client links from clients.halfaway.net to tibia-clients.com
+	* added bugtracker to kathrine template
+	* added CREDITS file
 
 [0.4.2 - 14.09.2017]
-	- updated version number
+	* updated version number
 
 [0.4.1 - 13.09.2017]
-	- fixed log in to admin panel
-	- fixed File is not .zip plugin upload error
+	* fixed log in to admin panel
+	* fixed File is not .zip plugin upload error
 
 [0.4.0 - 13.09.2017
-	- added option to add/edit/delete/hide/move forum boards
-	- moved some of HTML-in-PHP code to Twig templates
-	- added bug_report configurable which can enable/disable bug tracker
-	- log errors instead of showing them to users with system directories
-	- fix when $_SERVER['HTTP_ACCEPT_ENCODING'] is not set
-	- when it fails to load config.lua it will output error also to error.log
-	- automatically detect json file in .zip instead of basing on filename (admin panel - plugins)
-	- hopefully fixed the error with "The file you are trying to upload is not a .zip file. Please try again."
-	- fixed wrong name of table in bugtracker
-	- fixed some bugs in bugtracker
-	- added report bug link in templates
-	- fixed some rare error when user is logged in for longer than 15 minutes and tries to login again
-	- fixed some grammar errors
-	- some small improvements
-	- fixed some separators in kathrine template
+	* added option to add/edit/delete/hide/move forum boards
+	* moved some of HTML-in-PHP code to Twig templates
+	* added bug_report configurable which can enable/disable bug tracker
+	* log errors instead of showing them to users with system directories
+	* fix when $_SERVER['HTTP_ACCEPT_ENCODING'] is not set
+	* when it fails to load config.lua it will output error also to error.log
+	* automatically detect json file in .zip instead of basing on filename (admin panel - plugins)
+	* hopefully fixed the error with "The file you are trying to upload is not a .zip file. Please try again."
+	* fixed wrong name of table in bugtracker
+	* fixed some bugs in bugtracker
+	* added report bug link in templates
+	* fixed some rare error when user is logged in for longer than 15 minutes and tries to login again
+	* fixed some grammar errors
+	* some small improvements
+	* fixed some separators in kathrine template
 
 [0.3.0 - 28.08.2017]
-	- added administration panel for screenshots management with auto thumbnail generator and image auto-resizing
-	- added Twig template engine and moved some html-in-php code to it
-	- automatically detect player country based on user location (IP) on create account
-	- player sex (gender) is now configurable at $config['genders']
-	- fixed recovering account and changing password when salt is enabled
-	- fixed installing samples when for example Rook Sample already exist and other samples not
-	- fixed some mysql error when character you trying to create already exist
-	- fixed some warning when you select nonexistent country
-	- password change minimal/maximal length notice is now more precise
-	- added 'enabled' field in myaac_hooks table, which can enable or disable specified hook
-	- removed DEFAULT '' for TEXT field. It didn't worked under some systems like MAC OS X.
-	- minimum PHP version to install the MyAAC is now 5.2.0 cause of pathinfo (extension) function
-	- removed unused admin stylish template
-	- removed some unused cities field from myaac_spells table
-	- moved news adding at installation from schema.sql to finish.php
-	- some optimizations
+	* added administration panel for screenshots management with auto thumbnail generator and image auto-resizing
+	* added Twig template engine and moved some html-in-php code to it
+	* automatically detect player country based on user location (IP) on create account
+	* player sex (gender) is now configurable at $config['genders']
+	* fixed recovering account and changing password when salt is enabled
+	* fixed installing samples when for example Rook Sample already exist and other samples not
+	* fixed some mysql error when character you trying to create already exist
+	* fixed some warning when you select nonexistent country
+	* password change minimal/maximal length notice is now more precise
+	* added 'enabled' field in myaac_hooks table, which can enable or disable specified hook
+	* removed DEFAULT '' for TEXT field. It didn't worked under some systems like MAC OS X.
+	* minimum PHP version to install the MyAAC is now 5.2.0 cause of pathinfo (extension) function
+	* removed unused admin stylish template
+	* removed some unused cities field from myaac_spells table
+	* moved news adding at installation from schema.sql to finish.php
+	* some optimizations
 
 [0.2.4 - 09.06.2017]
-	- fixed invite to guild
-	- added id field on monsters, so you can delete them in phpmyadmin
-	- fixed adding some creatures with ' and "
-	- fixed when there are spaces at beginning of the file (creatures)
-	- fixed when file is unable to parse (creatures)
-	- fixed typo loss_items => loss_containers
-	- more elegant way of showing message on reload creatures and spells
+	* fixed invite to guild
+	* added id field on monsters, so you can delete them in phpmyadmin
+	* fixed adding some creatures with ' and "
+	* fixed when there are spaces at beginning of the file (creatures)
+	* fixed when file is unable to parse (creatures)
+	* fixed typo loss_items => loss_containers
+	* more elegant way of showing message on reload creatures and spells
 
 [0.2.3 - 31.05.2017]
-	- fixed guild management on OTHire 0.0.3
-	- set default skills to 10 when creating new character
-	- fixed displaying of "Create forum thread" in newses
-	- fixed deleting guild on servers that use players.rank_id field
-	- fixed phpmailer class loading (https://otland.net/threads/myaac-v0-0-1.251454/page-8#post-2445222)
-	- fixed displaying vocation amount on online page
-	- better support for custom vocations, you just need to set in config vocations_amount to yours.
-	- fixed huge space in player name (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444328)
-	- fixed Undefined variable (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444034)
-	- fixed Undefined offset (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444035)
+	* fixed guild management on OTHire 0.0.3
+	* set default skills to 10 when creating new character
+	* fixed displaying of "Create forum thread" in newses
+	* fixed deleting guild on servers that use players.rank_id field
+	* fixed phpmailer class loading (https://otland.net/threads/myaac-v0-0-1.251454/page-8#post-2445222)
+	* fixed displaying vocation amount on online page
+	* better support for custom vocations, you just need to set in config vocations_amount to yours.
+	* fixed huge space in player name (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444328)
+	* fixed Undefined variable (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444034)
+	* fixed Undefined offset (https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2444035)
 
 [0.2.2 - 22.05.2017]
-	- added missing cache/signature directory
-	- fixed https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2443868
+	* added missing cache/signature directory
+	* fixed https://otland.net/threads/myaac-v0-0-1.251454/page-7#post-2443868
 
 [0.2.1 - 21.05.2017]
-	- added Swedish translation by Sizaro
-	- fixed some bugs with installlation & characters & houses
+	* added Swedish translation by Sizaro
+	* fixed some bugs with installlation & characters & houses
 
 [0.2.0 - 21.05.2017]
-	- added option to change character sex for premium points
-	- moved site_closed to database, now you can close your site through admin panel
-	- added option to admin panel: clear cache
-	- added experiencetable_rows configurable
-	- optimized OTS_Account->getGroupId(), now its using like 20 queries less
-	- optimized OTS_Player->load($id) function, should be much faster now
-	- fixed displaying on highscores special outfits
-	- fixed skull images displaying
-	- fixed displaying unlimited premium account
-	- fixed bug where players.lookaddons doesn't exist (OTHire etc.) (https://otland.net/threads/myaac-v0-0-1.251454/page-6#post-2442407)
-	- fixed signature tibian for OTHire and other servers that doesnt use accounts.premdays field
-	- fixed when player name in signature containst space
-	- don't show "Create forum thread" when editing
-	- fixed red color table after create account
-	- updated download links, as clients.halfaway.net isn't working anymore
-	- fixed some bugs while installing when field `email_next` or `hidden` already exist
-	- fixed movies unexpected comment
-	- added template_place_holder('center_top') to kathrine template
+	* added option to change character sex for premium points
+	* moved site_closed to database, now you can close your site through admin panel
+	* added option to admin panel: clear cache
+	* added experiencetable_rows configurable
+	* optimized OTS_Account->getGroupId(), now its using like 20 queries less
+	* optimized OTS_Player->load($id) function, should be much faster now
+	* fixed displaying on highscores special outfits
+	* fixed skull images displaying
+	* fixed displaying unlimited premium account
+	* fixed bug where players.lookaddons doesn't exist (OTHire etc.) (https://otland.net/threads/myaac-v0-0-1.251454/page-6#post-2442407)
+	* fixed signature tibian for OTHire and other servers that doesnt use accounts.premdays field
+	* fixed when player name in signature containst space
+	* don't show "Create forum thread" when editing
+	* fixed red color table after create account
+	* updated download links, as clients.halfaway.net isn't working anymore
+	* fixed some bugs while installing when field `email_next` or `hidden` already exist
+	* fixed movies unexpected comment
+	* added template_place_holder('center_top') to kathrine template
 
 [0.1.5 - 13.05.2017]
-	- fixed bug with "Integrity constraint violation: 1048 Column 'ip' cannot be null"
+	* fixed bug with "Integrity constraint violation: 1048 Column 'ip' cannot be null"
 
 [0.1.4 - 13.05.2017]
-	- added outfit shower, in characters, online, and highscores
-	- updated database to version 2
-	- fixed item images (now using item-images.ots.me host by default)
-	- fixed news ticket and posting long newses (https://otland.net/threads/myaac-v0-0-1.251454/page-5#post-2442026)
-	- news body limit increased to 65535 (mysql text field)
-	- removed some unused code from my old server
-	- added spells & monsters to kathrine template
+	* added outfit shower, in characters, online, and highscores
+	* updated database to version 2
+	* fixed item images (now using item-images.ots.me host by default)
+	* fixed news ticket and posting long newses (https://otland.net/threads/myaac-v0-0-1.251454/page-5#post-2442026)
+	* news body limit increased to 65535 (mysql text field)
+	* removed some unused code from my old server
+	* added spells & monsters to kathrine template
 
 [0.1.3 - 11.05.2017]
-	- this is just release to update version number
+	* this is just release to update version number
 
 [0.1.2 - 11.05.2017]
-	- forgot to update CHANGELOG and MYAAC_VERSION
+	* forgot to update CHANGELOG and MYAAC_VERSION
 
 [0.1.1 - 11.05.2017]
-	- fixed updating myaac_config with database_version to 1
-	- fixed database updater
+	* fixed updating myaac_config with database_version to 1
+	* fixed database updater
 
 [0.1.0 - 11.05.2017]
-	- added new feature: change character name for premium points (disabled by default, you can enable it in config under account_change_character_name in config.php)
-	- added automatic database updater (data migrations)
-	- renamed events to hooks
-	- moved hooks to database
-	- now you can use hooks in plugins
-	- set account.type field to 5 on install, if TFS 1.0+
-	- added example plugin
-	- new, latest google analytics code
-	- fixed bug with loading account.name that has numbers in it
-	- fixed many bugs in player editor in admin panel
-	- added error handling to plugin manager and some more verification in
-	- file has been correctly unpacked/uploaded
-	- fixed Statistics page in admin panel when using account.number
-	- fixed bug when creating/recovering account on servers with
-	- account.salt field (TFS 0.3 for example)
-	- fixed forum showing thread with html tags (added from news manager)
-	- new, latest code for youtube videos in movies page
-	- fixed showing vocation images when using $config['online_vocations_images']
-	- many fixes in polls (also importing proper schema)
-	- fixed hovering on buttons in kathrine template (on accountmanagement page)
-	- fixed signatures (many fixes)
-	- added missing gesior signature system
+	* added new feature: change character name for premium points (disabled by default, you can enable it in config under account_change_character_name in config.php)
+	* added automatic database updater (data migrations)
+	* renamed events to hooks
+	* moved hooks to database
+	* now you can use hooks in plugins
+	* set account.type field to 5 on install, if TFS 1.0+
+	* added example plugin
+	* new, latest google analytics code
+	* fixed bug with loading account.name that has numbers in it
+	* fixed many bugs in player editor in admin panel
+	* added error handling to plugin manager and some more verification in
+	* file has been correctly unpacked/uploaded
+	* fixed Statistics page in admin panel when using account.number
+	* fixed bug when creating/recovering account on servers with
+	* account.salt field (TFS 0.3 for example)
+	* fixed forum showing thread with html tags (added from news manager)
+	* new, latest code for youtube videos in movies page
+	* fixed showing vocation images when using $config['online_vocations_images']
+	* many fixes in polls (also importing proper schema)
+	* fixed hovering on buttons in kathrine template (on accountmanagement page)
+	* fixed signatures (many fixes)
+	* added missing gesior signature system
 
 [0.0.6 - 06.05.2017]
-	- fixed bug while installing (https://otland.net/threads/myaac-v0-0-1.251454/page-3#post-2440543)
-	- fixed bug when creating character (not showing errors) (one more time)
-	- fixed support for TFS 0.2 series
-	- added FAQ link
+	* fixed bug while installing (https://otland.net/threads/myaac-v0-0-1.251454/page-3#post-2440543)
+	* fixed bug when creating character (not showing errors) (one more time)
+	* fixed support for TFS 0.2 series
+	* added FAQ link
 	
 [0.0.5 - 05.05.2017]
-	- fixed bug when creating character (not showing errors)
-	- Fixed characters loading with names that has been created with other AAC
-	- fixed links to shop in default template
-	- fixed some weird PHP 7.1 warnings/notices
-	- Fixed config loading with some weird comments
-	- fixed bug with status info utf8 encoding (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440259)
-	- fixed when ip in log_action is NULL (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440357)
-	- fixed bug when guild doesn't exist on characters page (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440320)
-	- disabled friendly_urls by default
-	- fixes when $config['database_*'] is set
-	- added CHANGELOG
+	* fixed bug when creating character (not showing errors)
+	* Fixed characters loading with names that has been created with other AAC
+	* fixed links to shop in default template
+	* fixed some weird PHP 7.1 warnings/notices
+	* Fixed config loading with some weird comments
+	* fixed bug with status info utf8 encoding (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440259)
+	* fixed when ip in log_action is NULL (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440357)
+	* fixed bug when guild doesn't exist on characters page (https://otland.net/threads/myaac-v0-0-1.251454/page-2#post-2440320)
+	* disabled friendly_urls by default
+	* fixes when $config['database_*'] is set
+	* added CHANGELOG
 
 [0.0.3 - 03.05.2017]
-	- Full support for OTHire 0.0.3
-	- added support for otservers that doesn't use account.name field, instead just account number will be used
-	- fixed encryption detection on TFS 0.3
-	- fixed bug when server_config table doesn't exist
-	- (install) moved admin account creation to new step
-	- fixed news comment link
-	- by default, the installer creates now the Admin player, for admin account
-	- fixed installation errors
-	- fixed config.lua loading with some weird comments
+	* Full support for OTHire 0.0.3
+	* added support for otservers that doesn't use account.name field, instead just account number will be used
+	* fixed encryption detection on TFS 0.3
+	* fixed bug when server_config table doesn't exist
+	* (install) moved admin account creation to new step
+	* fixed news comment link
+	* by default, the installer creates now the Admin player, for admin account
+	* fixed installation errors
+	* fixed config.lua loading with some weird comments
 
 [0.0.2 - 02.05.2017]
-	- updated forum links to use friendly_urls
-	- some more info will be shown when cannot connect to database
-	- show more error infos when creating character
-	- fixed forum link on newses
-	- fixed spells loading when there's vocation name instead of id
-	- fixed bug when you have changed template but it doesn't exist anymore
-	- fixed vocations with promotion loading
-	- fixed support for gesior pages and templates
-	- added function OTS_Acount:getGroupId()
+	* updated forum links to use friendly_urls
+	* some more info will be shown when cannot connect to database
+	* show more error infos when creating character
+	* fixed forum link on newses
+	* fixed spells loading when there's vocation name instead of id
+	* fixed bug when you have changed template but it doesn't exist anymore
+	* fixed vocations with promotion loading
+	* fixed support for gesior pages and templates
+	* added function OTS_Acount:getGroupId()
 
 [0.0.1 - 01.05.2017]
 	This is first official release of MyAAC.

TODO

@@ -0,0 +1,37 @@
+// MyAAC TODO
+
+0.*
+	* support duplicated vocation names with different ids
+	* plugins: option to define custom requirements check in json file, to check if system meets the requirement
+	* add support for defining max myaac version in plugin.json file
+	* cache Menus in templates
+	* don't show error indicators on first time load - createaccount page
+	* update Twig to the latest version from 1.x branch
+	* semantic versioning support for plugins (github.com/composer/semver)
+	* add some notice to the user that installing step "Import Schema" will take some time
+	* check user IP on installing to prevent install by random user
+
+1.0:
+	* i18n support (issue #1 on github)
+	* New Admin Panel layout and interface
+	* add changelog management interface
+	* remove tibiacom template, and include it as a plugin
+
+2.0
+	* remove compat functions
+	* folder restructure:
+		* var/ (for logs, cache and data), config/, bin, public/ (for index and images and other public content), system/ (for php files and classess)
+	* rename templates to layouts as templates is meant to be used for twig templates
+	* change gifts_system to shop_system configurable
+	* move most used options in system/templates dir to separate directories (more transparent)
+
+At any time between (version not specified):
+	* better news archive with search function (like on tibia.com)
+	* guild wars management (issue #13 on github)
+	* update account.management page to be more realistic (like on tibia.com)
+	* update guilds page to be more realistic (like on tibia.com)
+	* possibility to add extra cache engines with plugins
+	* preferably configurable (enable/disable) forum TinyMCE editor
+	* new cache engine - plain php, is good with pure php 7.0+ and opcache
+	* OTAdmin support in Admin Panel
+	* database towns table support for TFS 1.3

common.php

@@ -26,8 +26,8 @@
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.7.0');
-define('DATABASE_VERSION', 18);
+define('MYAAC_VERSION', '0.7.4');
+define('DATABASE_VERSION', 20);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX'));

config.php

@@ -186,6 +186,7 @@ $config = array(
 	'highscores_outfit' => true, // show player outfit?
 	'highscores_country_box' => false, // doesnt work yet! (not implemented)
 	'highscores_groups_hidden' => 4, // this group id and higher won't be shown on the highscores
+	'highscores_ids_hidden' => array(0), // this ids of players will be hidden on the highscores (should be ids of samples)
 	'highscores_length' => 100, // how many records per page on highscores
 
 	// characters page

index.php

@@ -93,6 +93,7 @@ else {
 			'/^account\/character\/comment\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment'),
 			'/^account\/confirm_email\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'confirm_email', 'v' => '$2'),
 			'/^characters\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'characters', 'name' => '$1'),
+			'/^changelog\/[0-9]+\/?$/' => array('subtopic' => 'changelog', 'page' => '$1'),
 			'/^commands\/add\/?$/' => array('subtopic' => 'commands', 'action' => 'add'),
 			'/^commands\/edit\/?$/' => array('subtopic' => 'commands', 'action' => 'edit'),
 			'/^faq\/add\/?$/' => array('subtopic' => 'faq', 'action' => 'add'),

install/includes/config.php

@@ -1,12 +1,17 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 
+if(!isset($_SESSION['var_server_path'])) {
+	error($locale['step_database_error_config']);
+	$error = true;
+}
+
 	$config['server_path'] = $_SESSION['var_server_path'];
 	// take care of trailing slash at the end
 	if($config['server_path'][strlen($config['server_path']) - 1] != '/')
 		$config['server_path'] .= '/';
 
-	if(!file_exists($config['server_path'] . 'config.lua')) {
+if((!isset($error) || !$error) && !file_exists($config['server_path'] . 'config.lua')) {
 		error($locale['step_database_error_config']);
 		$error = true;
 	}

install/includes/functions.php

@@ -78,4 +78,23 @@ function next_form($previous = true, $next = true)
 	<input type="hidden" name="step" id="step" value="' . $step . '" />' . next_buttons($previous, $next) . '
 </form>';
 }
-?>
+
+function win_is_writable($path) {
+	if($path[strlen( $path ) - 1] == '/') { // if it looks like a directory, check a random file within the directory
+		return win_is_writable( $path . uniqid( mt_rand() ) . '.tmp');
+	} elseif(is_dir( $path )) { // If it's a directory (and not a file) check a random file within the directory
+		return win_is_writable( $path . '/' . uniqid( mt_rand() ) . '.tmp' );
+	}
+
+	// check tmp file for read/write capabilities
+	$should_delete_tmp_file = !file_exists( $path );
+	$f = @fopen( $path, 'a' );
+	if ( $f === false )
+		return false;
+
+	fclose( $f );
+	if($should_delete_tmp_file)
+		unlink($path);
+
+	return true;
+}

install/includes/schema.sql

@@ -155,6 +155,7 @@ CREATE TABLE `myaac_menu`
 /* MENU_CATEGORY_NEWS kathrine */
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Latest News', 'news', 1, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'News Archive', 'news/archive', 1, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Changelog', 'changelog', 1, 2);
 /* MENU_CATEGORY_ACCOUNT kathrine */
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Account Management', 'account/manage', 2, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Create Account', 'account/create', 2, 1);
@@ -215,7 +216,6 @@ INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VA
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Gallery', 'gallery', 5, 4);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Server Info', 'serverInfo', 5, 5);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Experience Table', 'experienceTable', 5, 6);
-INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Support List', 'team', 5, 7);
 /* MENU_CATEGORY_SHOP tibiacom */
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Buy Points', 'points', 6, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop Offer', 'gifts', 6, 1);

install/includes/twig_error.html

@@ -0,0 +1,11 @@
+We have detected that you don't have access to write to the system/cache directory. Under linux you can fix it by using this two command, where first one should be enough (for apache):<br/><br/><span class="console">chown -R www-data.www-data /var/www/*</span><br/><span class="console">chmod -R 660 system/cache</span>
+
+<style type="text/css">
+.console {
+	font-family:Courier;
+	color: #CCCCCC;
+	background: #000000;
+	border: 3px double #CCCCCC;
+	padding: 0px;
+}
+</style>

install/index.php

@@ -1,9 +1,6 @@
 <?php
 require('../common.php');
 
-// step
-$step = isset($_POST['step']) ? $_POST['step'] : 'welcome';
-
 // includes
 require(SYSTEM . 'functions.php');
 require(BASE . 'install/includes/functions.php');
@@ -26,6 +23,9 @@ if(isset($_POST['vars']))
 		$_SESSION['var_' . $key] = $value;
 }
 
+// step
+$step = isset($_POST['step']) ? $_POST['step'] : 'welcome';
+
 $steps = array(1 => 'welcome', 2 => 'license', 3 => 'requirements', 4 => 'config', 5 => 'database', 6 => 'admin', 7 => 'finish');
 if(!in_array($step, $steps)) // check if step is valid
 	die('ERROR: Unknown step.');
@@ -56,17 +56,54 @@ if($step == 'database')
 		$step = 'config';
 	}
 }
+else if($step == 'finish') {
+	// password
+	$password = $_SESSION['var_password'];
+
+	if(isset($_SESSION['var_account'])) {
+		if(!Validator::accountName($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_format'];
+		}
+		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
+			$errors[] = $locale['step_admin_account_error_same'];
+		}
+	}
+	else if(isset($_SESSION['var_account_id'])) {
+		if(!Validator::accountId($_SESSION['var_account_id'])) {
+			$errors[] = $locale['step_admin_account_id_error_format'];
+		}
+		else if($_SESSION['var_account_id'] == $password) {
+			$errors[] = $locale['step_admin_account_id_error_same'];
+		}
+	}
+
+	if(empty($password)) {
+		$errors[] = $locale['step_admin_password_error_empty'];
+	}
+	else if(!Validator::password($password)) {
+		$errors[] = $locale['step_admin_password_error_format'];
+	}
+
+	if(!empty($errors)) {
+		$step = 'admin';
+	}
+}
 
 $error = false;
 
-// step include
-ob_start();
-require('steps/' . $step . '.php');
-$content = ob_get_contents();
-ob_end_clean();
+clearstatcache();
+if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
+	ob_start();
+
+	$step_id = array_search($step, $steps);
+	require('steps/' . $step_id . '-' . $step . '.php');
+	$content = ob_get_contents();
+	ob_end_clean();
+}
+else {
+	$content = error(file_get_contents(BASE . 'install/includes/twig_error.html'), true);
+}
 
 // render
 require('template/template.php');
-//$_SESSION['laststep'] = $step;
-
-?>
+//$_SESSION['laststep'] = $step;

install/steps/4-config.php

@@ -7,6 +7,7 @@ $clients_list = array(
 	750,
 	760,
 	770,
+	772,
 	780,
 	7920,
 	800,

install/steps/5-database.php

@@ -11,7 +11,8 @@ if(!isset($_SESSION['var_server_path'])) {
 }
 
 if(!$error) {
-	$content = "<?php\n";
+	$content = "<?php";
+	$content .= PHP_EOL;
 	foreach($_SESSION as $key => $value)
 	{
 		if(strpos($key, 'var_') !== false)
@@ -239,9 +240,10 @@ if(!$error) {
 			$content .= PHP_EOL;
 			$content .= '$config[\'client_download_linux\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/tar/linux\';';
 			$content .= PHP_EOL;
-			$content .= '// place for your configuration directives, so you can later easily update myaac';
+			$content .= '$config[\'session_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';';
+			$content .= PHP_EOL;
+			$content .= '$config[\'cache_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';';
 			$content .= PHP_EOL;
-			$content .= "?>";
 			
 			$file = fopen(BASE . 'config.local.php', 'a+');
 			if($file) {

install/steps/6-admin.php

@@ -8,6 +8,7 @@ if(!$error) {
 	echo $twig->render('install.admin.html.twig', array(
 		'locale' => $locale,
 		'session' => $_SESSION,
+		'errors' => isset($errors) ? $errors : null,
 		'buttons' => next_buttons(true, $error ? false : true)
 	));
 }

install/steps/7-finish.php

@@ -20,27 +20,7 @@ else {
 			$salt = generateRandomString(10, false, true, true);
 			$password = $salt . $password;
 		}
-/*
-		$account_db = new OTS_Account();
-		$account_db->load(1);
-		if($account_db->isLoaded()) {
-			if(USE_ACCOUNT_NAME)
-				$account_db->setName('dummy_account');
 
-			$account_db->setPassword('for sample characters. ' . generateRandomString(10));
-			$account_db->save();
-		}
-		else {
-			$new_account = new OTS_Account();
-			if(USE_ACCOUNT_NAME)
-				$new_account->create('dummy_account', 1);
-			else
-				$new_account->create(null, 1);
-
-			$new_account->setPassword('for sample characters. ' . generateRandomString(10));
-			$new_account->save();
-		}
-*/
 		$account_db = new OTS_Account();
 		if(isset($account))
 			$account_db->find($account);
@@ -55,34 +35,29 @@ else {
 			$player = new OTS_Player();
 			$player->setName('Admin');
 			
-			$player->setGroupId($groups->getHighestId());
+			$player_used = &$player;
 		}
+		else {
+			$player_used = &$player_db;
+		}
+
+		$player_used->setGroupId($groups->getHighestId());
 
 		if($account_db->isLoaded()) {
 			$account_db->setPassword(encrypt($password));
 			$account_db->setEMail($_SESSION['var_mail_admin']);
 			$account_db->save();
 			
-			if($config_salt_enabled)
-				$account_db->setCustomField('salt', $salt);
-			
-			$account_db->setCustomField('web_flags', 3);
-			$account_db->setCustomField('country', 'us');
-			if(fieldExist('group_id', 'accounts'))
-				$account_db->setCustomField('group_id', $groups->getHighestId());
-			if(fieldExist('type', 'accounts'))
-				$account_db->setCustomField('type', 5);
-
-			if(!$player_db->isLoaded())
-				$player->setAccountId($account_db->getId());
-			else
-				$player_db->setAccountId($account_db->getId());
-			
-			setSession('account', $account_db->getId());
+			$account_used = &$account_db;
 		}
 		else {
 			$new_account = new OTS_Account();
-			$new_account->create($account);
+			if(USE_ACCOUNT_NAME) {
+				$new_account->create($account);
+			}
+			else {
+				$new_account->create(null, $account_id);
+			}
 			
 			$new_account->setPassword(encrypt($password));
 			$new_account->setEMail($_SESSION['var_mail_admin']);
@@ -90,28 +65,30 @@ else {
 			$new_account->unblock();
 			$new_account->save();
 			
-			if($config_salt_enabled)
-				$new_account->setCustomField('salt', $salt);
-			
 			$new_account->setCustomField('created', time());
-			$new_account->setCustomField('web_flags', 3);
-			$new_account->setCustomField('country', 'us');
-			if(fieldExist('group_id', 'accounts'))
-				$new_account->setCustomField('group_id', $groups->getHighestId());
-			if(fieldExist('type', 'accounts'))
-				$new_account->setCustomField('type', 5);
-
 			$new_account->logAction('Account created.');
 			
-			if(!$player_db->isLoaded())
-				$player->setAccountId($new_account->getId());
-			else
-				$player_db->setAccountId($new_account->getId());
-			
-			setSession('account', $new_account->getId());
+			$account_used = &$new_account;
 		}
 
+		if($config_salt_enabled)
+			$account_used->setCustomField('salt', $salt);
+
+		$account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);
+		$account_used->setCustomField('country', 'us');
+		if(fieldExist('group_id', 'accounts'))
+			$account_used->setCustomField('group_id', $groups->getHighestId());
+		if(fieldExist('type', 'accounts'))
+			$account_used->setCustomField('type', 5);
+
+		if(!$player_db->isLoaded())
+			$player->setAccountId($account_used->getId());
+		else
+			$player_db->setAccountId($account_used->getId());
+
 		success($locale['step_database_created_account']);
+
+		setSession('account', $account_used->getId());
 		setSession('password', encrypt($password));
 		setSession('remember_me', true);
 
@@ -129,9 +106,12 @@ else {
 			$player_id = $query['id'];
 		}
 
-		if(query("INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'http://my-aac.org', '0');
-INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'http://my-aac.org', " . $player_id . ", '', '0');")) {
-			success($locale['step_database_created_news']);
+		$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX ."news` WHERE `title` LIKE 'Hello!';");
+		if($query->rowCount() == 0) {
+			if(query("INSERT INTO `" . TABLE_PREFIX ."news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'http://my-aac.org', '0');
+	INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'http://my-aac.org', " . $player_id . ", '', '0');")) {
+				success($locale['step_database_created_news']);
+			}
 		}
 
 		$deleted = 'deleted';
@@ -141,34 +121,50 @@ INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `pl
 		$insert_into_players = "INSERT INTO `players` (`id`, `name`, `group_id`, `account_id`, `level`, `vocation`, `health`, `healthmax`, `experience`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`, `maglevel`, `mana`, `manamax`, `manaspent`, `soul`, `town_id`, `posx`, `posy`, `posz`, `conditions`, `cap`, `sex`, `lastlogin`, `lastip`, `save`, `lastlogout`, `balance`, `$deleted`, `created`, `hidden`, `comment`) VALUES ";
 		$success = true;
 
+		$highscores_ignored_ids = array();
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Rook Sample'));
 		if($query->rowCount() == 0) {
-			if(!query($insert_into_players . "(null, 'Rook Sample', 4, " . getSession('account') . ", 1, 0, 150, 150, 4200, 118, 114, 38, 57, 130, 0, 0, 0, 0, 100, 11, 2200, 1298, 7, '', 400, 1, 1255179613, 2453925456, 1, 1255179614, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
+			if(!query($insert_into_players . "(null, 'Rook Sample', 1, " . getSession('account') . ", 1, 0, 150, 150, 4200, 118, 114, 38, 57, 130, 0, 0, 0, 0, 100, 1, 1000, 1000, 7, '', 400, 1, 1255179613, 2453925456, 1, 1255179614, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
 				$success = false;
+			else {
+				$highscores_ignored_ids[] = $db->lastInsertId();
+			}
 		}
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Sorcerer Sample'));
 		if($query->rowCount() == 0) {
-			if(!query($insert_into_players . "(null, 'Sorcerer Sample', 4, " . getSession('account') . ", 8, 1, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179571, 2453925456, 1, 1255179612, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
+			if(!query($insert_into_players . "(null, 'Sorcerer Sample', 1, " . getSession('account') . ", 8, 1, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179571, 2453925456, 1, 1255179612, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
 				$success = false;
+			else {
+				$highscores_ignored_ids[] = $db->lastInsertId();
+			}
 		}
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Druid Sample'));
 		if($query->rowCount() == 0) {
-			if(!query($insert_into_players . "(null, 'Druid Sample', 4, " . getSession('account') . ", 8, 2, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179655, 2453925456, 1, 1255179658, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
+			if(!query($insert_into_players . "(null, 'Druid Sample', 1, " . getSession('account') . ", 8, 2, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179655, 2453925456, 1, 1255179658, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
 				$success = false;
+			else {
+				$highscores_ignored_ids[] = $db->lastInsertId();
+			}
 		}
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Paladin Sample'));
 		if($query->rowCount() == 0) {
-			if(!query($insert_into_players . "(null, 'Paladin Sample', 4, " . getSession('account') . ", 8, 3, 185, 185, 4200, 118, 114, 38, 57, 129, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179854, 2453925456, 1, 1255179858, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
+			if(!query($insert_into_players . "(null, 'Paladin Sample', 1, " . getSession('account') . ", 8, 3, 185, 185, 4200, 118, 114, 38, 57, 129, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179854, 2453925456, 1, 1255179858, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
 				$success = false;
+			else {
+				$highscores_ignored_ids[] = $db->lastInsertId();
+			}
 		}
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Knight Sample'));
 		if($query->rowCount() == 0) {
-			if(!query($insert_into_players . "(null, 'Knight Sample', 4, " . getSession('account') . ", 8, 4, 185, 185, 4200, 118, 114, 38, 57, 131, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179620, 2453925456, 1, 1255179654, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
+			if(!query($insert_into_players . "(null, 'Knight Sample', 1, " . getSession('account') . ", 8, 4, 185, 185, 4200, 118, 114, 38, 57, 131, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179620, 2453925456, 1, 1255179654, 0, 0, UNIX_TIMESTAMP(), 1, '');"))
 				$success = false;
+			else {
+				$highscores_ignored_ids[] = $db->lastInsertId();
+			}
 		}
 
 		if($success) {
@@ -196,6 +192,20 @@ INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `pl
 			error(Spells::getLastError());
 		}
 
+		$content = PHP_EOL;
+		$content .= '$config[\'highscores_ids_hidden\'] = array(' . implode(', ', $highscores_ignored_ids) . ');';
+		$content .= PHP_EOL;
+
+		$file = fopen(BASE . 'config.local.php', 'a+');
+		if($file) {
+			fwrite($file, $content);
+		}
+		else {
+			$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.local.php</b>', $locale['step_database_error_file']);
+			warning($locale['step_database_error_file'] . '<br/>
+				<textarea cols="70" rows="10">' . $content . '</textarea>');
+		}
+
 		$locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(ADMIN_URL, $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
 		$locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(BASE_URL, $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
 		$locale['step_finish_desc'] = str_replace('$LINK$', generateLink('http://my-aac.org', 'http://my-aac.org', true), $locale['step_finish_desc']);

system/functions.php

@@ -971,7 +971,7 @@ function getTopPlayers($limit = 5) {
 		if(fieldExist('deletion', 'players'))
 			$deleted = 'deletion';
 		
-		$players = $db->query('SELECT `name`, `level`, `experience` FROM `players` WHERE `group_id` < ' . $config['highscores_groups_hidden'] . ' AND `' . $deleted . '` = 0 AND account_id != 1 ORDER BY `experience` DESC LIMIT 5')->fetchAll();
+		$players = $db->query('SELECT `name`, `level`, `experience` FROM `players` WHERE `group_id` < ' . $config['highscores_groups_hidden'] . ' AND `id` NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND `' . $deleted . '` = 0 AND `account_id` != 1 ORDER BY `experience` DESC LIMIT 5')->fetchAll();
 		
 		$i = 0;
 		foreach($players as &$player) {

system/init.php

@@ -148,6 +148,11 @@ else
 $config['data_path'] = $tmp;
 unset($tmp);
 
+// new config values for compability
+if(!isset($config['highscores_ids_hidden']) || count($config['highscores_ids_hidden']) == 0) {
+	$config['highscores_ids_hidden'] = array(0);
+}
+
 // POT
 require_once(SYSTEM . 'libs/pot/OTS.php');
 $ots = POT::getInstance();

system/libs/pot/OTS_Player.php

@@ -3151,6 +3151,14 @@ class OTS_Player extends OTS_Row_DAO
 
         $this->db->query('DELETE FROM ' . $this->db->tableName('player_spells') . ' WHERE ' . $this->db->fieldName('player_id') . ' = ' . $this->data['id'] . ' AND ' . $this->db->fieldName('name') . ' = ' . $this->db->quote( $spell->getName() ) );
     }
+	
+	public static function getPercentLevel($count, $nextLevelCount)
+	{
+		if($nextLevelCount > 0)
+			return min(100, max(0, $count * 100 / $nextLevelCount));
+
+		return 0;
+	}
 
 /**
  * Magic PHP5 method.

system/libs/pot/OTS_Toolbox.php

@@ -28,13 +28,11 @@ class OTS_Toolbox
  * @param int $experience Current experience points.
  * @return int Experience points for level.
  */
-    public static function experienceForLevel($level, $experience = 0)
+	public static function experienceForLevel($level, $experience = 0)
     {
-        return 50 * ($level - 1) * ($level * $level - 5 * $level + 12) / 3 - $experience;
-		/*
-			$level = $level - 1;
-	return ((50 * $level * $level * $level) - (150 * $level * $level) + (400 * $level)) / 3;
-	*/
+        //return 50 * ($level - 1) * ($level * $level - 5 * $level + 12) / 3 - $experience;
+		$level = $level - 1;
+		return ((50 * $level * $level * $level) - (150 * $level * $level) + (400 * $level)) / 3;
     }
 
 /**

system/libs/validator.php

@@ -85,13 +85,7 @@ class Validator
 			return false;
 		}
 		
-		if(strspn($name, "QWERTYUIOPASDFGHJKLZXCVBNM0123456789") != $length)
-		{
-			self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.';
-			return false;
-		}
-		
-		if(!preg_match("/[A-Z0-9]/", $name))
+		if(!preg_match("/[A-Z0-9]/i", $name))
 		{
 			self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.';
 			return false;

system/locale/en/install.php

@@ -42,7 +42,6 @@ $locale['step_config'] = 'Configuration';
 $locale['step_config_title'] = 'Basic configuration';
 $locale['step_config_server_path'] = 'Server path';
 $locale['step_config_server_path_desc'] = 'Path to your TFS main directory, where you have config.lua located.';
-
 $locale['step_config_mail_admin'] = 'Admin E-Mail';
 $locale['step_config_mail_admin_desc'] = 'Address where emails from contact form will be delivered, for example admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'Admin E-Mail is not correct.';
@@ -82,10 +81,16 @@ $locale['step_admin'] = 'Admin Account';
 $locale['step_admin_title'] = 'Create Admin Account';
 $locale['step_admin_account'] = 'Admin account name';
 $locale['step_admin_account_desc'] = 'Name of your admin account, which will be used to login to website and server.';
-$locale['step_admin_account_id'] = 'Admin account id';
-$locale['step_admin_account_id_desc'] = 'ID of your admin account, which will be used to login to website and server.';
+$locale['step_admin_account_error_format'] = 'Invalid account name format. Use only a-Z and numbers 0-9. Minimum 3, maximum 32 characters.';
+$locale['step_admin_account_error_same'] = 'Password may not be the same as account name.';
+$locale['step_admin_account_id'] = 'Admin account number';
+$locale['step_admin_account_id_desc'] = 'Number of your admin account, which will be used to login to website and server.';
+$locale['step_admin_account_id_error_format'] = 'Invalid account number format. Please use only numbers 0-9. Minimum 6, maximum 10 characters.';
+$locale['step_admin_account_id_error_same'] = 'Password may not be the same as account number.';
 $locale['step_admin_password'] = 'Admin account password';
 $locale['step_admin_password_desc'] = 'Password to your admin account.';
+$locale['step_admin_password_error_empty'] = 'Please enter the password for your new account.';
+$locale['step_admin_password_error_format'] = 'Invalid password format. Use only a-Z and numbers 0-9. Minimum 8, maximum 30 characters.';
 
 // finish
 $locale['step_finish_admin_panel'] = 'Admin Panel';

system/locale/pl/install.php

@@ -42,11 +42,6 @@ $locale['step_config'] = 'Konfiguracja';
 $locale['step_config_title'] = 'Podstawowa konfiguracja';
 $locale['step_config_server_path'] = 'Ścieżka do serwera';
 $locale['step_config_server_path_desc'] = 'Ścieżka do Twojego folderu z TFS, gdzie znajduje się plik config.lua.';
-$locale['step_config_account'] = 'Konto administratora';
-$locale['step_config_account_desc'] = 'Nazwa twojego konta admina, która będzie używana do logowania na stronę i do serwera.';
-$locale['step_config_password'] = 'Hasło do konta admina';
-$locale['step_config_password_desc'] = 'Hasło do Twojego konta administratora.';
-
 $locale['step_config_mail_admin'] = 'E-Mail admina';
 $locale['step_config_mail_admin_desc'] = 'Na ten adres będą dostarczane E-Maile z formularza kontaktowego , przykładowo admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'E-Mail admina jest niepoprawny.';
@@ -55,13 +50,16 @@ $locale['step_config_mail_address_desc'] = 'Ten adres będzie używany do wysył
 $locale['step_config_mail_address_error'] = 'E-Mail serwera jest niepoprawny.';
 $locale['step_config_client'] = 'Wersja klienta';
 $locale['step_config_client_desc'] = 'Używana do strony pobieranie klienta oraz kilku szablonów';
+$locale['step_config_usage'] = 'Raportowanie Statystyk';
+$locale['step_config_usage_desc'] = 'Zezwalaj MyAAC na raportowanie anonimowych statystyk? Dane są wysyłane raz na 30 dni i są w pełni anonimowe.';
 
 // database
-$locale['step_database'] = 'Baza';
+$locale['step_database'] = 'Baza Danych';
 $locale['step_database_title'] = 'Baza MySQL';
 $locale['step_database_importing'] = 'Twoja baza to MySQL. Importowanie schematu...';
 $locale['step_database_error_path'] = 'Proszę podać ścieżkę do serwera.';
 $locale['step_database_error_config'] = 'Nie można znaleźć pliku config. Jest Twoja ścieżka do katalogu serwera poprawna? Wróć się i sprawdź ponownie.';
+$locale['step_database_error_database_empty'] = 'Nie można wykryć typu bazy danych z pliku config.lua. Prawdopodobnie Twój OTS nie jest wspierany przez ten AAC.';
 $locale['step_database_error_only_mysql'] = 'Ten AAC wspiera tylko bazy danych MySQL. Z Twojego pliku config wynika, że Twój serwera używa bazy: $DATABASE_TYPE$. Proszę zmienić typ bazy na MySQL i ponownie przystąpić do instalacji.';
 $locale['step_database_error_table'] = 'Tabela $TABLE$ nie istnieje. Proszę najpierw zaimportować schemat bazy danych serwera OTS.';
 $locale['step_database_error_table_exist'] = 'Tabela $TABLE$ już istnieje. Wygląda na to, że AAC został już zainstalowany. Schemat MySQL nie zostanie zaimportowany..';
@@ -72,9 +70,28 @@ $locale['step_database_adding_field'] = 'Dodawanie pola';
 $locale['step_database_modifying_field'] = 'Modyfikacja pola';
 $locale['step_database_changing_field'] = 'Zmiana $FIELD$ na $FIELD_NEW$...';
 $locale['step_database_imported_players'] = 'Importowanie schematów graczy...';
+$locale['step_database_loaded_monsters'] = 'Załadowano potworki (monsters)...';
+$locale['step_database_error_monsters'] = 'Wystąpiły problemy podczas ładowania pliku monsters.xml. Zobacz $LOG$ po więcej informacji.';
+$locale['step_database_loaded_spells'] = 'Załadowano czary (spells)...';
 $locale['step_database_created_account'] = 'Utworzono konto admina...';
 $locale['step_database_created_news'] = 'Utworzono newsy...';
 
+// admin account
+$locale['step_admin'] = 'Konto Admina';
+$locale['step_admin_title'] = 'Tworzenie Konta Admina';
+$locale['step_admin_account'] = 'Nazwa Konta Admina';
+$locale['step_admin_account_desc'] = 'Nazwa Twojego konta admina, która będzie używana do logowania na stronę i do serwera.';
+$locale['step_admin_account_error_format'] = 'Nieprawidłowy format nazwy konta. Używaj tylko znaków a-Z oraz liczb 0-9. Minimum 3, maksimum 32 znaków.';
+$locale['step_admin_account_error_same'] = 'Hasło nie może być takie same jak nazwa konta.';
+$locale['step_admin_account_id'] = 'Numer Konta Admina';
+$locale['step_admin_account_id_desc'] = 'Numer Twojego Konta Admina, który będzie używany do logowania do strony i na serwer.';
+$locale['step_admin_account_id_error_format'] = 'Nieprawidłowy format numeru konta. Używaj tylko liczb 0-9. Minimum 6, maksimum 10 znaków.';
+$locale['step_admin_account_id_error_same'] = 'Hasło nie może być takie same jak numer konta.';
+$locale['step_admin_password'] = 'Hasło Konta Admina';
+$locale['step_admin_password_desc'] = 'Hasło do Twojego Konta Admina.';
+$locale['step_admin_password_error_empty'] = 'Proszę podać hasło do Twojego nowego konta.';
+$locale['step_admin_password_error_format'] = 'Nieprawidłowy format hasła. Używaj tylko znaków a-Z oraz liczb 0-9. Minimum 8, maksimum 30 characters.';
+
 // finish
 $locale['step_finish_admin_panel'] = 'Panelu Admina';
 $locale['step_finish_homepage'] = 'stronę główną';

system/migrations/17.php

@@ -18,6 +18,7 @@ CREATE TABLE `myaac_menu`
 /* MENU_CATEGORY_NEWS kathrine */
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Latest News', 'news', 1, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'News Archive', 'news/archive', 1, 1);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Changelog', 'changelog', 1, 2);
 /* MENU_CATEGORY_ACCOUNT kathrine */
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Account Management', 'account/manage', 2, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('kathrine', 'Create Account', 'account/create', 2, 1);
@@ -78,7 +79,6 @@ INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VA
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Gallery', 'gallery', 5, 4);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Server Info', 'serverInfo', 5, 5);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Experience Table', 'experienceTable', 5, 6);
-INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Support List', 'team', 5, 7);
 /* MENU_CATEGORY_SHOP tibiacom */
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Buy Points', 'points', 6, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop Offer', 'gifts', 6, 1);

system/migrations/19.php

@@ -0,0 +1,3 @@
+<?php
+// this migration has been removed, but file kept for compability
+?>

system/migrations/20.php

@@ -0,0 +1,39 @@
+<?php
+
+$config_file = BASE . 'config.local.php';
+if(!is_writable($config_file)) { // we can't do anything, just ignore
+	return;
+}
+
+$content_of_file = trim(file_get_contents($config_file));
+if(strpos($content_of_file, 'highscores_ids_hidden') !== false) { // already present
+	return;
+}
+
+$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . ") ORDER BY `id`;");
+
+$highscores_ignored_ids = array();
+if($query->rowCount() > 0) {
+	foreach($query->fetchAll() as $result)
+		$highscores_ignored_ids[] = $result['id'];
+}
+else {
+	$highscores_ignored_ids[] = 0;
+}
+
+$php_on_end = substr($content_of_file, -2, 2) == '?>';
+$content = PHP_EOL;
+if($php_on_end) {
+	$content .= '<?php';
+}
+
+$content .= PHP_EOL;
+$content .= '$config[\'highscores_ids_hidden\'] = array(' . implode(', ', $highscores_ignored_ids) . ');';
+$content .= PHP_EOL;
+
+if($php_on_end) {
+	$content .= '?>';
+}
+
+file_put_contents($config_file, $content, FILE_APPEND);
+?>

system/pages/admin/version.php

@@ -15,7 +15,8 @@ $title = 'Version check';
 //$myaac_version = fgets($file);
 $myaac_version = @file_get_contents('http://my-aac.org/VERSION');
 if(!$myaac_version) {
-	warning('Error while fetching version info from http://my-aac.org. Site might be offline.');
+	warning('Error while fetching version info from http://my-aac.org<br/>
+	Please try again later.');
 	return;
 }
 

system/pages/changelog.php

@@ -15,66 +15,32 @@ $id = isset($_GET['id']) ? $_GET['id'] : 0;
 $limit = 30;
 $offset = $_page * $limit;
 $next_page = false;
-?>
 
-<br/>
-<table border="0" cellspacing="1" cellpadding="4" width="100%">
-	<tr bgcolor="<?php echo $config['vdarkborder']; ?>">
-		<td width="22"><font class="white"><b>Type</b></font></td>
-		<td width="22"><font class="white"><b>Where</b></font></td>
-		<td width="50"><font class="white"><b>Date</b></font></td>
-		<td><font class="white"><b>Description</b></font></td>
-	</tr>
-<?php
+$changelogs = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'changelog' . '` WHERE `hidden` = 0 ORDER BY `id` DESC LIMIT ' . ($limit + 1) . ' OFFSET ' . $offset)->fetchAll();
 
-$changelogs = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'changelog') . ' ORDER BY ' . $db->fieldName('id') . ' DESC LIMIT ' . $limit . ' OFFSET ' . $offset);
-if(!$changelogs->rowCount())
+$i = 0;
+foreach($changelogs as $key => &$log)
 {
-?>
-	<tr>
-		<td bgcolor="<?php echo $config['lightborder']; ?>">There are no change logs for the moment.</td>
-	</tr>
-<?php
-	return;
-}
-else
-{
-	$i = 0;
-	foreach($changelogs as $log)
-	{
-		$type = getChangelogType($log['type']);
-		$where = getChangelogWhere($log['where']);
-?>
-		<tr bgcolor="<?php echo getStyle($i++); ?>">
-			<td align="center">
-				<img src="images/changelog/<?php echo $type; ?>.png" title="<?php echo ucfirst($type); ?>"/>
-			</td>
-			<td align="center">
-				<img src="images/changelog/<?php echo $where; ?>.png" title="<?php echo ucfirst($where); ?>"/>
-			</td>
-			<td><?php echo date("j.m.Y", $log['date']); ?></td>
-			<td><?php echo $log['body']; ?></td>
-		</tr>
-<?php
-		if ($i >= $limit)
-			$next_page = true;
+	if($i < $limit) {
+		$log['type'] = getChangelogType($log['type']);
+		$log['where'] = getChangelogWhere($log['where']);
+	}
+	else {
+		unset($changelogs[$key]);
 	}
-?>
-<table border="0" cellspacing="1" cellpadding="4" width="100%">
-<?
-	if($_page > 0)
-		echo '<tr><td width="100%" align="right" valign="bottom"><a href="?subtopic=changelog&page=' . ($_page - 1) . '" class="size_xxs">Previous Page</a></td></tr>';
 
-	if($next_page)
-		echo '<tr><td width="100%" align="right" valign="bottom"><a href="?subtopic=changelog&page=' . ($_page + 1) . '" class="size_xxs">Next Page</a></td></tr>';
-?>
-</table>
-<?php
+	if ($i >= $limit)
+		$next_page = true;
+	
+	$i++;
 }
 
-?>
-</table>
-<?php
+echo $twig->render('changelog.html.twig', array(
+	'changelogs' => $changelogs,
+	'page' => $_page,
+	'next_page' => $next_page,
+));
+
 function getChangelogType($v)
 {
 	switch($v) {
@@ -88,7 +54,7 @@ function getChangelogType($v)
 			return 'fixed';
 	}
 
-	return 'Unknown type';
+	return 'unknown';
 }
 
 function getChangelogWhere($v)
@@ -100,6 +66,6 @@ function getChangelogWhere($v)
 			return 'website';
 	}
 
-	return 'Unknown where';
+	return 'unknown';
 }
 ?>

system/pages/createaccount.php

@@ -26,7 +26,6 @@ if($save)
 {
 	if(USE_ACCOUNT_NAME) {
 		$account_name = $_POST['account'];
-		$account_name_up = strtoupper($account_name);
 	}
 	else
 		$account_id = $_POST['account'];
@@ -40,7 +39,7 @@ if($save)
 		if(!Validator::accountId($account_id))
 			$errors['account'] = Validator::getLastError();
 	}
-	else if(!Validator::accountName($account_name_up))
+	else if(!Validator::accountName($account_name))
 		$errors['account'] = Validator::getLastError();
 
 	// email
@@ -72,7 +71,7 @@ if($save)
 	}
 
 	// password
-	if(!isset($password[0])) {
+	if(empty($password)) {
 		$errors['password'] = 'Please enter the password for your new account.';
 	}
 	elseif($password != $password2) {
@@ -83,8 +82,7 @@ if($save)
 	}
 
 	// check if account name is not equal to password
-	if(USE_ACCOUNT_NAME && $account_name_up == strtoupper($password))
-	{
+	if(USE_ACCOUNT_NAME && strtoupper($account_name) == strtoupper($password)) {
 		$errors['password'] = 'Password may not be the same as account name.';
 	}
 

system/pages/guilds/delete_invite.php

@@ -61,6 +61,9 @@ if(empty($errors))
 			}
 		}
 	}
+	
+	if(!$guild_vice)
+		$errors[] = 'You are not a leader or vice leader of guild <b>' . $guild_name . '</b>.';
 }
 if(empty($errors))
 {
@@ -69,8 +72,6 @@ if(empty($errors))
 	if(!$player->isLoaded())
 		$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
 }
-if(!$guild_vice)
-	$errors[] = 'You are not a leader or vice leader of guild <b>' . $guild_name . '</b>.';
 
 if(empty($errors))
 {

system/pages/highscores.php

@@ -121,16 +121,16 @@ if($skill <= POT::SKILL_LAST) { // skills
 			POT::SKILL_FISH => 'skill_fishing',
 		);
 
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ', ' . $skill_ids[$skill] . ' as value FROM accounts,players WHERE players.id NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND accounts.id = players.account_id ORDER BY ' . $skill_ids[$skill] . ' DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . $outfit . ' FROM accounts,players,player_skills WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',value,level,vocation' . $promotion . $outfit . ' FROM accounts,players,player_skills WHERE players.id NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id > 6 AND players.id = player_skills.player_id AND player_skills.skillid = '.$skill.' AND accounts.id = players.account_id ORDER BY value DESC, count DESC LIMIT 101 OFFSET '.$offset);
 }
 else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 {
 	$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,vocation' . $promotion . $outfit . ',COUNT(`player_killers`.`player_id`) as value' .
 			' FROM `accounts`, `players`, `player_killers` ' .
-			' WHERE players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id = player_killers.player_id AND accounts.id = players.account_id' .
+			' WHERE players.id NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND players.' . $deleted . ' = 0 AND players.group_id < '.$config['highscores_groups_hidden'].' '.$add_sql.' AND players.id = player_killers.player_id AND accounts.id = players.account_id' .
 			' GROUP BY `player_id`' .
 			' ORDER BY value DESC' .
 			' LIMIT 101 OFFSET '.$offset);
@@ -138,10 +138,10 @@ else if($skill == 666 && $config['otserv_version'] == TFS_03) // frags
 else
 {
 	if($skill == POT::SKILL__MAGLEVEL) {
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',maglevel,level,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.id NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY maglevel DESC, manaspent DESC LIMIT 101 OFFSET '.$offset);
 	}
 	else { // level
-		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
+		$skills = $db->query('SELECT accounts.country, players.id,players.name' . $online . ',level,experience,vocation' . $promotion . $outfit . ' FROM accounts, players WHERE players.id NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND players.' . $deleted . ' = 0 '.$add_sql.' AND players.group_id < '.$config['highscores_groups_hidden'].' AND players.id > 6 AND accounts.id = players.account_id ORDER BY level DESC, experience DESC LIMIT 101 OFFSET '.$offset);
 		$list = 'experience';
 	}
 }

system/templates/changelog.html.twig

@@ -0,0 +1,38 @@
+<br/>
+<table border="0" cellspacing="1" cellpadding="4" width="100%">
+	<tr bgcolor="{{ config.vdarkborder }}">
+		<td width="22"><font class="white"><b>Type</b></font></td>
+		<td width="22"><font class="white"><b>Where</b></font></td>
+		<td width="50"><font class="white"><b>Date</b></font></td>
+		<td><font class="white"><b>Description</b></font></td>
+	</tr>
+	{% if changelogs|length > 0%}
+		{% set i = 0 %}
+		{% for log in changelogs %}
+		<tr bgcolor="{{ getStyle(i) }}">
+			<td align="center">
+				<img src="images/changelog/{{ log.type }}.png" title="{{ log.type|capitalize }}"/>
+			</td>
+			<td align="center">
+				<img src="images/changelog/{{ log.where }}.png" title="{{ log.where|capitalize }}"/>
+			</td>
+			<td>{{ log.date|date("j.m.Y") }}</td>
+			<td>{{ log.body|raw }}</td>
+		</tr>
+		{% set i = i + 1 %}
+		{% endfor %}
+	{% else %}
+	<tr>
+		<td bgcolor="{{ config.lightborder }}">There are no change logs for the moment.</td>
+	</tr>
+	{% endif %}
+	
+	<table border="0" cellspacing="1" cellpadding="4" width="100%">
+	{% if page > 0 %}
+		<tr><td width="100%" align="right" valign="bottom"><a href="{{ getLink('changelog/' ~ (page - 1)) }}" class="size_xxs">Previous Page</a></td></tr>
+		{% endif %}
+		{% if next_page %}
+		<tr><td width="100%" align="right" valign="bottom"><a href="{{ getLink('changelog/' ~ (page + 1)) }}" class="size_xxs">Next Page</a></td></tr>
+	{% endif %}
+	</table>
+</table>

system/templates/guilds.change_description.html.twig

@@ -6,7 +6,7 @@ Here you can change description of your guild.<br/>
 	(max. {{ config.guild_description_lines_limit }} lines, max. {{ config.guild_description_chars_limit }} chars) <input type="submit" value="Save description"/></form><br/>
 <br/>
 <center>
-	<form action="?subtopic=guilds&guild='.$guild->getName().'&action=manager" method="post">
+	<form action="?subtopic=guilds&guild={{ guild.getName() }}&action=manager" method="post">
 		{{ include('buttons.back.html.twig') }}
 	</form>
 </center>

system/templates/install.admin.html.twig

@@ -23,5 +23,10 @@
 		{% endfor %}
 	</table>
 
+	{% if errors is defined %}
+		{% for error in errors %}
+			<p class="error">{{ error }}</p>
+		{% endfor %}
+	{% endif %}
 	{{ buttons|raw }}
 </form>

system/templates/install.config.html.twig

@@ -23,7 +23,7 @@
 				<br/>
 				<select name="vars[client]" id="vars_client">
 					{% for id, version in clients %}
-					<option value="{{ id }}">{{ version }}</option>
+					<option value="{{ id }}"{% if session['var_client'] is not null and session['var_client'] == id %} selected{% endif %}>{{ version }}</option>
 					{% endfor %}
 				</select>
 			</td>
@@ -38,7 +38,7 @@
 				</label>
 				<br/>
 				<input type="hidden" value="0" name="vars[usage]">
-				<input type="checkbox" name="vars[usage]" id="vars_usage" value="1" checked/>
+				<input type="checkbox" name="vars[usage]" id="vars_usage" value="1"{% if session['var_usage'] is null or session['var_usage'] == 1 %} checked{% endif %}/>
 			</td>
 			<td>
 				<em>{{ locale.step_config_usage_desc }}</em>

templates/tibiacom/account.login.html.twig

@@ -1,4 +1,7 @@
 <form action="{{ getLink('account/manage') }}" method="post" style="margin: 0px; padding: 0px;">
+	{% if redirect is not null %}
+		<input type="hidden" name="redirect" value="{{ redirect }}" />
+	{% endif %}
 	<div class="TableContainer" >
 		<table class="Table4" cellpadding="0" cellspacing="0" >
 			<div class="CaptionContainer" >

templates/tibiacom/index.php

@@ -21,6 +21,9 @@ if(isset($config['boxes']))
 			if(PAGE != 'news') {
 				if(strpos(URI, 'subtopic=') !== false) {
 					$tmp = $_REQUEST['subtopic'];
+					if($tmp == 'accountmanagement') {
+						$tmp = 'accountmanage';
+					}
 				}
 				else {
 					$tmp = str_replace('/', '', URI);
@@ -316,7 +319,7 @@ if(isset($config['boxes']))
 $menus = get_template_menus();
 
 foreach($config['menu_categories'] as $id => $cat) {
-	if(!isset($menus[$id])) {
+	if(!isset($menus[$id]) || ($id == MENU_CATEGORY_SHOP && !$config['gifts_system'])) {
 		continue;
 	}
 	?>
@@ -353,7 +356,7 @@ foreach($config['menu_categories'] as $id => $cat) {
 	?>
 	</div>
 	<?php
-	if($id == MENU_CATEGORY_SHOP) {
+	if($id == MENU_CATEGORY_SHOP || (!$config['gifts_system'] && $id == MENU_CATEGORY_SHOP - 1)) {
 	?>
 		<div id='MenuBottom' style='background-image:url(<?php echo $template_path; ?>/images/general/box-bottom.gif);'></div>
 	<?php
@@ -403,10 +406,6 @@ foreach($config['menu_categories'] as $id => $cat) {
         </div>
         <div id="ThemeboxesColumn">
           <div id="RightArtwork">
-		  <?php
-			//$tmp_link =
-			//if($config['friendly_urls'])
-		  ?>
             <img id="Monster" src="images/monsters/<?php echo logo_monster() ?>.gif" onClick="window.location = '?subtopic=creatures&creature=<?php echo $config['logo_monster'] ?>';" alt="Monster of the Week" />
             <img id="PedestalAndOnline" src="<?php echo $template_path; ?>/images/header/pedestal-and-online.gif" alt="Monster Pedestal and Players Online Box"/>
           <div id="PlayersOnline" onClick="window.location = '<?php echo getLink('online'); ?>'">
@@ -427,8 +426,7 @@ foreach($config['menu_categories'] as $id => $cat) {
 				<?php
 				}
 			}
-			?>
- <?php
+
 	if($config['template_allow_change'])
 		 echo '<font color="white">Template:</font><br/>' . template_form();
  ?>

tools/signature/tibian.php

@@ -30,12 +30,17 @@
 	imagettftext($img, $fontsize, 0, 100, 43, $text, $font, number_format($player->getLevel()));
 
 	// experience bar
-	$exppercent = round($experience / $needexp * 100);
-	imagerectangle($img, 14, 46, 166, 50, $bar);
-	if($exppercent > 0)
-		imagefilledrectangle($img, 15, 47, $exppercent * 1.5 + 15, 49, $barfill);
+	$currLevelExp = OTS_Toolbox::experienceForLevel($player->getLevel());
+	$nextLevelExp = OTS_Toolbox::experienceForLevel($player->getLevel() + 1);
+	$levelPercent = 0;
+	if($nextLevelExp > $currLevelExp)
+		$levelPercent = (int)OTS_Player::getPercentLevel($experience - $currLevelExp, $nextLevelExp - $currLevelExp);
 
-	imagettftext($img, $fontsize, 0, 170, 51, $text, $font, $exppercent . '%');
+	imagerectangle($img, 14, 46, 166, 50, $bar);
+	if($levelPercent > 0)
+		imagefilledrectangle($img, 15, 47, $levelPercent * 1.5 + 15, 49, $barfill);
+
+	imagettftext($img, $fontsize, 0, 170, 51, $text, $font, $levelPercent . '%');
 
 	// vocation
 	$vocation = 'Unknown';

tools/validate.php

@@ -18,11 +18,8 @@ $error = '';
 if(isset($_GET['account']))
 {
 	$account = $_GET['account'];
-	$tmp = strtoupper($account);
-
-	if(USE_ACCOUNT_NAME)
-	{
-		if(!Validator::accountName($tmp))
+	if(USE_ACCOUNT_NAME) {
+		if(!Validator::accountName($account))
 			error_(Validator::getLastError());
 	}
 	else if(!Validator::accountId($account))
@@ -30,9 +27,9 @@ if(isset($_GET['account']))
 
 	$_account = new OTS_Account();
 	if(USE_ACCOUNT_NAME)
-		$_account->find($tmp);
+		$_account->find($account);
 	else
-		$_account->load($tmp);
+		$_account->load($account);
 
 	if($_account->isLoaded())
 		error_('Account with this name already exist.');