Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-09-14 12:33:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Digitalstack:v0.7.11
Branches Tags
Digitalstack:main Digitalstack:feature/2fa Digitalstack:feature/plugins-versions-check Digitalstack:0.8 Digitalstack:feature/pot-hook-filter Digitalstack:feature/highscores-customize Digitalstack:develop Digitalstack:feature/twig-hooks-filters Digitalstack:feature/app-rewrite Digitalstack:feature/account-actions-ip-rework Digitalstack:feature/docker Digitalstack:feature/refactor-account-lost Digitalstack:feature-tables-headline Digitalstack:feature/phpstan Digitalstack:feature/eloquent-db-dump Digitalstack:feature/debug-bar Digitalstack:feature/csrf Digitalstack:0.9 Digitalstack:feature/cronjob Digitalstack:feature/settings Digitalstack:feature/new-router Digitalstack:feature/recaptcha-v3-plus-login Digitalstack:0.7
Digitalstack:v1.8.1 Digitalstack:v1.8 Digitalstack:v1.7.1 Digitalstack:v1.7 Digitalstack:v1.6.1 Digitalstack:v0.8.24 Digitalstack:v1.6 Digitalstack:v1.5 Digitalstack:v0.8.23 Digitalstack:v1.4 Digitalstack:v1.3.3 Digitalstack:v1.3.2 Digitalstack:v1.3.1 Digitalstack:v1.3 Digitalstack:v1.2 Digitalstack:v1.1 Digitalstack:v0.8.22 Digitalstack:v1.0.1 Digitalstack:v1.0 Digitalstack:v0.8.21 Digitalstack:v0.8.20 Digitalstack:v0.8.19 Digitalstack:v1.0-RC Digitalstack:v0.8.18 Digitalstack:v1.0-beta Digitalstack:v0.8.17 Digitalstack:v0.8.16 Digitalstack:v0.8.15 Digitalstack:v0.8.14 Digitalstack:v0.8.13 Digitalstack:v0.8.12 Digitalstack:v0.8.11 Digitalstack:v0.9.0-alpha Digitalstack:v0.8.10 Digitalstack:v0.8.9 Digitalstack:v0.8.8 Digitalstack:v0.8.7 Digitalstack:v0.8.6 Digitalstack:v0.7.12a Digitalstack:v0.7.11 Digitalstack:v0.7.10 Digitalstack:v0.7.9 Digitalstack:v0.7.8 Digitalstack:v0.7.7 Digitalstack:v0.7.6 Digitalstack:v0.7.5 Digitalstack:v0.7.4 Digitalstack:v0.7.3 Digitalstack:v0.7.1 Digitalstack:v0.7.0 Digitalstack:v0.6.6 Digitalstack:v0.6.5 Digitalstack:v0.6.4 Digitalstack:v0.6.3 Digitalstack:v0.6.2 Digitalstack:v0.6.1 Digitalstack:v0.6.0 Digitalstack:v0.5.1 Digitalstack:v0.5.0 Digitalstack:v0.4.3 Digitalstack:v0.4.2 Digitalstack:v0.4.1 Digitalstack:v0.4.0 Digitalstack:v0.3.1 Digitalstack:v0.3.0 Digitalstack:v0.2.4 Digitalstack:v0.2.3 Digitalstack:v0.2.2 Digitalstack:v0.2.1 Digitalstack:v0.2.0 Digitalstack:v0.1.5 Digitalstack:v0.1.4 Digitalstack:v0.1.3 Digitalstack:v0.1.1 Digitalstack:v0.1.2 Digitalstack:v0.1.0 Digitalstack:v0.0.6 Digitalstack:v0.0.5 Digitalstack:v0.0.4 Digitalstack:v0.0.3 Digitalstack:v0.0.2 Digitalstack:v0.0.1
...
compare: Digitalstack:0.7
Branches Tags
Digitalstack:feature/2fa Digitalstack:main Digitalstack:feature/plugins-versions-check Digitalstack:0.8 Digitalstack:feature/pot-hook-filter Digitalstack:feature/highscores-customize Digitalstack:develop Digitalstack:feature/twig-hooks-filters Digitalstack:feature/app-rewrite Digitalstack:feature/account-actions-ip-rework Digitalstack:feature/docker Digitalstack:feature/refactor-account-lost Digitalstack:feature-tables-headline Digitalstack:feature/phpstan Digitalstack:feature/eloquent-db-dump Digitalstack:feature/debug-bar Digitalstack:feature/csrf Digitalstack:0.9 Digitalstack:feature/cronjob Digitalstack:feature/settings Digitalstack:feature/new-router Digitalstack:feature/recaptcha-v3-plus-login Digitalstack:0.7
Digitalstack:v1.8.1 Digitalstack:v1.8 Digitalstack:v1.7.1 Digitalstack:v1.7 Digitalstack:v1.6.1 Digitalstack:v0.8.24 Digitalstack:v1.6 Digitalstack:v1.5 Digitalstack:v0.8.23 Digitalstack:v1.4 Digitalstack:v1.3.3 Digitalstack:v1.3.2 Digitalstack:v1.3.1 Digitalstack:v1.3 Digitalstack:v1.2 Digitalstack:v1.1 Digitalstack:v0.8.22 Digitalstack:v1.0.1 Digitalstack:v1.0 Digitalstack:v0.8.21 Digitalstack:v0.8.20 Digitalstack:v0.8.19 Digitalstack:v1.0-RC Digitalstack:v0.8.18 Digitalstack:v1.0-beta Digitalstack:v0.8.17 Digitalstack:v0.8.16 Digitalstack:v0.8.15 Digitalstack:v0.8.14 Digitalstack:v0.8.13 Digitalstack:v0.8.12 Digitalstack:v0.8.11 Digitalstack:v0.9.0-alpha Digitalstack:v0.8.10 Digitalstack:v0.8.9 Digitalstack:v0.8.8 Digitalstack:v0.8.7 Digitalstack:v0.8.6 Digitalstack:v0.7.12a Digitalstack:v0.7.11 Digitalstack:v0.7.10 Digitalstack:v0.7.9 Digitalstack:v0.7.8 Digitalstack:v0.7.7 Digitalstack:v0.7.6 Digitalstack:v0.7.5 Digitalstack:v0.7.4 Digitalstack:v0.7.3 Digitalstack:v0.7.1 Digitalstack:v0.7.0 Digitalstack:v0.6.6 Digitalstack:v0.6.5 Digitalstack:v0.6.4 Digitalstack:v0.6.3 Digitalstack:v0.6.2 Digitalstack:v0.6.1 Digitalstack:v0.6.0 Digitalstack:v0.5.1 Digitalstack:v0.5.0 Digitalstack:v0.4.3 Digitalstack:v0.4.2 Digitalstack:v0.4.1 Digitalstack:v0.4.0 Digitalstack:v0.3.1 Digitalstack:v0.3.0 Digitalstack:v0.2.4 Digitalstack:v0.2.3 Digitalstack:v0.2.2 Digitalstack:v0.2.1 Digitalstack:v0.2.0 Digitalstack:v0.1.5 Digitalstack:v0.1.4 Digitalstack:v0.1.3 Digitalstack:v0.1.1 Digitalstack:v0.1.2 Digitalstack:v0.1.0 Digitalstack:v0.0.6 Digitalstack:v0.0.5 Digitalstack:v0.0.4 Digitalstack:v0.0.3 Digitalstack:v0.0.2 Digitalstack:v0.0.1

13 Commits
v0.7.11 ... 0.7

Author SHA1 Message Date
slawkens
a708abce03 add mostdamage killer 2022-11-05 07:15:32 +01:00
slawkens
f46f7d61e7 Update .gitignore 2021-12-28 07:22:58 +01:00
slawkens
1578d186c2 Ignore arrays in config.lua (fixes experienceStages loading) 
Also change version to 0.7.13-dev
 2021-12-16 20:24:34 +01:00
slawkens
af1ec6722b Update README.md 2021-10-23 13:44:30 +02:00
slawkens
5202298b60 Add notice about 0.7 being discontinued 2021-10-23 13:43:32 +02:00
slawkens
ed2f325ce1 Add some notice 2020-02-25 20:52:35 +01:00
slawkens
a467b55054 Fix class name in highscores 
(cherry picked from commit b8130d3fd3)
 2020-02-25 20:49:56 +01:00
slawkens
f9458da291 Move TODO to wiki 2020-02-24 22:22:54 +01:00
slawkens
e6b16cd420 Update to 0.7.12 2020-02-18 18:33:36 +01:00
slawkens
6bc14fb44f Fix #51 in 0.7 branch 2020-02-16 00:11:51 +01:00
slawkens
c37f593eda Temp fix for a space that Twig cuts.. 2020-02-15 03:54:20 +01:00
slawkens
5d499bc5e6 Patch some changes/fixes from 0.8 branch 
Fix Gesior signature double dollar $$
Add some missing <br/> to online page
Use  $config['last_kills_limit'] in lastkills.php
Fix save_ranks.php: getLastError();
Fix PHPMailer autoloader
Fix leaking sensitive informations on MySQL Connection Fail
Add nginx-sample.conf
Change myaac_monsters.loot to text
Add more files to ignore file
 2020-02-15 03:37:18 +01:00
slawkens
a7105d33f2 Fix some 7.4 notices about OTS_Account bans 
Example: Notice: Trying to access array offset on value of type bool in C:\UniServerZ\www\system\libs\pot\OTS_Account.php on line 784
(cherry picked from commit 259cda150d)
 2020-02-13 01:01:27 +01:00
21 changed files with 249 additions and 165 deletions
Expand all files Collapse all files

36
.gitignore vendored
View File

@@ -1,3 +1,37 @@
Thumbs.db Thumbs.db
.DS_Store .DS_Store
.idea .idea
node_modules
vendor
composer.lock
releases
config.local.php
PERSONAL_NOTES
# all custom templates
templates/*
!templates/tibiacom
!templates/kathrine
# guild images
images/guilds/*
!images/guilds/default.gif
# cache
system/cache/*
!system/cache/index.html
!system/cache/twig/index.html
!system/cache/signatures/index.html
# logs
system/logs/*
!system/logs/index.html
# plugins
plugins/*
!plugins/.htaccess
!plugins/example.json
!plugins/account-create-hint.json
!plugins/account-create-hint
landing

17
CHANGELOG.md
View File

@@ -1,5 +1,22 @@
# Changelog # Changelog
## [0.7.13 - not-release-yet]
### Fixed
* Ignore arrays in config.lua (fixes experienceStages loading)
## [0.7.12 - 18.02.2020]
### Fixed
* change guild nick function causing crash on TFS 1.x because of invalid characters being accepted
* PHP Mailer autoload function on newer PHP
* gesior signature guild rank loading
* leaking database password when cannot connect
* config.last_kills_limit being ignored
* monster.loot being cutted off cause of too short column (changed to TEXT)
### Added
* nginx-sample.conf
## [0.7.11 - 04.05.2019] ## [0.7.11 - 04.05.2019]
### Added: ### Added:
* support for some old servers, where arrays are used in config.lua * support for some old servers, where arrays are used in config.lua

6
README.md
View File

@@ -1,4 +1,10 @@
# PLEASE DO NOT USE THIS BRANCH/VERSION
## It is discontinued and won't receive any updates
## Switch to master branch instead
## It's keept only for archival purposes
# myaac # myaac
MyAAC is a free and open-source Automatic Account Creator (AAC) and Content Management System (CMS) written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases. MyAAC is a free and open-source Automatic Account Creator (AAC) and Content Management System (CMS) written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
Official website: https://my-aac.org Official website: https://my-aac.org

37
TODO
View File

@@ -1,37 +0,0 @@
// MyAAC TODO
0.*
* support duplicated vocation names with different ids
* plugins: option to define custom requirements check in json file, to check if system meets the requirement
* add support for defining max myaac version in plugin.json file
* cache Menus in templates
* don't show error indicators on first time load - createaccount page
* update Twig to the latest version from 1.x branch
* semantic versioning support for plugins (github.com/composer/semver)
* add some notice to the user that installing step "Import Schema" will take some time
* check user IP on installing to prevent install by random user
1.0:
* i18n support (issue #1 on github)
* New Admin Panel layout and interface
* add changelog management interface
* remove tibiacom template, and include it as a plugin
2.0
* remove compat functions
* folder restructure:
* var/ (for logs, cache and data), config/, bin, public/ (for index and images and other public content), system/ (for php files and classess)
* rename templates to layouts as templates is meant to be used for twig templates
* change gifts_system to shop_system configurable
* move most used options in system/templates dir to separate directories (more transparent)
At any time between (version not specified):
* better news archive with search function (like on tibia.com)
* guild wars management (issue #13 on github)
* update account.management page to be more realistic (like on tibia.com)
* update guilds page to be more realistic (like on tibia.com)
* possibility to add extra cache engines with plugins
* preferably configurable (enable/disable) forum TinyMCE editor
* new cache engine - plain php, is good with pure php 7.0+ and opcache
* OTAdmin support in Admin Panel
* database towns table support for TFS 1.3

2
common.php
View File

@@ -26,7 +26,7 @@
session_start(); session_start();
define('MYAAC', true); define('MYAAC', true);
define('MYAAC_VERSION', '0.7.11'); define('MYAAC_VERSION', '0.7.13-dev');
define('DATABASE_VERSION', 22); define('DATABASE_VERSION', 22);
define('TABLE_PREFIX', 'myaac_'); define('TABLE_PREFIX', 'myaac_');
define('START_TIME', microtime(true)); define('START_TIME', microtime(true));

2
install/includes/schema.sql
View File

@@ -236,7 +236,7 @@ CREATE TABLE `myaac_monsters` (
`summonable` tinyint(1) NOT NULL, `summonable` tinyint(1) NOT NULL,
`convinceable` tinyint(1) NOT NULL, `convinceable` tinyint(1) NOT NULL,
`race` varchar(255) NOT NULL, `race` varchar(255) NOT NULL,
`loot` varchar(500) NOT NULL, `loot` text NOT NULL,
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE = MyISAM; ) ENGINE = MyISAM;

56
install/steps/5-database.php
View File

@@ -34,13 +34,13 @@ if(!$error) {
} }
} }
} }
require(BASE . 'install/includes/config.php'); require(BASE . 'install/includes/config.php');
if(!$error) { if(!$error) {
success($locale['step_database_importing']); success($locale['step_database_importing']);
require(BASE . 'install/includes/database.php'); require(BASE . 'install/includes/database.php');
if(!tableExist('accounts')) { if(!tableExist('accounts')) {
$locale['step_database_error_table'] = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']); $locale['step_database_error_table'] = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
error($locale['step_database_error_table']); error($locale['step_database_error_table']);
@@ -70,14 +70,14 @@ if(!$error) {
error($locale['step_database_error_schema'] . ' ' . $error_); error($locale['step_database_error_schema'] . ' ' . $error_);
$error = true; $error = true;
} }
if(!$error) { if(!$error) {
registerDatabaseConfig('database_version', DATABASE_VERSION); registerDatabaseConfig('database_version', DATABASE_VERSION);
$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']); $locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
success($locale['step_database_success_schema']); success($locale['step_database_success_schema']);
} }
} }
if(!$error) { if(!$error) {
if(fieldExist('key', 'accounts')) { if(fieldExist('key', 'accounts')) {
if(query("ALTER TABLE `accounts` MODIFY `key` VARCHAR(64) NOT NULL DEFAULT '';")) if(query("ALTER TABLE `accounts` MODIFY `key` VARCHAR(64) NOT NULL DEFAULT '';"))
@@ -87,32 +87,32 @@ if(!$error) {
if(query("ALTER TABLE `accounts` ADD `key` VARCHAR(64) NOT NULL DEFAULT '' AFTER `email`;")) if(query("ALTER TABLE `accounts` ADD `key` VARCHAR(64) NOT NULL DEFAULT '' AFTER `email`;"))
success($locale['step_database_adding_field'] . ' accounts.key...'); success($locale['step_database_adding_field'] . ' accounts.key...');
} }
if(!fieldExist('blocked', 'accounts')) { if(!fieldExist('blocked', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `blocked` TINYINT(1) NOT NULL DEFAULT FALSE COMMENT 'internal usage' AFTER `key`;")) if(query("ALTER TABLE `accounts` ADD `blocked` TINYINT(1) NOT NULL DEFAULT FALSE COMMENT 'internal usage' AFTER `key`;"))
success($locale['step_database_adding_field'] . ' accounts.blocked...'); success($locale['step_database_adding_field'] . ' accounts.blocked...');
} }
if(!fieldExist('created', 'accounts')) { if(!fieldExist('created', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `created` INT(11) NOT NULL DEFAULT 0 AFTER `" . (fieldExist('group_id', 'accounts') ? 'group_id' : 'blocked') . "`;")) if(query("ALTER TABLE `accounts` ADD `created` INT(11) NOT NULL DEFAULT 0 AFTER `" . (fieldExist('group_id', 'accounts') ? 'group_id' : 'blocked') . "`;"))
success($locale['step_database_adding_field'] . ' accounts.created...'); success($locale['step_database_adding_field'] . ' accounts.created...');
} }
if(!fieldExist('rlname', 'accounts')) { if(!fieldExist('rlname', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `rlname` VARCHAR(255) NOT NULL DEFAULT '' AFTER `created`;")) if(query("ALTER TABLE `accounts` ADD `rlname` VARCHAR(255) NOT NULL DEFAULT '' AFTER `created`;"))
success($locale['step_database_adding_field'] . ' accounts.rlname...'); success($locale['step_database_adding_field'] . ' accounts.rlname...');
} }
if(!fieldExist('location', 'accounts')) { if(!fieldExist('location', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `location` VARCHAR(255) NOT NULL DEFAULT '' AFTER `rlname`;")) if(query("ALTER TABLE `accounts` ADD `location` VARCHAR(255) NOT NULL DEFAULT '' AFTER `rlname`;"))
success($locale['step_database_adding_field'] . ' accounts.location...'); success($locale['step_database_adding_field'] . ' accounts.location...');
} }
if(!fieldExist('country', 'accounts')) { if(!fieldExist('country', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `country` VARCHAR(3) NOT NULL DEFAULT '' AFTER `location`;")) if(query("ALTER TABLE `accounts` ADD `country` VARCHAR(3) NOT NULL DEFAULT '' AFTER `location`;"))
success($locale['step_database_adding_field'] . ' accounts.country...'); success($locale['step_database_adding_field'] . ' accounts.country...');
} }
if(fieldExist('page_lastday', 'accounts')) { if(fieldExist('page_lastday', 'accounts')) {
if(query("ALTER TABLE `accounts` CHANGE `page_lastday` `web_lastlogin` INT(11) NOT NULL DEFAULT 0;")) { if(query("ALTER TABLE `accounts` CHANGE `page_lastday` `web_lastlogin` INT(11) NOT NULL DEFAULT 0;")) {
$tmp = str_replace('$FIELD$', 'accounts.page_lastday', $locale['step_database_changing_field']); $tmp = str_replace('$FIELD$', 'accounts.page_lastday', $locale['step_database_changing_field']);
@@ -124,32 +124,32 @@ if(!$error) {
if(query("ALTER TABLE `accounts` ADD `web_lastlogin` INT(11) NOT NULL DEFAULT 0 AFTER `country`;")) if(query("ALTER TABLE `accounts` ADD `web_lastlogin` INT(11) NOT NULL DEFAULT 0 AFTER `country`;"))
success($locale['step_database_adding_field'] . ' accounts.web_lastlogin...'); success($locale['step_database_adding_field'] . ' accounts.web_lastlogin...');
} }
if(!fieldExist('web_flags', 'accounts')) { if(!fieldExist('web_flags', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `web_flags` INT(11) NOT NULL DEFAULT 0 AFTER `web_lastlogin`;")) if(query("ALTER TABLE `accounts` ADD `web_flags` INT(11) NOT NULL DEFAULT 0 AFTER `web_lastlogin`;"))
success($locale['step_database_adding_field'] . ' accounts.web_flags...'); success($locale['step_database_adding_field'] . ' accounts.web_flags...');
} }
if(!fieldExist('email_hash', 'accounts')) { if(!fieldExist('email_hash', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `email_hash` VARCHAR(32) NOT NULL DEFAULT '' AFTER `web_flags`;")) if(query("ALTER TABLE `accounts` ADD `email_hash` VARCHAR(32) NOT NULL DEFAULT '' AFTER `web_flags`;"))
success($locale['step_database_adding_field'] . ' accounts.email_hash...'); success($locale['step_database_adding_field'] . ' accounts.email_hash...');
} }
if(!fieldExist('email_verified', 'accounts')) { if(!fieldExist('email_verified', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `email_hash`;")) if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `email_hash`;"))
success($locale['step_database_adding_field'] . ' accounts.email_verified...'); success($locale['step_database_adding_field'] . ' accounts.email_verified...');
} }
if(!fieldExist('email_new', 'accounts')) { if(!fieldExist('email_new', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_hash`;")) if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_hash`;"))
success($locale['step_database_adding_field'] . ' accounts.email_new...'); success($locale['step_database_adding_field'] . ' accounts.email_new...');
} }
if(!fieldExist('email_new_time', 'accounts')) { if(!fieldExist('email_new_time', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `email_new_time` INT(11) NOT NULL DEFAULT 0 AFTER `email_new`;")) if(query("ALTER TABLE `accounts` ADD `email_new_time` INT(11) NOT NULL DEFAULT 0 AFTER `email_new`;"))
success($locale['step_database_adding_field'] . ' accounts.email_new_time...'); success($locale['step_database_adding_field'] . ' accounts.email_new_time...');
} }
if(!fieldExist('email_code', 'accounts')) { if(!fieldExist('email_code', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `email_code` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_new_time`;")) if(query("ALTER TABLE `accounts` ADD `email_code` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_new_time`;"))
success($locale['step_database_adding_field'] . ' accounts.email_code...'); success($locale['step_database_adding_field'] . ' accounts.email_code...');
@@ -168,7 +168,7 @@ if(!$error) {
if(query("ALTER TABLE `accounts` ADD `email_next` INT(11) NOT NULL DEFAULT 0 AFTER `email_code`;")) if(query("ALTER TABLE `accounts` ADD `email_next` INT(11) NOT NULL DEFAULT 0 AFTER `email_code`;"))
success($locale['step_database_adding_field'] . ' accounts.email_next...'); success($locale['step_database_adding_field'] . ' accounts.email_next...');
} }
if(!fieldExist('premium_points', 'accounts')) { if(!fieldExist('premium_points', 'accounts')) {
if(query("ALTER TABLE `accounts` ADD `premium_points` INT(11) NOT NULL DEFAULT 0 AFTER `email_next`;")) if(query("ALTER TABLE `accounts` ADD `premium_points` INT(11) NOT NULL DEFAULT 0 AFTER `email_next`;"))
success($locale['step_database_adding_field'] . ' accounts.premium_points...'); success($locale['step_database_adding_field'] . ' accounts.premium_points...');
@@ -183,7 +183,7 @@ if(!$error) {
if(query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;")) if(query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;"))
success($locale['step_database_adding_field'] . ' guilds.description...'); success($locale['step_database_adding_field'] . ' guilds.description...');
} }
if(fieldExist('logo_gfx_name', 'guilds')) { if(fieldExist('logo_gfx_name', 'guilds')) {
if(query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) { if(query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) {
$tmp = str_replace('$FIELD$', 'guilds.logo_gfx_name', $locale['step_database_changing_field']); $tmp = str_replace('$FIELD$', 'guilds.logo_gfx_name', $locale['step_database_changing_field']);
@@ -195,15 +195,15 @@ if(!$error) {
if(query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) if(query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
success($locale['step_database_adding_field'] . ' guilds.logo_name...'); success($locale['step_database_adding_field'] . ' guilds.logo_name...');
} }
if(!fieldExist('created', 'players')) { if(!fieldExist('created', 'players')) {
if(query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;")) if(query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
success($locale['step_database_adding_field'] . ' players.created...'); success($locale['step_database_adding_field'] . ' players.created...');
} }
if(!fieldExist('deleted', 'players') && !fieldExist('deletion', 'players')) { if(!fieldExist('deleted', 'players') && !fieldExist('deletion', 'players')) {
if(query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;")) if(query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;"))
success($locale['step_database_adding_field'] . ' players.comment...'); success($locale['step_database_adding_field'] . ' players.deleted...');
} }
if(fieldExist('hide_char', 'players')) { if(fieldExist('hide_char', 'players')) {
@@ -219,16 +219,16 @@ if(!$error) {
if(query("ALTER TABLE `players` ADD `hidden` TINYINT(1) NOT NULL DEFAULT 0;")) if(query("ALTER TABLE `players` ADD `hidden` TINYINT(1) NOT NULL DEFAULT 0;"))
success($locale['step_database_adding_field'] . ' players.hidden...'); success($locale['step_database_adding_field'] . ' players.hidden...');
} }
if(!fieldExist('comment', 'players')) { if(!fieldExist('comment', 'players')) {
if(query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;")) if(query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
success($locale['step_database_adding_field'] . ' players.comment...'); success($locale['step_database_adding_field'] . ' players.comment...');
} }
if(fieldExist('rank_id', 'players')) { if(fieldExist('rank_id', 'players')) {
if(query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;")) if(query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
success($locale['step_database_modifying_field'] . ' players.rank_id...'); success($locale['step_database_modifying_field'] . ' players.rank_id...');
if(fieldExist('guildnick', 'players')) { if(fieldExist('guildnick', 'players')) {
if(query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) { if(query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
success($locale['step_database_modifying_field'] . ' players.guildnick...'); success($locale['step_database_modifying_field'] . ' players.guildnick...');
@@ -236,7 +236,7 @@ if(!$error) {
} }
} }
} }
if(!$error && (!isset($_SESSION['saved']))) { if(!$error && (!isset($_SESSION['saved']))) {
$content .= '$config[\'installed\'] = true;'; $content .= '$config[\'installed\'] = true;';
$content .= PHP_EOL; $content .= PHP_EOL;
@@ -251,7 +251,7 @@ if(!$error) {
error($locale['step_config_mail_address_error']); error($locale['step_config_mail_address_error']);
$error = true; $error = true;
} }
$content .= '$config[\'client_download\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/exe/windows\';'; $content .= '$config[\'client_download\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/exe/windows\';';
$content .= PHP_EOL; $content .= PHP_EOL;
$content .= '$config[\'client_download_linux\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/tar/linux\';'; $content .= '$config[\'client_download_linux\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/tar/linux\';';
@@ -260,7 +260,7 @@ if(!$error) {
$content .= PHP_EOL; $content .= PHP_EOL;
$content .= '$config[\'cache_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';'; $content .= '$config[\'cache_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';';
$content .= PHP_EOL; $content .= PHP_EOL;
$file = fopen(BASE . 'config.local.php', 'a+'); $file = fopen(BASE . 'config.local.php', 'a+');
if($file) { if($file) {
if(!$error) { if(!$error) {

25
nginx-sample.conf Normal file
View File

@@ -0,0 +1,25 @@
server {
listen 80;
root /home/otserv/www/public;
index index.php;
server_name your-domain.com;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_read_timeout 240;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location /system {
deny all;
return 404;
}
}

2
system/database.php
View File

@@ -95,7 +95,7 @@ defined('MYAAC') or die('Direct access not allowed!');
'<ul>' . '<ul>' .
'<li>MySQL is not configured propertly in <i>config.lua</i>.</li>' . '<li>MySQL is not configured propertly in <i>config.lua</i>.</li>' .
'<li>MySQL server is not running.</li>' . '<li>MySQL server is not running.</li>' .
'</ul>' . $error); '</ul>' . $error->getMessage());
} }
$db = POT::getInstance()->getDBHandle(); $db = POT::getInstance()->getDBHandle();

11
system/functions.php
View File

@@ -895,6 +895,13 @@ function load_config_lua($filename)
if(count($lines) > 0) if(count($lines) > 0)
foreach($lines as $ln => $line) foreach($lines as $ln => $line)
{ {
$line = trim($line);
if(@$line[0] === '{' || @$line[0] === '}') {
// arrays are not supported yet
// just ignore the error
continue;
}
$tmp_exp = explode('=', $line, 2); $tmp_exp = explode('=', $line, 2);
if(strpos($line, 'dofile') !== false) if(strpos($line, 'dofile') !== false)
{ {
@@ -921,9 +928,11 @@ function load_config_lua($filename)
$result[$key] = (string) substr(substr($value, 1), 0, -1); $result[$key] = (string) substr(substr($value, 1), 0, -1);
elseif(in_array($value, array('true', 'false'))) elseif(in_array($value, array('true', 'false')))
$result[$key] = ($value == 'true') ? true : false; $result[$key] = ($value == 'true') ? true : false;
elseif(substr($value, 0 , 1) == '{' && substr($value, -1 , 1) == '}') { //elseif(substr($value, 0 , 1) == '{' && substr($value, -1 , 1) == '}') {
elseif(@$value[0] === '{') {
// arrays are not supported yet // arrays are not supported yet
// just ignore the error // just ignore the error
continue;
} }
else else
{ {

16
system/libs/phpmailer/PHPMailerAutoload.php
View File

@@ -30,20 +30,4 @@ function PHPMailerAutoload($classname)
} }
} }
if (version_compare(PHP_VERSION, '5.1.2', '>=')) {
//SPL autoloading was introduced in PHP 5.1.2
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
spl_autoload_register('PHPMailerAutoload', true, true); spl_autoload_register('PHPMailerAutoload', true, true);
} else {
spl_autoload_register('PHPMailerAutoload');
}
} else {
/**
* Fall back to traditional autoload for old PHP versions
* @param string $classname The name of the class to load
*/
function __autoload($classname)
{
PHPMailerAutoload($classname);
}
}

16
system/libs/pot/OTS_Account.php
View File

@@ -755,7 +755,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
} }
if( !isset($this->data['banned']) ) if( !isset($this->data['banned']) )
$this->loadBan(); $this->loadBan();
return ($this->data['banned'] == 1); return ($this->data['banned'] === true);
} }
public function getBanTime() public function getBanTime()
@@ -781,20 +781,24 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
if(tableExist('account_bans')) { if(tableExist('account_bans')) {
$ban = $this->db->query('SELECT `expires_at` FROM `account_bans` WHERE `account_id` = ' . $this->data['id'] . ' AND (`expires_at` > ' . time() .' OR `expires_at` = -1) ORDER BY `expires_at` DESC')->fetch(); $ban = $this->db->query('SELECT `expires_at` FROM `account_bans` WHERE `account_id` = ' . $this->data['id'] . ' AND (`expires_at` > ' . time() .' OR `expires_at` = -1) ORDER BY `expires_at` DESC')->fetch();
$this->data['banned'] = isset($ban['expires_at']); $this->data['banned'] = isset($ban['expires_at']);
$this->data['banned_time'] = $ban['expires_at']; $this->data['banned_time'] = isset($ban['expires_at']) ? $ban['expires_at'] : 0;
} }
else if(tableExist('bans')) { else if(tableExist('bans')) {
if(fieldExist('active', 'bans')) { if(fieldExist('active', 'bans')) {
$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch(); $ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
$this->data['banned'] = $ban['active']; $this->data['banned'] = isset($ban['active']);
$this->data['banned_time'] = $ban['expires']; $this->data['banned_time'] = isset($ban['expires']) ? $ban['expires'] : 0;
} }
else { // tfs 0.2 else { // tfs 0.2
$ban = $this->db->query('SELECT `time` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `account` = ' . $this->data['id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch(); $ban = $this->db->query('SELECT `time` FROM `bans` WHERE (`type` = 3 OR `type` = 5) AND `account` = ' . $this->data['id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
$this->data['banned'] = $ban['time'] == -1 || $ban['time'] > 0; $this->data['banned'] = isset($ban['time']) && ($ban['time'] == -1 || $ban['time'] > 0);
$this->data['banned_time'] = $ban['time']; $this->data['banned_time'] = isset($ban['time']) ? $ban['time'] : 0;
} }
} }
else {
$this->data['banned'] = false;
$this->data['banned_time'] = 0;
}
} }
/** /**

143
system/libs/validator.php
View File

@@ -17,10 +17,10 @@ class Validator
self::$lastError = 'Invalid number format.'; self::$lastError = 'Invalid number format.';
return false; return false;
} }
return true; return true;
} }
/** /**
* Validate account id * Validate account id
* Id lenght must be 6-10 chars * Id lenght must be 6-10 chars
@@ -35,28 +35,28 @@ class Validator
self::$lastError = 'Please enter your account number!'; self::$lastError = 'Please enter your account number!';
return false; return false;
} }
if(!Validator::number($id)) { if(!Validator::number($id)) {
self::$lastError = 'Invalid account number format. Please use only numbers 0-9.'; self::$lastError = 'Invalid account number format. Please use only numbers 0-9.';
return false; return false;
} }
$length = strlen($id); $length = strlen($id);
if($length < 6) if($length < 6)
{ {
self::$lastError = 'Account is too short (min. 6 chars).'; self::$lastError = 'Account is too short (min. 6 chars).';
return false; return false;
} }
if($length > 10) if($length > 10)
{ {
self::$lastError = 'Account is too long (max. 10 chars).'; self::$lastError = 'Account is too long (max. 10 chars).';
return false; return false;
} }
return true; return true;
} }
/** /**
* Validate account name * Validate account name
* Name lenght must be 3-32 chars * Name lenght must be 3-32 chars
@@ -71,29 +71,29 @@ class Validator
self::$lastError = 'Please enter your account name!'; self::$lastError = 'Please enter your account name!';
return false; return false;
} }
$length = strlen($name); $length = strlen($name);
if($length < 3) if($length < 3)
{ {
self::$lastError = 'Account name is too short (min. 3 chars).'; self::$lastError = 'Account name is too short (min. 3 chars).';
return false; return false;
} }
if($length > 32) if($length > 32)
{ {
self::$lastError = 'Account name is too long (max. 32 chars).'; self::$lastError = 'Account name is too long (max. 32 chars).';
return false; return false;
} }
if(!preg_match("/[A-Z0-9]/i", $name)) if(!preg_match("/[A-Z0-9]/i", $name))
{ {
self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.'; self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.';
return false; return false;
} }
return true; return true;
} }
/** /**
* Advanced mail validator * Advanced mail validator
* *
@@ -105,17 +105,17 @@ class Validator
self::$lastError = 'Please enter your new email address.'; self::$lastError = 'Please enter your new email address.';
return false; return false;
} }
if(strlen($email) > 255) { if(strlen($email) > 255) {
self::$lastError = 'E-mail is too long (max. 255 chars).'; self::$lastError = 'E-mail is too long (max. 255 chars).';
return false; return false;
} }
if(!preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email)) { if(!preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email)) {
self::$lastError = 'Invalid e-mail format.'; self::$lastError = 'Invalid e-mail format.';
return false; return false;
} }
return true; return true;
} }
@@ -132,35 +132,35 @@ class Validator
self::$lastError = 'Please enter the password.'; self::$lastError = 'Please enter the password.';
return false; return false;
} }
if (strlen($password) < 8 || strlen($password) > 30) { if (strlen($password) < 8 || strlen($password) > 30) {
self::$lastError = 'The password must have at least 8 and maximum 30 letters!'; self::$lastError = 'The password must have at least 8 and maximum 30 letters!';
return false; return false;
} }
if(strspn($password, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890") != strlen($password)) { if(strspn($password, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890") != strlen($password)) {
self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).'; self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).';
return false; return false;
} }
if(!ctype_alnum($password)) { if(!ctype_alnum($password)) {
self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).'; self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).';
return false; return false;
} }
if(!preg_match('/[a-zA-Z]/', $password)) { if(!preg_match('/[a-zA-Z]/', $password)) {
self::$lastError = 'The password must contain at least one letter A-Z or a-z!'; self::$lastError = 'The password must contain at least one letter A-Z or a-z!';
return false; return false;
} }
if(!preg_match('/[0-9]/', $password)) { if(!preg_match('/[0-9]/', $password)) {
self::$lastError = 'The password must contain at least one letter other than A-Z or a-z!'; self::$lastError = 'The password must contain at least one letter other than A-Z or a-z!';
return false; return false;
} }
return true; return true;
} }
/** /**
* Validate character name. * Validate character name.
* Name lenght must be 3-25 chars * Name lenght must be 3-25 chars
@@ -175,20 +175,20 @@ class Validator
self::$lastError = 'Please enter character name.'; self::$lastError = 'Please enter character name.';
return false; return false;
} }
$length = strlen($name); $length = strlen($name);
if($length < 3) if($length < 3)
{ {
self::$lastError = 'Character name is too short. Min. lenght <b>3</b> characters.'; self::$lastError = 'Character name is too short. Min. lenght <b>3</b> characters.';
return false; return false;
} }
if($length > 25) if($length > 25)
{ {
self::$lastError = 'Character name is too long. Max. lenght <b>25</b> characters.'; self::$lastError = 'Character name is too long. Max. lenght <b>25</b> characters.';
return false; return false;
} }
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length) if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length)
{ {
self::$lastError = "Invalid name format. Use only A-Z, spaces and '."; self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
@@ -199,10 +199,10 @@ class Validator
self::$lastError = "Invalid name format. Use only A-Z, spaces and '."; self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
return false; return false;
} }
return true; return true;
} }
/** /**
* Validate new character name. * Validate new character name.
* Name lenght must be 3-25 chars * Name lenght must be 3-25 chars
@@ -213,9 +213,9 @@ class Validator
public static function newCharacterName($name) public static function newCharacterName($name)
{ {
global $db, $config; global $db, $config;
$name_lower = strtolower($name); $name_lower = strtolower($name);
$first_words_blocked = array('admin ', 'administrator ', 'gm ', 'cm ', 'god ','tutor ', "'", '-'); $first_words_blocked = array('admin ', 'administrator ', 'gm ', 'cm ', 'god ','tutor ', "'", '-');
foreach($first_words_blocked as $word) foreach($first_words_blocked as $word)
{ {
@@ -224,27 +224,27 @@ class Validator
return false; return false;
} }
} }
if(substr($name_lower, -1) == "'" || substr($name_lower, -1) == "-") { if(substr($name_lower, -1) == "'" || substr($name_lower, -1) == "-") {
self::$lastError = 'Your name contains illegal characters.'; self::$lastError = 'Your name contains illegal characters.';
return false; return false;
} }
if(substr($name_lower, 1, 1) == ' ') { if(substr($name_lower, 1, 1) == ' ') {
self::$lastError = 'Your name contains illegal space.'; self::$lastError = 'Your name contains illegal space.';
return false; return false;
} }
if(substr($name_lower, -2, 1) == " ") { if(substr($name_lower, -2, 1) == " ") {
self::$lastError = 'Your name contains illegal space.'; self::$lastError = 'Your name contains illegal space.';
return false; return false;
} }
if(strtolower($config['lua']['serverName']) == $name_lower) { if(strtolower($config['lua']['serverName']) == $name_lower) {
self::$lastError = 'Your name cannot be same as server name.'; self::$lastError = 'Your name cannot be same as server name.';
return false; return false;
} }
$names_blocked = array('admin', 'administrator', 'gm', 'cm', 'god', 'tutor'); $names_blocked = array('admin', 'administrator', 'gm', 'cm', 'god', 'tutor');
foreach($names_blocked as $word) foreach($names_blocked as $word)
{ {
@@ -253,7 +253,7 @@ class Validator
return false; return false;
} }
} }
$words_blocked = array('admin', 'administrator', 'gamemaster', 'game master', 'game-master', "game'master", '--', "''","' ", " '", '- ', ' -', "-'", "'-", 'fuck', 'sux', 'suck', 'noob', 'tutor'); $words_blocked = array('admin', 'administrator', 'gamemaster', 'game master', 'game-master', "game'master", '--', "''","' ", " '", '- ', ' -', "-'", "'-", 'fuck', 'sux', 'suck', 'noob', 'tutor');
foreach($words_blocked as $word) foreach($words_blocked as $word)
{ {
@@ -262,7 +262,7 @@ class Validator
return false; return false;
} }
} }
$name_length = strlen($name_lower); $name_length = strlen($name_lower);
for($i = 0; $i < $name_length; $i++) for($i = 0; $i < $name_length; $i++)
{ {
@@ -271,7 +271,7 @@ class Validator
return false; return false;
} }
} }
for($i = 0; $i < $name_length; $i++) for($i = 0; $i < $name_length; $i++)
{ {
if(isset($name_lower[$i - 1]) && $name_lower[$i - 1] == ' ' && isset($name_lower[$i + 1]) && $name_lower[$i + 1] == ' ') { if(isset($name_lower[$i - 1]) && $name_lower[$i - 1] == ' ' && isset($name_lower[$i + 1]) && $name_lower[$i + 1] == ' ') {
@@ -279,7 +279,7 @@ class Validator
return false; return false;
} }
} }
if(isset($config['monsters'])) if(isset($config['monsters']))
{ {
if(in_array($name_lower, $config['monsters'])) { if(in_array($name_lower, $config['monsters'])) {
@@ -287,14 +287,14 @@ class Validator
return false; return false;
} }
} }
$player = new OTS_Player(); $player = new OTS_Player();
$player->find($name); $player->find($name);
if($player->isLoaded()) { if($player->isLoaded()) {
self::$lastError = 'Character with this name already exist.'; self::$lastError = 'Character with this name already exist.';
return false; return false;
} }
//check if was namelocked previously //check if was namelocked previously
if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) { if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) {
$namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name)); $namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
@@ -303,25 +303,25 @@ class Validator
return false; return false;
} }
} }
$monsters = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'monsters` WHERE `name` LIKE ' . $db->quote($name_lower)); $monsters = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'monsters` WHERE `name` LIKE ' . $db->quote($name_lower));
if($monsters->rowCount() > 0) { if($monsters->rowCount() > 0) {
self::$lastError = 'Your name cannot contains monster name.'; self::$lastError = 'Your name cannot contains monster name.';
return false; return false;
} }
$spells_name = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'spells` WHERE `name` LIKE ' . $db->quote($name_lower)); $spells_name = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'spells` WHERE `name` LIKE ' . $db->quote($name_lower));
if($spells_name->rowCount() > 0) { if($spells_name->rowCount() > 0) {
self::$lastError = 'Your name cannot contains spell name.'; self::$lastError = 'Your name cannot contains spell name.';
return false; return false;
} }
$spells_words = $db->query('SELECT `words` FROM `' . TABLE_PREFIX . 'spells` WHERE `words` = ' . $db->quote($name_lower)); $spells_words = $db->query('SELECT `words` FROM `' . TABLE_PREFIX . 'spells` WHERE `words` = ' . $db->quote($name_lower));
if($spells_words->rowCount() > 0) { if($spells_words->rowCount() > 0) {
self::$lastError = 'Your name cannot contains spell name.'; self::$lastError = 'Your name cannot contains spell name.';
return false; return false;
} }
if(isset($config['npc'])) if(isset($config['npc']))
{ {
if(in_array($name_lower, $config['npc'])) { if(in_array($name_lower, $config['npc'])) {
@@ -329,26 +329,26 @@ class Validator
return false; return false;
} }
} }
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '") != $name_length) { if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '") != $name_length) {
self::$lastError = 'This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.'; self::$lastError = 'This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.';
return false; return false;
} }
if($name_length < 3 || $name_length > 28) { if($name_length < 3 || $name_length > 28) {
self::$lastError = 'Your name cannot be shorter than 3 characters and longer than 28 characters.'; self::$lastError = 'Your name cannot be shorter than 3 characters and longer than 28 characters.';
return false; return false;
} }
if(!preg_match("/[A-z ']{3,28}/", $name)) { if(!preg_match("/[A-z ']{3,28}/", $name)) {
self::$lastError = 'Your name containst illegal characters.'; self::$lastError = 'Your name containst illegal characters.';
return false; return false;
} }
return true; return true;
} }
/** /**
* Validate guild name * Validate guild name
* Name lenght must be 3-32 chars * Name lenght must be 3-32 chars
@@ -362,20 +362,47 @@ class Validator
self::$lastError = 'Please enter guild name.'; self::$lastError = 'Please enter guild name.';
return false; return false;
} }
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) { if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
self::$lastError = 'Invalid guild name format.'; self::$lastError = 'Invalid guild name format.';
return false; return false;
} }
if(!preg_match("/[A-z ]{3,32}/", $name)) { if(!preg_match("/[A-z ]{3,32}/", $name)) {
self::$lastError = 'Invalid guild name format.'; self::$lastError = 'Invalid guild name format.';
return false; return false;
} }
return true; return true;
} }
/**
* Validate guild nick
* Nick lenght must be 3-40 chars
*
* @param string $name Name to check
* @return bool Is name valid?
*/
public static function guildNick($name)
{
if(empty($name)) {
self::$lastError = 'Please enter guild nick.';
return false;
}
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
self::$lastError = 'Invalid guild nick format.';
return false;
}
if(!preg_match("/[A-z ]{3,40}/", $name)) {
self::$lastError = 'Invalid guild nick format.';
return false;
}
return true;
}
/** /**
* Validate rank name * Validate rank name
* Rank lenght must be 1-32 chars * Rank lenght must be 1-32 chars
@@ -389,17 +416,17 @@ class Validator
self::$lastError = 'Please enter rank name.'; self::$lastError = 'Please enter rank name.';
return false; return false;
} }
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) { if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) {
self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.'; self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
return false; return false;
} }
if(!preg_match("/[A-z ]{1,32}/", $name)) { if(!preg_match("/[A-z ]{1,32}/", $name)) {
self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.'; self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
return false; return false;
} }
return true; return true;
} }
/** /**
@@ -411,7 +438,7 @@ class Validator
public static function str($str, $numbers = false) { public static function str($str, $numbers = false) {
return preg_match('/^[a-z0-9\ ]*$/i', $str); return preg_match('/^[a-z0-9\ ]*$/i', $str);
} }
public static function getLastError() { public static function getLastError() {
return self::$lastError; return self::$lastError;
} }

6
system/pages/admin/plugins.php
View File

@@ -17,7 +17,7 @@ echo $twig->render('admin.plugins.form.html.twig');
if(isset($_REQUEST['uninstall'])){ if(isset($_REQUEST['uninstall'])){
$uninstall = $_REQUEST['uninstall']; $uninstall = $_REQUEST['uninstall'];
if(Plugins::uninstall($uninstall)) { if(Plugins::uninstall($uninstall)) {
success('Successfully uninstalled plugin ' . $uninstall); success('Successfully uninstalled plugin ' . $uninstall);
} }
@@ -43,7 +43,7 @@ else if(isset($_FILES["plugin"]["name"]))
break; break;
case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE: case UPLOAD_ERR_FORM_SIZE:
$error .= ' - file too large (limit of '.ini_get('upload_max_filesize').' bytes).'; $error .= ' - file too large (limit of '.ini_get('upload_max_filesize').' bytes). You can enlarge the limits by changing "upload_max_filesize" in php.ini';
break; break;
case UPLOAD_ERR_PARTIAL: case UPLOAD_ERR_PARTIAL:
$error .= ' - file upload was not completed.'; $error .= ' - file upload was not completed.';
@@ -78,7 +78,7 @@ else if(isset($_FILES["plugin"]["name"]))
} }
else else
error(Plugins::getError()); error(Plugins::getError());
unlink($targetzip); // delete the Zipped file unlink($targetzip); // delete the Zipped file
} }
else else

6
system/pages/guilds/change_nick.php
View File

@@ -32,6 +32,12 @@ if(!$new_nick) {
$player = new OTS_Player(); $player = new OTS_Player();
$player->find($name); $player->find($name);
$player_from_account = false; $player_from_account = false;
if(!Validator::guildNick($new_nick)) {
echo Validator::getLastError();
return;
}
if(strlen($new_nick) <= 40) if(strlen($new_nick) <= 40)
{ {
if($player->isLoaded()) if($player->isLoaded())

2
system/pages/guilds/save_ranks.php
View File

@@ -12,7 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null; $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
if(!Validator::guildName($guild_name)) { if(!Validator::guildName($guild_name)) {
$errors[] = Validator::get; $errors[] = Validator::getLastError();
} }
if(empty($errors)) { if(empty($errors)) {

6
system/pages/highscores.php
View File

@@ -268,7 +268,7 @@ if($config['highscores_country_box'])
echo echo
'<TABLE BORDER=0 width="100%" CELLPADDING=4 CELLSPACING=1> '<TABLE BORDER=0 width="100%" CELLPADDING=4 CELLSPACING=1>
<TR BGCOLOR="' . $config['vdarkborder'] . '"> <TR BGCOLOR="' . $config['vdarkborder'] . '">
<TD CLASS=whites><B>Choose a country</B></TD> <TD CLASS=white><B>Choose a country</B></TD>
</TR> </TR>
<TR BGCOLOR="'.$config['lightborder'].'"> <TR BGCOLOR="'.$config['lightborder'].'">
<TD> <TD>
@@ -284,7 +284,7 @@ if($config['highscores_country_box'])
echo ' echo '
<TABLE BORDER=0 width="100%" CELLPADDING=4 CELLSPACING=1> <TABLE BORDER=0 width="100%" CELLPADDING=4 CELLSPACING=1>
<TR BGCOLOR="'.$config['vdarkborder'].'"> <TR BGCOLOR="'.$config['vdarkborder'].'">
<TD CLASS=whites><B>Choose a skill</B></TD> <TD CLASS=white><B>Choose a skill</B></TD>
</TR> </TR>
<TR BGCOLOR="'.$config['lightborder'].'"> <TR BGCOLOR="'.$config['lightborder'].'">
<TD>'; <TD>';
@@ -315,7 +315,7 @@ if($config['highscores_vocation_box'])
echo echo
'<table border="0" width="100%" cellpadding="4" cellspacing="1"> '<table border="0" width="100%" cellpadding="4" cellspacing="1">
<tr bgcolor="' . $config['vdarkborder'] . '"> <tr bgcolor="' . $config['vdarkborder'] . '">
<td class=whites><b>Choose a vocation</b></td> <td class="white"><b>Choose a vocation</b></td>
</tr> </tr>
<tr bgcolor="'.$config['lightborder'].'"> <tr bgcolor="'.$config['lightborder'].'">
<td> <td>

18
system/pages/lastkills.php
View File

@@ -45,7 +45,7 @@ if(tableExist('player_killers')) // tfs 0.3
$players_rows .= 'eliminated'; $players_rows .= 'eliminated';
elseif($count > 19) elseif($count > 19)
$players_rows .= 'annihilated'; $players_rows .= 'annihilated';
$players_rows .= 'at level <b>' . $death['level'] . '</b> by '; $players_rows .= 'at level <b>' . $death['level'] . '</b> by ';
} }
else if($i == $count) else if($i == $count)
@@ -76,15 +76,15 @@ if(tableExist('player_killers')) // tfs 0.3
$players_rows .= '.</TD>'; $players_rows .= '.</TD>';
if($config['multiworld']) if($config['multiworld'])
$player_rows .= '<TD>'.$config['worlds'][(int)$death['world_id']].'</TD>'; $player_rows .= '<TD>'.$config['worlds'][(int)$death['world_id']].'</TD>';
$players_rows .= '</TR>'; $players_rows .= '</TR>';
} }
} }
} }
else { else {
//$players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `player_deaths`.`killed_by` as `killed_by`, `player_deaths`.`time` as `time`, `player_deaths`.`is_player` as `is_player`, `player_deaths`.`level` as `level` FROM `player_deaths`, `players` as `d` INNER JOIN `players` as `p` ON player_deaths.player_id = p.id WHERE player_deaths.`is_player`='1' ORDER BY `time` DESC LIMIT " . $config['last_kills_limit'] . ";"); //$players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `player_deaths`.`killed_by` as `killed_by`, `player_deaths`.`time` as `time`, `player_deaths`.`is_player` as `is_player`, `player_deaths`.`level` as `level` FROM `player_deaths`, `players` as `d` INNER JOIN `players` as `p` ON player_deaths.player_id = p.id WHERE player_deaths.`is_player`='1' ORDER BY `time` DESC LIMIT " . $config['last_kills_limit'] . ";");
$players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `d`.`killed_by` as `killed_by`, `d`.`time` as `time`, `d`.`level`, `d`.`is_player` FROM `player_deaths` as `d` INNER JOIN `players` as `p` ON d.player_id = p.id ORDER BY `time` DESC LIMIT 20;"); $players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `d`.`killed_by` as `killed_by`, `d`.`time` as `time`, `d`.`level`, `d`.`is_player`, `d`.`mostdamage_by` as `mostdamage_by`, `d`.`mostdamage_is_player` as `mostdamage_is_player` FROM `player_deaths` as `d` INNER JOIN `players` as `p` ON d.player_id = p.id ORDER BY `time` DESC LIMIT " . $config['last_kills_limit'] . ";");
if(!empty($players_deaths)) if(!empty($players_deaths))
{ {
@@ -95,7 +95,15 @@ $players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `d`.`killed_by` as
$players_rows .= getPlayerLink($death['killed_by']); $players_rows .= getPlayerLink($death['killed_by']);
else else
$players_rows .= $death['killed_by']; $players_rows .= $death['killed_by'];
if (!empty($death['mostdamage_by'])) {
$player_rows .= ' and ';
if($death['mostdamage_is_player'] == '1')
$players_rows .= getPlayerLink($death['mostdamage_by']);
else
$players_rows .= $death['mostdamage_by'];
}
$players_rows .= '.</TR>'; $players_rows .= '.</TR>';
} }
} }

3
system/templates/online.html.twig
View File

@@ -3,7 +3,7 @@
<td class="white"><b>Server Status</b></td> <td class="white"><b>Server Status</b></td>
</tr> </tr>
{% if players|length == 0 %} {% if players|length == 0 %}
<tr bgcolor="{{ config.darkborder }}"><td>Currently no one is playing on {{ config.lua.serverName }}.</td></tr></table> <tr bgcolor="{{ config.darkborder }}"><td>Currently no one is playing on&nbsp;{{ config.lua.serverName }}.</td></tr></table>
{% else %} {% else %}
<tr bgcolor="{{ config.darkborder }}"> <tr bgcolor="{{ config.darkborder }}">
<td> <td>
@@ -26,6 +26,7 @@
</td> </td>
</tr> </tr>
</table> </table>
<br/>
{# vocation statistics #} {# vocation statistics #}
{% if config.online_vocations %} {% if config.online_vocations %}
<br/> <br/>

2
tools/signature/gesior.php
View File

@@ -20,7 +20,7 @@
if($rank->isLoaded()) if($rank->isLoaded())
{ {
imagettftext($image , $fontsize, 0, 20, 75, $color, $font, 'Guild:'); imagettftext($image , $fontsize, 0, 20, 75, $color, $font, 'Guild:');
imagettftext($image , $fontsize, 0, 70, 75, $color, $font, $player->getRank()->getName() . ' of the ' . $$rank->getGuild()->getName()); imagettftext($image , $fontsize, 0, 70, 75, $color, $font, $player->getRank()->getName() . ' of the ' . $rank->getGuild()->getName());
} }
imagettftext($image , $fontsize, 0, 20, 95, $color, $font, 'Last Login:'); imagettftext($image , $fontsize, 0, 20, 95, $color, $font, 'Last Login:');
imagettftext($image , $fontsize, 0, 100, 95, $color, $font, (($player->getLastLogin() > 0) ? date("j F Y, g:i a", $player->getLastLogin()) : 'Never logged in.')); imagettftext($image , $fontsize, 0, 100, 95, $color, $font, (($player->getLastLogin() > 0) ? date("j F Y, g:i a", $player->getLastLogin()) : 'Never logged in.'));

2
tools/validate.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* Ajax validator * Ajax validator
* Returns xml file with result * Returns json with result
* *
* @package MyAAC * @package MyAAC
* @author Slawkens <slawkens@gmail.com> * @author Slawkens <slawkens@gmail.com>