* update to 0.7.5

* fixed template path finding
* fixed news adding when type != ARTICLE

CHANGELOG

@@ -1,6 +1,27 @@
+[0.7.5 - 04.01.2017]
+	* fixed bug on othire with config.account_premium_days
+	* fixed bug on TFS 1.x when online_afk is enabled
+	* warning about leaving news page with changes
+	* added player status to tibiacom top 5 highscores box
+	* save detected country on create account in session
+	* fixed getPremDays and isPremium functions (newest 11.x engines are bugged when it comes to PACC, its not fault of MyAAC)
+	* fix when there are no changelogs or highscores yet
+	* small fix regarding getTopPlayers function which was ignoring $limit variable
+	* fixed news adding when type != ARTICLE
+	* fixed template path finding
+	* fixed displaying article_text when it was empty saved
+
+[0.7.4 - 24.12.2017]
+	* fixed mysql fatal error on tibiacom template - top 5 box
+	* fixed displaying of level percent bar on tibian signature
+	* inform user about Twig cache failure on installation, instead of http 500 error
+	* when dir system/cache is not writable by the webserver, then show some nice notice to the user about it instead of http 500 error
+	* remember client version select and usage stats checkbox in session on install
+	* automatically update highscores_ids_hidden for users who installed myaac before (migration)
+
 [0.7.3 - 18.12.2017]
-	* auto generate myaac cache & session prefix on install to be unique accross installations
-	* fixed hidding shop system menu on tibiacom template when disabled in config
+	* auto generate myaac cache & session prefix on install to be unique across installations
+	* fixed hiding shop system menu on tibiacom template when disabled in config
 	* prevent adding duplicated newses with installation
 	* some changes to sample characters: chanced town_id to 1, posx: 1000, posy: 1000, posz: 1000 and default group_id to 1 so you can change in-game outfits and they will be used
 	* added version 772 constant to install client choose (OTHire)

TODO

@@ -3,20 +3,19 @@
 0.*
 	* support duplicated vocation names with different ids
 	* plugins: option to define custom requirements check in json file, to check if system meets the requirement
-	* inform user about Twig cache failure on installation, instead of 500 error
 	* add support for defining max myaac version in plugin.json file
 	* cache Menus in templates
 	* don't show error indicators on first time load - createaccount page
 	* update Twig to the latest version from 1.x branch
 	* semantic versioning support for plugins (github.com/composer/semver)
-	* database towns table support for TFS 1.3
-	* players.is_sample is waste, better save in config.php array of ignored ids
 	* add some notice to the user that installing step "Import Schema" will take some time
-	* remember client version in session on install
+	* check user IP on installing to prevent install by random user
 
 1.0:
 	* i18n support (issue #1 on github)
 	* New Admin Panel layout and interface
+	* add changelog management interface
+	* remove tibiacom template, and include it as a plugin
 
 2.0
 	* remove compat functions
@@ -24,6 +23,7 @@
 		* var/ (for logs, cache and data), config/, bin, public/ (for index and images and other public content), system/ (for php files and classess)
 	* rename templates to layouts as templates is meant to be used for twig templates
 	* change gifts_system to shop_system configurable
+	* move most used options in system/templates dir to separate directories (more transparent)
 
 At any time between (version not specified):
 	* better news archive with search function (like on tibia.com)
@@ -33,4 +33,5 @@ At any time between (version not specified):
 	* possibility to add extra cache engines with plugins
 	* preferably configurable (enable/disable) forum TinyMCE editor
 	* new cache engine - plain php, is good with pure php 7.0+ and opcache
-	* OTAdmin support in Admin Panel
+	* OTAdmin support in Admin Panel
+	* database towns table support for TFS 1.3

common.php

@@ -26,8 +26,8 @@
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.7.3');
-define('DATABASE_VERSION', 19);
+define('MYAAC_VERSION', '0.7.5');
+define('DATABASE_VERSION', 20);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX'));

config.php

@@ -75,7 +75,7 @@ $config = array(
 
 	// images
 	'outfit_images_url' => 'http://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
-	'item_images_url' => 'http://item-images.ots.me/960/', // set to images/items if you host your own items in images folder
+	'item_images_url' => 'http://item-images.ots.me/1092/', // set to images/items if you host your own items in images folder
 
 	// account
 	'account_management' => true, // disable if you're using other method to manage users (fe. tfs account manager)
@@ -186,6 +186,7 @@ $config = array(
 	'highscores_outfit' => true, // show player outfit?
 	'highscores_country_box' => false, // doesnt work yet! (not implemented)
 	'highscores_groups_hidden' => 4, // this group id and higher won't be shown on the highscores
+	'highscores_ids_hidden' => array(0), // this ids of players will be hidden on the highscores (should be ids of samples)
 	'highscores_length' => 100, // how many records per page on highscores
 
 	// characters page

index.php

@@ -51,7 +51,7 @@ if(preg_match("/^[A-Za-z0-9-_%\'+]+\.png$/i", $uri)) {
 	include(TOOLS . 'signature/index.php');
 	exit();
 }
-else if(preg_match("/^(.*)\.(gif|jpg|png|jpeg|tiff|bmp|css|js|less|map|html|php|zip|rar|gz)$/i", $_SERVER['REQUEST_URI'])) {
+else if(preg_match("/^(.*)\.(gif|jpg|png|jpeg|tiff|bmp|css|js|less|map|html|php|zip|rar|gz|ttf|woff|ico)$/i", $_SERVER['REQUEST_URI'])) {
 	header("HTTP/1.0 404 Not Found");
 	exit;
 }

install/includes/functions.php

@@ -78,4 +78,23 @@ function next_form($previous = true, $next = true)
 	<input type="hidden" name="step" id="step" value="' . $step . '" />' . next_buttons($previous, $next) . '
 </form>';
 }
-?>
+
+function win_is_writable($path) {
+	if($path[strlen( $path ) - 1] == '/') { // if it looks like a directory, check a random file within the directory
+		return win_is_writable( $path . uniqid( mt_rand() ) . '.tmp');
+	} elseif(is_dir( $path )) { // If it's a directory (and not a file) check a random file within the directory
+		return win_is_writable( $path . '/' . uniqid( mt_rand() ) . '.tmp' );
+	}
+
+	// check tmp file for read/write capabilities
+	$should_delete_tmp_file = !file_exists( $path );
+	$f = @fopen( $path, 'a' );
+	if ( $f === false )
+		return false;
+
+	fclose( $f );
+	if($should_delete_tmp_file)
+		unlink($path);
+
+	return true;
+}

install/includes/twig_error.html

@@ -0,0 +1,11 @@
+We have detected that you don't have access to write to the system/cache directory. Under linux you can fix it by using this two command, where first one should be enough (for apache):<br/><br/><span class="console">chown -R www-data.www-data /var/www/*</span><br/><span class="console">chmod -R 660 system/cache</span>
+
+<style type="text/css">
+.console {
+	font-family:Courier;
+	color: #CCCCCC;
+	background: #000000;
+	border: 3px double #CCCCCC;
+	padding: 0px;
+}
+</style>

install/index.php

@@ -91,16 +91,19 @@ else if($step == 'finish') {
 
 $error = false;
 
-// step include
-ob_start();
+clearstatcache();
+if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
+	ob_start();
 
-$step_id = array_search($step, $steps);
-require('steps/' . $step_id . '-' . $step . '.php');
-$content = ob_get_contents();
-ob_end_clean();
+	$step_id = array_search($step, $steps);
+	require('steps/' . $step_id . '-' . $step . '.php');
+	$content = ob_get_contents();
+	ob_end_clean();
+}
+else {
+	$content = error(file_get_contents(BASE . 'install/includes/twig_error.html'), true);
+}
 
 // render
 require('template/template.php');
-//$_SESSION['laststep'] = $step;
-
-?>
+//$_SESSION['laststep'] = $step;

install/steps/5-database.php

@@ -240,9 +240,9 @@ if(!$error) {
 			$content .= PHP_EOL;
 			$content .= '$config[\'client_download_linux\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/tar/linux\';';
 			$content .= PHP_EOL;
-			$content .= '$config[\'session_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '\';';
+			$content .= '$config[\'session_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';';
 			$content .= PHP_EOL;
-			$content .= '$config[\'cache_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '\';';
+			$content .= '$config[\'cache_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';';
 			$content .= PHP_EOL;
 			
 			$file = fopen(BASE . 'config.local.php', 'a+');

system/functions.php

@@ -970,9 +970,17 @@ function getTopPlayers($limit = 5) {
 		$deleted = 'deleted';
 		if(fieldExist('deletion', 'players'))
 			$deleted = 'deletion';
-		
-		$players = $db->query('SELECT `name`, `level`, `experience` FROM `players` WHERE `group_id` < ' . $config['highscores_groups_hidden'] . ' AND `id` NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND `' . $deleted . '` = 0 AND `account_id` != 1 ORDER BY `experience` DESC LIMIT 5')->fetchAll();
-		
+
+		$is_tfs10 = tableExist('players_online');
+		$players = $db->query('SELECT `id`, `name`, `level`, `experience`' . ($is_tfs10 ? '' : ', `online`') . ' FROM `players` WHERE `group_id` < ' . $config['highscores_groups_hidden'] . ' AND `id` NOT IN (' . implode(', ', $config['highscores_ids_hidden']) . ') AND `' . $deleted . '` = 0 AND `account_id` != 1 ORDER BY `experience` DESC LIMIT ' . (int)$limit)->fetchAll();
+
+		if($is_tfs10) {
+			foreach($players as &$player) {
+				$query = $db->query('SELECT `player_id` FROM `players_online` WHERE `player_id` = ' . $player['id']);
+				$player['online'] = ($query->rowCount() > 0 ? 1 : 0);
+			}
+		}
+
 		$i = 0;
 		foreach($players as &$player) {
 			$player['rank'] = ++$i;

system/init.php

@@ -14,8 +14,7 @@ if(file_exists(BASE . 'config.local.php')) // user customizations
 	require(BASE . 'config.local.php');
 
 if(!isset($config['installed']) || !$config['installed']) {
-	header('Location: ' . BASE_URL);
-	die('AAC has not been installed yet or there was error during installation. Please install again.');
+	die('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
 
 date_default_timezone_set($config['date_timezone']);
@@ -149,8 +148,8 @@ $config['data_path'] = $tmp;
 unset($tmp);
 
 // new config values for compability
-if($config['highscores_ids_hidden'] == null) {
-	$config['highscores_ids_hidden'] = array();
+if(!isset($config['highscores_ids_hidden']) || count($config['highscores_ids_hidden']) == 0) {
+	$config['highscores_ids_hidden'] = array(0);
 }
 
 // POT

system/libs/pot/OTS_Account.php

@@ -170,7 +170,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
     public function load($id)
     {
         // SELECT query on database
-        $this->data = $this->db->query('SELECT `id`, ' . (fieldExist('name', 'accounts') ? '`name`,' : '') . '`password`, `email`, ' . $this->db->fieldName('blocked') . ', ' . $this->db->fieldName('rlname') . ', ' . $this->db->fieldName('location') . ', ' . $this->db->fieldName('web_flags') . ', ' . (fieldExist('premdays', 'accounts') ? $this->db->fieldName('premdays') . ',' : '') . (fieldExist('lastday', 'accounts') ? $this->db->fieldName('lastday') . ',' : (fieldExist('premend', 'accounts') ?  $this->db->fieldName('premend') . ' as `lastday`,' : '')) . $this->db->fieldName('created') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('id') . ' = ' . (int) $id)->fetch();
+        $this->data = $this->db->query('SELECT `id`, ' . (fieldExist('name', 'accounts') ? '`name`,' : '') . '`password`, `email`, ' . $this->db->fieldName('blocked') . ', ' . $this->db->fieldName('rlname') . ', ' . $this->db->fieldName('location') . ', ' . $this->db->fieldName('web_flags') . ', ' . (fieldExist('premdays', 'accounts') ? $this->db->fieldName('premdays') . ',' : '') . (fieldExist('lastday', 'accounts') ? $this->db->fieldName('lastday') . ',' : (fieldExist('premend', 'accounts') ?  $this->db->fieldName('premend') . ',' : '')) . $this->db->fieldName('created') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('id') . ' = ' . (int) $id)->fetch();
     }
 
 /**
@@ -252,9 +252,14 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 		$lastday = 'lastday';
 		if(fieldExist('premend', 'accounts'))
 			$lastday = 'premend';
+		
+		$field = 'lastday';
+		if(isset($this->data['premend'])) { // othire
+			$field = 'premend';
+		}
 
         // UPDATE query on database
-        $this->db->query('UPDATE `accounts` SET ' . (fieldExist('name', 'accounts') ? '`name` = ' . $this->db->quote($this->data['name']) . ',' : '') . '`password` = ' . $this->db->quote($this->data['password']) . ', `email` = ' . $this->db->quote($this->data['email']) . ', `blocked` = ' . (int) $this->data['blocked'] . ', `rlname` = ' . $this->db->quote($this->data['rlname']) . ', `location` = ' . $this->db->quote($this->data['location']) . ', `web_flags` = ' . (int) $this->data['web_flags'] . ', ' . (fieldExist('premdays', 'accounts') ? '`premdays` = ' . (int) $this->data['premdays'] . ',' : '') . '`' . $lastday . '` = ' . (int) $this->data['lastday'] . ' WHERE `id` = ' . $this->data['id']);
+        $this->db->query('UPDATE `accounts` SET ' . (fieldExist('name', 'accounts') ? '`name` = ' . $this->db->quote($this->data['name']) . ',' : '') . '`password` = ' . $this->db->quote($this->data['password']) . ', `email` = ' . $this->db->quote($this->data['email']) . ', `blocked` = ' . (int) $this->data['blocked'] . ', `rlname` = ' . $this->db->quote($this->data['rlname']) . ', `location` = ' . $this->db->quote($this->data['location']) . ', `web_flags` = ' . (int) $this->data['web_flags'] . ', ' . (fieldExist('premdays', 'accounts') ? '`premdays` = ' . (int) $this->data['premdays'] . ',' : '') . '`' . $field . '` = ' . (int) $this->data[$field] . ' WHERE `id` = ' . $this->data['id']);
     }
 
 /**
@@ -327,22 +332,18 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 		return $this->hasFlag(FLAG_SUPER_ADMIN);
 	}
 
-    public function getPremDays()
-    {
-        if( !isset($this->data['lastday']) )
-        {
-            throw new E_OTS_NotLoaded();
-        }
+	public function getPremDays()
+	{
+		if(!isset($this->data['lastday']) && !isset($this->data['premend'])) {
+			throw new E_OTS_NotLoaded();
+		}
 
-		if(fieldExist('premdays', 'accounts'))
-			return $this->data['premdays'];
-		
-        if($this->data['lastday'] == 0)
-            return 0;
-        
-		return round(($this->data['lastday'] - time()) / (24 * 60 * 60), 3);
-        //return $this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday']));
-    }
+		if(isset($this->data['premend'])) {
+			return round(($this->data['premend'] - time()) / (24 * 60 * 60), 2);
+		}
+
+		return $this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday']));
+	}
 	
    public function getLastLogin()
     {
@@ -358,12 +359,13 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
     {
 		global $config;
         if(isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium'])) return true;
-		if(fieldExist('premdays', 'accounts'))
-			return $this->data['premdays'] > 0;
-	
-		return $this->data['lastday'] > time();
-        //return ($this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday'])) > 0);
-    }
+
+		if(isset($this->data['premend'])) {
+			return $this->data['premend'] > time();
+		}
+
+		return ($this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday'])) > 0);
+	}
 
     public function getCreated()
     {

system/libs/pot/OTS_Player.php

@@ -3151,6 +3151,14 @@ class OTS_Player extends OTS_Row_DAO
 
         $this->db->query('DELETE FROM ' . $this->db->tableName('player_spells') . ' WHERE ' . $this->db->fieldName('player_id') . ' = ' . $this->data['id'] . ' AND ' . $this->db->fieldName('name') . ' = ' . $this->db->quote( $spell->getName() ) );
     }
+	
+	public static function getPercentLevel($count, $nextLevelCount)
+	{
+		if($nextLevelCount > 0)
+			return min(100, max(0, $count * 100 / $nextLevelCount));
+
+		return 0;
+	}
 
 /**
  * Magic PHP5 method.

system/libs/pot/OTS_Toolbox.php

@@ -28,13 +28,11 @@ class OTS_Toolbox
  * @param int $experience Current experience points.
  * @return int Experience points for level.
  */
-    public static function experienceForLevel($level, $experience = 0)
+	public static function experienceForLevel($level, $experience = 0)
     {
-        return 50 * ($level - 1) * ($level * $level - 5 * $level + 12) / 3 - $experience;
-		/*
-			$level = $level - 1;
-	return ((50 * $level * $level * $level) - (150 * $level * $level) + (400 * $level)) / 3;
-	*/
+        //return 50 * ($level - 1) * ($level * $level - 5 * $level + 12) / 3 - $experience;
+		$level = $level - 1;
+		return ((50 * $level * $level * $level) - (150 * $level * $level) + (400 * $level)) / 3;
     }
 
 /**

system/migrations/19.php

@@ -1,3 +1,3 @@
 <?php
-// this migrations has been removed, but file kept for compability
+// this migration has been removed, but file kept for compability
 ?>

system/migrations/20.php

@@ -0,0 +1,39 @@
+<?php
+
+$config_file = BASE . 'config.local.php';
+if(!is_writable($config_file)) { // we can't do anything, just ignore
+	return;
+}
+
+$content_of_file = trim(file_get_contents($config_file));
+if(strpos($content_of_file, 'highscores_ids_hidden') !== false) { // already present
+	return;
+}
+
+$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . ") ORDER BY `id`;");
+
+$highscores_ignored_ids = array();
+if($query->rowCount() > 0) {
+	foreach($query->fetchAll() as $result)
+		$highscores_ignored_ids[] = $result['id'];
+}
+else {
+	$highscores_ignored_ids[] = 0;
+}
+
+$php_on_end = substr($content_of_file, -2, 2) == '?>';
+$content = PHP_EOL;
+if($php_on_end) {
+	$content .= '<?php';
+}
+
+$content .= PHP_EOL;
+$content .= '$config[\'highscores_ids_hidden\'] = array(' . implode(', ', $highscores_ignored_ids) . ');';
+$content .= PHP_EOL;
+
+if($php_on_end) {
+	$content .= '?>';
+}
+
+file_put_contents($config_file, $content, FILE_APPEND);
+?>

system/pages/accountmanagement.php

@@ -110,7 +110,7 @@ $errors = array();
 		$players = array();
 		$account_players = $account_logged->getPlayersList();
 		$account_players->orderBy('id');
-		
+
 		echo $twig->render('account.management.html.twig', array(
 			'welcome_message' => $welcome_message,
 			'recovery_key' => $recovery_key,

system/pages/createaccount.php

@@ -144,8 +144,13 @@ if($save)
 		}
 
 		if($config['account_premium_days'] && $config['account_premium_days'] > 0) {
-			$new_account->setCustomField('premdays', $config['account_premium_days']);
-			$new_account->setCustomField('lastday', time());
+			if(fieldExist('premend', 'accounts')) { // othire
+				$new_account->setCustomField('premend', time() + $config['account_premium_days'] * 86400);
+			}
+			else { // rest
+				$new_account->setCustomField('premdays', $config['account_premium_days']);
+				$new_account->setCustomField('lastday', time());
+			}
 		}
 
 		if($config['account_premium_points']) {
@@ -208,36 +213,43 @@ if($save)
 	}
 }
 
-	$country_recognized = null;
-	if($config['account_country_recognize']) {
+$country_recognized = null;
+if($config['account_country_recognize']) {
+	$country_session = getSession('country');
+	if($country_session !== false) { // get from session
+		$country_recognized = $country_session;
+	}
+	else {
 		$info = json_decode(@file_get_contents('http://ipinfo.io/' . $_SERVER['REMOTE_ADDR'] . '/geo'), true);
 		if(isset($info['country'])) {
 			$country_recognized = strtolower($info['country']);
+			setSession('country', $country_recognized);
 		}
 	}
+}
 
-	if(!empty($errors))
-		echo $twig->render('error_box.html.twig', array('errors' => $errors));
+if(!empty($errors))
+	echo $twig->render('error_box.html.twig', array('errors' => $errors));
 
-	if($config['account_country']) {
-		$countries = array();
-		foreach (array('pl', 'se', 'br', 'us', 'gb') as $c)
-			$countries[$c] = $config['countries'][$c];
-		
-		$countries['--'] = '----------';
-		foreach ($config['countries'] as $code => $c)
-			$countries[$code] = $c;
-	}
+if($config['account_country']) {
+	$countries = array();
+	foreach (array('pl', 'se', 'br', 'us', 'gb') as $c)
+		$countries[$c] = $config['countries'][$c];
+	
+	$countries['--'] = '----------';
+	foreach ($config['countries'] as $code => $c)
+		$countries[$code] = $c;
+}
 
-	echo $twig->render('account.create.js.html.twig');
-	echo $twig->render('account.create.html.twig', array(
-		'account' => isset($_POST['account']) ? $_POST['account'] : '',
-		'email' => isset($_POST['email']) ? $_POST['email'] : '',
-		'countries' => isset($countries) ? $countries : null,
-		'accept_rules' => isset($_POST['accept_rules']) ? $_POST['accept_rules'] : false,
-		'country_recognized' => $country_recognized,
-		'country' => isset($country) ? $country : null,
-		'errors' => $errors,
-		'save' => $save
-	));
+echo $twig->render('account.create.js.html.twig');
+echo $twig->render('account.create.html.twig', array(
+	'account' => isset($_POST['account']) ? $_POST['account'] : '',
+	'email' => isset($_POST['email']) ? $_POST['email'] : '',
+	'countries' => isset($countries) ? $countries : null,
+	'accept_rules' => isset($_POST['accept_rules']) ? $_POST['accept_rules'] : false,
+	'country_recognized' => $country_recognized,
+	'country' => isset($country) ? $country : null,
+	'errors' => $errors,
+	'save' => $save
+));
 ?>

system/pages/highscores.php

@@ -228,8 +228,10 @@ echo '
 		$show_link_to_next_page = true;
 }
 
-if(!$i)
-	echo '<tr bgcolor="' . $config['darkborder'] . '"><td colspan="' . ($skill == POT::SKILL__LEVEL ? 5 : 4) . '">No records yet.</td></tr>';
+if(!$i) {
+	$extra = ($config['highscores_outfit'] ? 1 : 0);
+	echo '<tr bgcolor="' . $config['darkborder'] . '"><td colspan="' . ($skill == POT::SKILL__LEVEL ? 5 + $extra : 4 + $extra) . '">No records yet.</td></tr>';
+}
 
 ?>
 </table>

system/pages/news.php

@@ -387,7 +387,7 @@ class News
 		if(!self::verify($title, $body, $article_text, $article_image, $errors))
 			return false;
 
-		$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments, 'article_text' => $article_text, 'article_image' => $article_image));
+		$db->insert(TABLE_PREFIX . 'news', array('title' => $title, 'body' => $body, 'type' => $type, 'date' => time(), 'category' => $category, 'player_id' => isset($player_id) ? $player_id : 0, 'comments' => $comments, 'article_text' => ($type == 3 ? $article_text : ''), 'article_image' => ($type == 3 ? $article_image : '')));
 		return true;
 	}
 

system/status.php

@@ -75,8 +75,13 @@ if(isset($config['lua']['statustimeout']))
 // get status timeout from server config
 $status_timeout = eval('return ' . $config['lua']['statusTimeout'] . ';') / 1000 + 1;
 
-if($status['lastCheck'] + $status_timeout < time())
-{
+if($status['lastCheck'] + $status_timeout < time()) {
+	updateStatus();
+}
+
+function updateStatus() {
+	global $db, $cache, $config, $status, $status_ip, $status_port;
+	
 	// get server status and save it to database
 	$serverInfo = new OTS_ServerInfo($status_ip, $status_port);
 	$serverStatus = $serverInfo->status();
@@ -98,9 +103,14 @@ if($status['lastCheck'] + $status_timeout < time())
 		if($config['online_afk'])
 		{
 			// get amount of players that are currently logged in-game, including disconnected clients (exited)
-			$query = $db->query('SELECT COUNT(' . $db->fieldName('id') . ') AS playersTotal FROM ' . $db->tableName('players') .
-				' WHERE ' . $db->fieldName('online') . ' > 0');
-
+			if(tableExist('players_online')) { // tfs 1.x
+				$query = $db->query('SELECT COUNT(`player_id`) AS `playersTotal` FROM `players`;');
+			}
+			else {
+				$query = $db->query('SELECT COUNT(`id`) AS `playersTotal` FROM `players` WHERE `online` > 0');
+			}
+			
+			$status['playersTotal'] = 0;
 			if($query->rowCount() > 0)
 			{
 				$query = $query->fetch();
@@ -132,5 +142,4 @@ if($status['lastCheck'] + $status_timeout < time())
 	foreach($status as $key => $value) {
 		updateDatabaseConfig('status_' . $key, $value);
 	}
-}
-?>
+}

system/template.php

@@ -15,42 +15,38 @@ if($config['template_allow_change'])
 {
 	if(isset($_GET['template']))
 	{
-		$template_name = $_GET['template'];
 		if(!preg_match("/[^A-z0-9_\-]/", $template_name)) { // validate template
 			//setcookie('template', $template_name, 0, BASE_DIR . '/', $_SERVER["SERVER_NAME"]);
+			$template_name = $_GET['template'];
 			setSession('template', $template_name);
 			header('Location:' . getSession('last_uri'));
 		}
-		else
-			$template_name = $config['template'];
 	}
 	else {
 		$template_session = getSession('template');
 		if ($template_session !== false) {
 			if (!preg_match("/[^A-z0-9_\-]/", $template_session)) {
 				$template_name = $template_session;
-			} else {
-				$template_name = $config['template'];
 			}
 		}
 	}
 }
 $template_path = 'templates/' . $template_name;
 
-if(!file_exists($template_path . '/index.php') &&
-	!file_exists($template_path . '/template.php') &&
-	!file_exists($template_path . '/layout.php'))
+if(!file_exists(BASE . $template_path . '/index.php') &&
+	!file_exists(BASE . $template_path . '/template.php') &&
+	!file_exists(BASE . $template_path . '/layout.php'))
 {
 	$template_name = 'kathrine';
-	$template_path = TEMPLATES . $template_name;
+	$template_path = 'templates/' . $template_name;
 }
 
-$file = $template_path . '/config.ini';
+$file = BASE . $template_path . '/config.ini';
 $exists = file_exists($file);
-if($exists || ($config['backward_support'] && file_exists($template_path . '/layout_config.ini')))
+if($exists || ($config['backward_support'] && file_exists(BASE . $template_path . '/layout_config.ini')))
 {
 	if(!$exists)
-		$file = $template_path . '/layout_config.ini';
+		$file = BASE . $template_path . '/layout_config.ini';
 
 	if($cache->enabled())
 	{
@@ -69,8 +65,8 @@ if($exists || ($config['backward_support'] && file_exists($template_path . '/lay
 	foreach($template_ini as $key => $value)
 		$config[$key] = $value;
 }
-else if(file_exists($template_path . '/config.php'))
-	require($template_path . '/config.php');
+else if(file_exists(BASE . $template_path . '/config.php'))
+	require(BASE . $template_path . '/config.php');
 
 $template = array();
 $template['link_account_manage'] = getLink('account/manage');

system/templates/changelog.html.twig

@@ -23,7 +23,7 @@
 		{% endfor %}
 	{% else %}
 	<tr>
-		<td bgcolor="{{ config.lightborder }}">There are no change logs for the moment.</td>
+		<td colspan="4" bgcolor="{{ config.darkborder }}">There are no changelogs for the moment.</td>
 	</tr>
 	{% endif %}
 	

system/templates/faq.html.twig

@@ -17,9 +17,9 @@
 		{% set i = i + 1 %}
 	<tr bgcolor="{{ getStyle(i) }}">
 		<td colspan="2" style="cursor: pointer;" onclick="toggleVisibility('faq_{{ i }}'); return false;">
-			<b>{{ faq.question }}</b>
+			<b>{{ faq.question|raw }}</b>
 
-			<div id="faq_{{ i }}" style="display: none;">{{ faq.answer }}</div>
+			<div id="faq_{{ i }}" style="display: none;">{{ faq.answer|raw }}</div>
 		</td>
 		{% if canEdit %}
 			<td>

system/templates/install.config.html.twig

@@ -23,7 +23,7 @@
 				<br/>
 				<select name="vars[client]" id="vars_client">
 					{% for id, version in clients %}
-					<option value="{{ id }}">{{ version }}</option>
+					<option value="{{ id }}"{% if session['var_client'] is not null and session['var_client'] == id %} selected{% endif %}>{{ version }}</option>
 					{% endfor %}
 				</select>
 			</td>
@@ -38,7 +38,7 @@
 				</label>
 				<br/>
 				<input type="hidden" value="0" name="vars[usage]">
-				<input type="checkbox" name="vars[usage]" id="vars_usage" value="1" checked/>
+				<input type="checkbox" name="vars[usage]" id="vars_usage" value="1"{% if session['var_usage'] is null or session['var_usage'] == 1 %} checked{% endif %}/>
 			</td>
 			<td>
 				<em>{{ locale.step_config_usage_desc }}</em>

system/templates/news.add.html.twig

@@ -1,17 +1,7 @@
-<script type="text/javascript" src="{{ constant('BASE_URL') }}tools/tinymce/tinymce.min.js"></script>
-<script type="text/javascript">
-	tinymce.init({
-		selector : "#body",
-		theme : "modern",
-		plugins: 'print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help code',
-		toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
-		image_advtab: true
-	});
-</script>
 {% if action != 'edit' %}
 <a id="news-button" href="#">Add news</a>
 {% endif %}
-<form method="post" action="{{ news_link_form }}">
+<form method="post" action="{{ news_link_form }}" id="news-edit-form">
 	{% if action == 'edit' %}
 	<input type="hidden" name="id" value="{{ news_id }}" />
 	{% endif %}
@@ -47,7 +37,7 @@
 		</tr>
 
 		{% set rows = rows + 1 %}
-		<tr id="article-text" bgcolor="{{ getStyle(rows) }}"{% if article_text is empty %} style="display: none;"{% endif %}>
+		<tr id="article-text" bgcolor="{{ getStyle(rows) }}"{% if type is not defined or type != constant('ARTICLE') %} style="display: none;"{% endif %}>
 			<td><b>Article short text:<br/>This will be displayed on news page.<br/>Rest will be available on "read more" page.</b></td>
 			<td>
 				<textarea name="article_text">{% if article_text is not empty %}{{ article_text }}{% endif %}</textarea>
@@ -55,7 +45,7 @@
 		</tr>
 
 		{% set rows = rows + 1 %}
-		<tr id="article-image" bgcolor="{{ getStyle(rows) }}"{% if article_image is empty %} style="display: none;"{% endif %}>
+		<tr id="article-image" bgcolor="{{ getStyle(rows) }}"{% if type is not defined or type != constant('ARTICLE') %} style="display: none;"{% endif %}>
 			<td><b>Article image:</b></td>
 			<td>
 				<input type="text" name="article_image" value="{% if article_image is not empty %}{{ article_image }}{% else %}images/news/announcement.jpg{% endif %}" />
@@ -121,7 +111,7 @@
 				<input type="submit" value="Submit"/>
 			</td>
 			<td align="left">
-				<input type="button" onclick="window.location = '{{ news_link }}';" value="Cancel"/>
+				<input id="cancel" type="button" value="Cancel"/>
 			</td>
 		</tr>
 	</table>
@@ -150,4 +140,49 @@
 		});
 	});
 </script>
-{% endif %}
+{% endif %}
+<script type="text/javascript" src="{{ constant('BASE_URL') }}tools/tinymce/tinymce.min.js"></script>
+<script type="text/javascript">
+	var unsaved = false;
+	var lastContent = '';
+
+	tinymce.init({
+		selector : "#body",
+		theme : "modern",
+		plugins: 'print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help code',
+		toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
+		image_advtab: true,
+		setup: function(ed){
+			ed.on('NodeChange', function(e) {
+				if(ed.getContent() != lastContent) {
+					unsaved = true;
+				}
+			});
+		}
+	});
+
+	$(document).ready(function() {
+		$(":input").change(function(){ //trigers change in all input fields including text type
+			unsaved = true;
+		});
+		
+		$("#cancel").click(function( event ) {
+			unsaved = false;
+			window.location = '{{ news_link }}';
+		});
+
+		$("#news-edit-form").submit(function( event ) {
+			unsaved = false;
+		});
+
+		lastContent = $("#body").val();
+	});
+	
+	function unloadPage(){ 
+		if(unsaved){
+			return "You have unsaved changes on this page. Do you want to leave this page and discard your changes or stay on this page?";
+		}
+	}
+
+	window.onbeforeunload = unloadPage;
+</script>

templates/tibiacom/boxes/highscores.php

@@ -26,12 +26,17 @@
 
   #Topbar a {
   text-decoration: none;
-  cursor: auto;
+  }
+  .online {
+	  color: #008000;
+  }
+  
+  .offline {
+	  color: #FF0000;
   }
   a.topfont {
 	font-family: Verdana, Arial, Helvetica; 
     font-size: 11px; 
-        color: #FF0000;
     text-decoration: none
   }
   a:hover.topfont {
@@ -47,7 +52,7 @@
     <?php
     
     foreach(getTopPlayers(5) as $player) {
-	    echo '<div align="left"><a href="'.getPlayerLink($player['name'], false).'" class="topfont">
+	    echo '<div align="left"><a href="'.getPlayerLink($player['name'], false).'" class="topfont ' . ($player['online'] == 1 ? 'online' : 'offline') . '">
         <font color="#CCC">&nbsp;&nbsp;&nbsp;&nbsp;'.$player['rank'].' - </font>'.$player['name'].'
         <br>
         <small><font color="white">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Level: ('.$player['level'].')</font></small>

templates/tibiacom/index.php

@@ -406,10 +406,6 @@ foreach($config['menu_categories'] as $id => $cat) {
         </div>
         <div id="ThemeboxesColumn">
           <div id="RightArtwork">
-		  <?php
-			//$tmp_link =
-			//if($config['friendly_urls'])
-		  ?>
             <img id="Monster" src="images/monsters/<?php echo logo_monster() ?>.gif" onClick="window.location = '?subtopic=creatures&creature=<?php echo $config['logo_monster'] ?>';" alt="Monster of the Week" />
             <img id="PedestalAndOnline" src="<?php echo $template_path; ?>/images/header/pedestal-and-online.gif" alt="Monster Pedestal and Players Online Box"/>
           <div id="PlayersOnline" onClick="window.location = '<?php echo getLink('online'); ?>'">
@@ -430,8 +426,7 @@ foreach($config['menu_categories'] as $id => $cat) {
 				<?php
 				}
 			}
-			?>
- <?php
+
 	if($config['template_allow_change'])
 		 echo '<font color="white">Template:</font><br/>' . template_form();
  ?>

tools/signature/tibian.php

@@ -30,12 +30,17 @@
 	imagettftext($img, $fontsize, 0, 100, 43, $text, $font, number_format($player->getLevel()));
 
 	// experience bar
-	$exppercent = round($experience / $needexp * 100);
-	imagerectangle($img, 14, 46, 166, 50, $bar);
-	if($exppercent > 0)
-		imagefilledrectangle($img, 15, 47, $exppercent * 1.5 + 15, 49, $barfill);
+	$currLevelExp = OTS_Toolbox::experienceForLevel($player->getLevel());
+	$nextLevelExp = OTS_Toolbox::experienceForLevel($player->getLevel() + 1);
+	$levelPercent = 0;
+	if($nextLevelExp > $currLevelExp)
+		$levelPercent = (int)OTS_Player::getPercentLevel($experience - $currLevelExp, $nextLevelExp - $currLevelExp);
 
-	imagettftext($img, $fontsize, 0, 170, 51, $text, $font, $exppercent . '%');
+	imagerectangle($img, 14, 46, 166, 50, $bar);
+	if($levelPercent > 0)
+		imagefilledrectangle($img, 15, 47, $levelPercent * 1.5 + 15, 49, $barfill);
+
+	imagettftext($img, $fontsize, 0, 170, 51, $text, $font, $levelPercent . '%');
 
 	// vocation
 	$vocation = 'Unknown';