* fixed installation (damn me..)

* otserv 0.6.3: fixed some warning (on the characters page) and fatal
mysql error (on the mango signature)

.gitignore

@@ -0,0 +1,2 @@
+Thumbs.db
+.DS_Store

CHANGELOG

@@ -1,3 +1,44 @@
+[0.7.9 - 13.01.2017]
+	* removed 6mb of trash (some useless things)
+	* (fix) TFS 1.x not showing promoted vocations in highscores
+	* otserv 0.6.x: fixed some warning (on the characters page) and fatal mysql error (on the mango signature)
+	* fixed default stamina on otserv 0.6.x engine (and some others perhaps)
+	* install: change permission check to is_writable
+	* changed highscores_groups_hidden to 3 (for TFS 1.x)
+	* updated background-artwork (tibiacom template) to the latest version, removed other ones
+
+[0.7.8 - 12.01.2017]
+	* fixed installation error " call to undefined method OTS_DB_MySQL::hasColumn()"
+	* updated tinymce to the latest (4.7.4) version
+	* enabled emoticons plugin in tinymce :)
+	* some security fixes
+
+[0.7.7 - 08.01.2018]
+	* important fix for servers with promotion column (caused player.vocation to be resetted when saving player, for example: on change name, accept invite to guild, leave guild)
+	* immediately reload config.lua when there's change in config.server_path detected
+	* added new forum option: "Enable HTML" (only for moderators)
+	* fixed othire default column value (#26)
+	* fixed saving custom vocations in admin panel (#36)
+	* fixed warning in highscores when vocation doesn't exist
+	* fixed characters page - config.characters.frags "Notice: Use of undefined constant"
+	* fixed getBoolean function when boolean is passed
+	* fixed empty success message on leave guild
+	* fixed displaying premium account days
+	* function OTS_Account:getPremDays will now return -1 if there's freePremium configurable enabled on the server
+	* fixed tr bgcolor in characters view (Frags) (#38)
+	* fixed some warning in guild show
+	* fixed PHP warning about country not existing on online and characters pages
+	* fixed forum bbcode parsing
+	* don't add extra <br/> to the TinyMCE news forum posts
+	* (internal) using $player->getVocationName() where possible instead of older method
+
+[0.7.6 - 05.01.2017]
+	* fixed othire account creating/installation
+	* fixed table name players -> players_online
+	* fixed unexpected error logging about email fail
+	* added max_execution_time to the install finish step
+	* some small fix regarding highscores vocation box
+
 [0.7.5 - 04.01.2017]
 	* fixed bug on othire with config.account_premium_days
 	* fixed bug on TFS 1.x when online_afk is enabled

common.php

@@ -26,8 +26,8 @@
 session_start();
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.7.5');
-define('DATABASE_VERSION', 20);
+define('MYAAC_VERSION', '0.7.9');
+define('DATABASE_VERSION', 21);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
 define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX'));

config.php

@@ -185,7 +185,7 @@ $config = array(
 	'highscores_frags' => false, // show 'Frags' tab (best fraggers on the server)? Only 0.3
 	'highscores_outfit' => true, // show player outfit?
 	'highscores_country_box' => false, // doesnt work yet! (not implemented)
-	'highscores_groups_hidden' => 4, // this group id and higher won't be shown on the highscores
+	'highscores_groups_hidden' => 3, // this group id and higher won't be shown on the highscores
 	'highscores_ids_hidden' => array(0), // this ids of players will be hidden on the highscores (should be ids of samples)
 	'highscores_length' => 100, // how many records per page on highscores
 

index.php

@@ -176,21 +176,17 @@ if(fetchDatabaseConfig('database_version', $tmp)) { // we got version
 	$tmp = (int)$tmp;
 	if($tmp < DATABASE_VERSION) { // import if older
 		for($i = $tmp + 1; $i <= DATABASE_VERSION; $i++) {
-			$file = SYSTEM . 'migrations/' . $i . '.php';
-			if(file_exists($file)) {
-				require($file);
-			}
+			require(SYSTEM . 'migrations/' . $i . '.php');
+			updateDatabaseConfig('database_version', $i);
 		}
-		
-		updateDatabaseConfig('database_version', DATABASE_VERSION);
 	}
 }
 else { // register first version
+	registerDatabaseConfig('database_version', 0);
 	for($i = 1; $i <= DATABASE_VERSION; $i++) {
 		require(SYSTEM . 'migrations/' . $i . '.php');
+		updateDatabaseConfig('database_version', $i);
 	}
-
-	registerDatabaseConfig('database_version', DATABASE_VERSION);
 }
 
 // event system

install/includes/schema.sql

@@ -109,6 +109,7 @@ CREATE TABLE `myaac_forum`
 	`post_text` text NOT NULL,
 	`post_topic` varchar(255) NOT NULL DEFAULT '',
 	`post_smile` tinyint(1) NOT NULL default '0',
+	`post_html` tinyint(1) NOT NULL default '0',
 	`post_date` int(20) NOT NULL default '0',
 	`last_edit_aid` int(20) NOT NULL default '0',
 	`edit_date` int(20) NOT NULL default '0',

install/steps/3-requirements.php

@@ -25,8 +25,8 @@ $failed = false;
 version_check($locale['step_requirements_php_version'], (PHP_VERSION_ID >= 50300), PHP_VERSION);
 foreach(array('config.local.php', 'images/guilds', 'images/houses', 'images/gallery') as $value)
 {
-	$perms = (int) substr(decoct(fileperms(BASE . $value)), 2);
-	version_check($locale['step_requirements_write_perms'] . ': ' . $value, $perms >= 660);
+	$is_writable = is_writable(BASE . $value);
+	version_check($locale['step_requirements_write_perms'] . ': ' . $value, $is_writable);
 }
 
 $ini_register_globals = ini_get_bool('register_globals');

install/steps/5-database.php

@@ -219,6 +219,17 @@ if(!$error) {
 				if(query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
 					success($locale['step_database_adding_field'] . ' players.comment...');
 			}
+			
+			if(fieldExist('rank_id', 'players')) {
+				if(query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
+					success($locale['step_database_modifying_field'] . ' players.rank_id...');
+			
+				if(fieldExist('guildnick', 'players')) {
+					if(query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
+						success($locale['step_database_modifying_field'] . ' players.guildnick...');
+					}
+				}
+			}
 		}
 		
 		if(!$error && (!isset($_SESSION['saved']))) {

install/steps/7-finish.php

@@ -1,6 +1,7 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 
+ini_set('max_execution_time', 300);
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
 }

system/functions.php

@@ -156,6 +156,10 @@ function getFlagImage($country)
 	if(!isset($config['countries']))
 		require(SYSTEM . 'countries.conf.php');
 
+	if(!isset($config['countries'][$country])) {
+		return '';
+	}
+	
 	return '<img src="images/flags/' . $country . '.gif" title="' . $config['countries'][$country]. '"/>';
 }
 
@@ -167,7 +171,9 @@ function getFlagImage($country)
  */
 function getBoolean($v)
 {
-	if(!$v || !isset($v[0])) return false;
+	if(is_bool($v)) {
+		return $v;
+	}
 
 	if(is_numeric($v))
 		return intval($v) > 0;
@@ -573,7 +579,7 @@ function getCreatureName($killer, $showStatus = false, $extendedInfo = false)
 
 			$str .= '<font color="'.($player->isOnline() ? 'green' : 'red').'">' . $player->getName() . '</font></b></a>';
 			if($extendedInfo) {
-				$str .= '<br><small>'.$player->getLevel().' '.$config['vocations'][$player->getVocation()].'</small>';
+				$str .= '<br><small>'.$player->getLevel().' '.$player->getVocationName().'</small>';
 			}
 			return $str;
 		}

system/init.php

@@ -8,6 +8,7 @@
  * @link      http://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
+
 // load configuration
 require_once(BASE . 'config.php');
 if(file_exists(BASE . 'config.local.php')) // user customizations
@@ -86,21 +87,26 @@ if(isset($_REQUEST))
 }
 
 // load otserv config file
-$tmp = '';
-if($cache->enabled() && $cache->fetch('config_lua', $tmp)) {
-	$config['lua'] = unserialize($tmp);
-	/*if(isset($config['lua']['myaac'][0])) {
-		foreach($config['lua']['myaac'] as $key => $value)
-			$config[$key] = $value;
-	}*/
+$config_lua_reload = true;
+if($cache->enabled()) {
+	$tmp = null;
+	if($cache->fetch('server_path', $tmp) && $tmp == $config['server_path']) {
+		$tmp = null;
+		if($cache->fetch('config_lua', $tmp) && $tmp) {
+			$config['lua'] = unserialize($tmp);
+			$config_lua_reload = false;
+		}
+	}
 }
-else
-{
+
+if($config_lua_reload) {
 	$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
 
 	// cache config
-	if($cache->enabled())
+	if($cache->enabled()) {
 		$cache->set('config_lua', serialize($config['lua']), 120);
+		$cache->set('server_path', $config['server_path']);
+	}
 }
 unset($tmp);
 

system/libs/forum.php

@@ -37,7 +37,20 @@ class Forum
 	{
 		global $db;
 		$thread_id = 0;
-		if($db->insert(TABLE_PREFIX . 'forum', array('first_post' => 0, 'last_post' => time(), 'section' => $section_id, 'replies' => 0, 'views' => 0, 'author_aid' => isset($account_id) ? $account_id : 0, 'author_guid' => isset($player_id) ? $player_id : 0, 'post_text' => $body, 'post_topic' => $title, 'post_smile' => 0, 'post_date' => time(), 'last_edit_aid' => 0, 'edit_date' => 0, 'post_ip' => $_SERVER['REMOTE_ADDR']))) {
+		if($db->insert(TABLE_PREFIX . 'forum', array(
+			'first_post' => 0,
+			'last_post' => time(),
+			'section' => $section_id,
+			'replies' => 0,
+			'views' => 0,
+			'author_aid' => isset($account_id) ? $account_id : 0,
+			'author_guid' => isset($player_id) ? $player_id : 0,
+			'post_text' => $body, 'post_topic' => $title,
+			'post_smile' => 0, 'post_html' => 1,
+			'post_date' => time(),
+			'last_edit_aid' => 0, 'edit_date' => 0,
+			'post_ip' => $_SERVER['REMOTE_ADDR']
+		))) {
 			$thread_id = $db->lastInsertId();
 			$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `first_post`=".(int) $thread_id." WHERE `id` = ".(int) $thread_id);
 		}
@@ -45,7 +58,7 @@ class Forum
 		return $thread_id;
 	}
 	
-	static public function add_post($thread_id, $section, $author_aid, $author_guid, $post_text, $post_topic, $smile)
+	static public function add_post($thread_id, $section, $author_aid, $author_guid, $post_text, $post_topic, $smile, $html)
 	{
 		global $db;
 		$db->insert(TABLE_PREFIX . 'forum', array(
@@ -56,6 +69,7 @@ class Forum
 			'post_text' => $post_text,
 			'post_topic' => $post_topic,
 			'post_smile' => $smile,
+			'post_html' => $html,
 			'post_date' => time(),
 			'post_ip' => $_SERVER['REMOTE_ADDR']
 		));
@@ -232,16 +246,20 @@ class Forum
 		foreach($tags as $search => $replace)
 			$text = preg_replace($search, $replace, $text);
 		
-		return ($smiles == 0 ? Forum::parseSmiles($text) : $text);
+		return ($smiles ? Forum::parseSmiles($text) : $text);
 	}
 	
-	public static function showPost($topic, $text, $smiles)
+	public static function showPost($topic, $text, $smiles = true, $html = false)
 	{
-		$text = nl2br($text);
+		if($html) {
+			return '<b>' . $topic . '</b><hr />' . $text;
+		}
+
 		$post = '';
 		if(!empty($topic))
-			$post .= '<b>'.($smiles == 0 ? self::parseSmiles($topic) : $topic).'</b><hr />';
-		$post .= self::parseBBCode($text, $smiles);
+			$post .= '<b>'.($smiles ? self::parseSmiles($topic) : $topic).'</b><hr />';
+
+		$post .= self::parseBBCode(nl2br($text), $smiles);
 		return $post;
 	}
 	

system/libs/plugins.php

@@ -10,6 +10,34 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
+function is_sub_dir($path = NULL, $parent_folder = SITE_PATH) {
+	
+	//Get directory path minus last folder
+	$dir = dirname($path);
+	$folder = substr($path, strlen($dir));
+	
+	//Check the the base dir is valid
+	$dir = realpath($dir);
+	
+	//Only allow valid filename characters
+	$folder = preg_replace('/[^a-z0-9\.\-_]/i', '', $folder);
+	
+	//If this is a bad path or a bad end folder name
+	if( !$dir OR !$folder OR $folder === '.') {
+		return FALSE;
+	}
+	
+	//Rebuild path
+	$path = $dir. '/' . $folder;
+	
+	//If this path is higher than the parent folder
+	if( strcasecmp($path, $parent_folder) > 0 ) {
+		return $path;
+	}
+	
+	return FALSE;
+}
+
 class Plugins {
 	private static $warnings = array();
 	private static $error = null;
@@ -160,16 +188,32 @@ class Plugins {
 				else {
 					$success = true;
 					foreach($plugin_info['uninstall'] as $file) {
-						$file = BASE . $file;
-						if(!deleteDirectory($file)) {
+						if(strpos($file, '/') === 0) {
 							$success = false;
+							self::$error = "You cannot use absolute paths (starting with slash - '/'): " . $file;
+							break;
+						}
+						
+						$file = BASE . $file;
+						if(!is_sub_dir($file, BASE) || realpath(dirname($file)) != dirname($file)) {
+							$success = false;
+							self::$error = "You don't have rights to delete: " . $file;
+							break;
 						}
 					}
-					
+
+					if($success) {
+						foreach($plugin_info['uninstall'] as $file) {
+							if(!deleteDirectory(BASE . $file)) {
+								self::$warnings[] = 'Cannot delete: ' . $$file;
+							}
+						}
+					}
+
 					if (isset($plugin_info['hooks'])) {
 						foreach ($plugin_info['hooks'] as $_name => $info) {
 							if (defined('HOOK_'. $info['type'])) {
-								$hook = constant('HOOK_'. $info['type']);
+								//$hook = constant('HOOK_'. $info['type']);
 								$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';');
 								if ($query->rowCount() == 1) { // found something
 									$query = $query->fetch();
@@ -187,9 +231,6 @@ class Plugins {
 						
 						return true;
 					}
-					else {
-						self::$error = error_get_last();
-					}
 				}
 			}
 		}

system/libs/pot/OTS_Account.php

@@ -39,7 +39,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
  * @var array
  * @version 0.1.5
  */
-    private $data = array('email' => '', 'blocked' => false, 'rlname' => '','location' => '','web_flags' => 0,'lastday' => 0,'premdays' => 0, 'created' => 0);
+    private $data = array('email' => '', 'blocked' => false, 'rlname' => '','location' => '','web_flags' => 0, 'lastday' => 0, 'premdays' => 0, 'created' => 0);
 
 /**
  * Creates new account.
@@ -249,14 +249,13 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
             throw new E_OTS_NotLoaded();
         }
 
-		$lastday = 'lastday';
-		if(fieldExist('premend', 'accounts'))
-			$lastday = 'premend';
-		
-		$field = 'lastday';
-		if(isset($this->data['premend'])) { // othire
-			$field = 'premend';
+	$field = 'lastday';
+	if(fieldExist('premend', 'accounts')) { // othire
+    		$field = 'premend';
+		if(!isset($this->data['premend'])) {
+			$this->data['premend'] = 0;
 		}
+	}
 
         // UPDATE query on database
         $this->db->query('UPDATE `accounts` SET ' . (fieldExist('name', 'accounts') ? '`name` = ' . $this->db->quote($this->data['name']) . ',' : '') . '`password` = ' . $this->db->quote($this->data['password']) . ', `email` = ' . $this->db->quote($this->data['email']) . ', `blocked` = ' . (int) $this->data['blocked'] . ', `rlname` = ' . $this->db->quote($this->data['rlname']) . ', `location` = ' . $this->db->quote($this->data['location']) . ', `web_flags` = ' . (int) $this->data['web_flags'] . ', ' . (fieldExist('premdays', 'accounts') ? '`premdays` = ' . (int) $this->data['premdays'] . ',' : '') . '`' . $field . '` = ' . (int) $this->data[$field] . ' WHERE `id` = ' . $this->data['id']);
@@ -342,9 +341,15 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			return round(($this->data['premend'] - time()) / (24 * 60 * 60), 2);
 		}
 
+		if($this->data['premdays'] == 0) {
+			return 0;
+		}
+
+		global $config;
+        if(isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium'])) return -1;
 		return $this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday']));
 	}
-	
+
    public function getLastLogin()
     {
         if( !isset($this->data['lastday']) )
@@ -354,7 +359,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
         return $this->data['lastday'];
     }
-	
+
     public function isPremium()
     {
 		global $config;

system/libs/pot/OTS_Player.php

@@ -216,11 +216,6 @@ class OTS_Player extends OTS_Row_DAO
 		if(!isset($this->data['rank_id']) || $this->data['rank_id'] == NULL)
 			$this->data['rank_id'] = 0;
 
-		if(isset($this->data['promotion'])) {
-			global $config;
-			if((int)$this->data['promotion'] > 0)
-				$this->data['vocation'] += ($this->data['promotion'] * $config['vocations_amount']);
-		}
         // loads skills
         if( $this->isLoaded() )
         {
@@ -820,6 +815,12 @@ class OTS_Player extends OTS_Row_DAO
             throw new E_OTS_NotLoaded();
         }
 
+		if(isset($this->data['promotion'])) {
+			global $config;
+			if((int)$this->data['promotion'] > 0)
+				return ($this->data['vocation'] + ($this->data['promotion'] * $config['vocations_amount']));
+		}
+
         return $this->data['vocation'];
     }
 
@@ -2895,7 +2896,12 @@ class OTS_Player extends OTS_Row_DAO
         }
 
 		global $config;
-		return $config['vocations'][$this->data['vocation']];
+		$voc = $this->getVocation();
+		if(!isset($config['vocations'][$voc])) {
+			return 'Unknown';
+		}
+
+		return $config['vocations'][$voc];
         //return POT::getInstance()->getVocationsList()->getVocationName($this->data['vocation']);
     }
 

system/migrations/21.php

@@ -0,0 +1,14 @@
+<?php
+
+$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum` ADD `post_html` TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`;");
+
+$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "forum_boards` WHERE `name` LIKE " . $db->quote('News') . " LIMIT 1;");
+if($query->rowCount() == 0) {
+	return; // don't make anything
+}
+
+$query = $query->fetch();
+$id = $query['id'];
+
+// update all forum threads with is_html = 1
+$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `post_html` = 1 WHERE `section` = " . $id . " AND `id` = `first_post`;");

system/pages/account/create_character.php

@@ -140,7 +140,11 @@ if($save) {
 		$player->setPosX(0);
 		$player->setPosY(0);
 		$player->setPosZ(0);
-		$player->setStamina($config['otserv_version'] == TFS_03 ? 151200000 : 2520);
+
+		if(fieldExist('stamina', 'players')) {
+			$player->setStamina($char_to_copy->getStamina());
+		}
+
 		if(fieldExist('loss_experience', 'players')) {
 			$player->setLossExperience($char_to_copy->getLossExperience());
 			$player->setLossMana($char_to_copy->getLossMana());

system/pages/admin/players.php

@@ -120,7 +120,11 @@ if($id > 0) {
 		verify_number($experience, 'Experience', 20);
 
 		$vocation = $_POST['vocation'];
-		verify_number($vocation, 'Vocation id', 1);
+		verify_number($vocation, 'Vocation id', 11);
+
+		if(!isset($config['vocations'][$vocation])) {
+			echo_error("Vocation with this id doesn't exist.");
+		}
 
 		// health
 		$health = $_POST['health'];
@@ -357,14 +361,12 @@ $account = $player->getAccount();
 		<td>
 			<select name="vocation">
 <?php
-			$i = 0;
-			foreach($config['vocations'] as $voc)
+			foreach($config['vocations'] as $id => $name)
 			{
-				echo '<option value=' . $i;
-				if($i == $player->getVocation())
+				echo '<option value=' . $id;
+				if($id == $player->getVocation())
 					echo ' selected="selected"';
-				echo '>' . $voc . '</option>';
-				$i++;
+				echo '>' . $name . '</option>';
 			}
 					
 

system/pages/admin/plugins.php

@@ -22,7 +22,7 @@ if(isset($_REQUEST['uninstall'])){
 		success('Successfully uninstalled plugin ' . $uninstall);
 	}
 	else {
-		error('Error while uninstalling plugin ' . $plugin_name . ': ' . Plugins::getError());
+		error('Error while uninstalling plugin ' . $uninstall . ': ' . Plugins::getError());
 	}
 }
 else if(isset($_FILES["plugin"]["name"]))

system/pages/characters.php

@@ -231,7 +231,7 @@ if($player->isLoaded() && !$player->isDeleted())
 	$dead_add_content = '';
 	$deaths = array();
 	if(tableExist('killers')) {
-		$player_deaths = $db->query('SELECT `id`, `date`, `level` FROM `player_deaths` WHERE `player_id` = '.$player->getId().' ORDER BY `date` DESC LIMIT 0,10;');
+		$player_deaths = $db->query('SELECT `id`, `date`, `level` FROM `player_deaths` WHERE `player_id` = '.$player->getId().' ORDER BY `date` DESC LIMIT 0,10;')->fetchAll();
 		if(count($player_deaths))
 		{
 			$number_of_rows = 0;
@@ -289,7 +289,7 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 		$deaths_db = $db->query('SELECT
 				`player_id`, `time`, `level`, `killed_by`, `is_player`' . $mostdamage . '
 				FROM `player_deaths`
-				WHERE `player_id` = ' . $player->getId() . ' ORDER BY `time` DESC LIMIT 10;');
+				WHERE `player_id` = ' . $player->getId() . ' ORDER BY `time` DESC LIMIT 10;')->fetchAll();
 		
 		if(count($deaths_db))
 		{
@@ -328,13 +328,13 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 		//frags list by Xampy
 		$i = 0;
 		$frags_limit = 10; // frags limit to show? // default: 10
-		$player_frags = $db->query('SELECT `player_deaths`.*, `players`.`name`, `killers`.`unjustified` FROM `player_deaths` LEFT JOIN `killers` ON `killers`.`death_id` = `player_deaths`.`id` LEFT JOIN `player_killers` ON `player_killers`.`kill_id` = `killers`.`id` LEFT JOIN `players` ON `players`.`id` = `player_deaths`.`player_id` WHERE `player_killers`.`player_id` = '.$player->getId().' ORDER BY `date` DESC LIMIT 0,'.$frags_limit.';');
+		$player_frags = $db->query('SELECT `player_deaths`.*, `players`.`name`, `killers`.`unjustified` FROM `player_deaths` LEFT JOIN `killers` ON `killers`.`death_id` = `player_deaths`.`id` LEFT JOIN `player_killers` ON `player_killers`.`kill_id` = `killers`.`id` LEFT JOIN `players` ON `players`.`id` = `player_deaths`.`player_id` WHERE `player_killers`.`player_id` = '.$player->getId().' ORDER BY `date` DESC LIMIT 0,'.$frags_limit.';')->fetchAll();
 		if(count($player_frags))
 		{
 			$row_count = 0;
 			foreach($player_frags as $frag)
 			{
-				$description = 'Fragged <a href="' . getPlayerLink($frag[name], false) . '">' . $frag[name] . '</a> at level ' . $frag[level];
+				$description = 'Fragged <a href="' . getPlayerLink($frag['name'], false) . '">' . $frag['name'] . '</a> at level ' . $frag['level'];
 				$frags[] = array('time' => $frag['date'], 'description' => $description, 'unjustified' => $frag['unjustified'] != 0);
 			}
 		}
@@ -375,7 +375,7 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 		'sex' => $player_sex,
 		'marriage_enabled' => $config['characters']['marriage_info'] && fieldExist('marriage', 'players'),
 		'marital_status' => $marital_status,
-		'vocation' => $config['vocations'][$player->getVocation()],
+		'vocation' => $player->getVocationName(),
 		'frags_enabled' => $frags_enabled,
 		'frags_count' => $frags_count,
 		'town' => isset($config['towns'][$player->getTownId()]) ? $config['towns'][$player->getTownId()] : null,

system/pages/createaccount.php

@@ -203,9 +203,10 @@ if($save)
 
 				if(_mail($email, 'Your account on ' . $config['lua']['serverName'], $mailBody))
 					echo '<br /><small>These informations were send on email address <b>' . $email . '</b>.';
-				else
+				else {
 					error('An error occorred while sending email (<b>' . $email . '</b>)! Error:<br/>' . $mailer->ErrorInfo . '<br/>More info in system/logs/error.log');
 					log_append('error.log', '[createaccount.php] An error occorred while sending email: ' . $mailer->ErrorInfo . '. Error: ' . print_r(error_get_last(), true));
+				}
 			}
 		}
 

system/pages/forum.php

@@ -28,7 +28,7 @@ if(!$logged)
 
 require_once(LIBS . 'forum.php');
 
-$canEdit = hasFlag(FLAG_CONTENT_FORUM) || superAdmin();
+$canEdit = Forum::isModerator();
 if($canEdit)
 {
 	$groups = new OTS_Groups_List();
@@ -172,7 +172,7 @@ if(empty($action))
 	return;
 }
 
-
+$errors = array();
 if($action == 'show_board' || $action == 'show_thread')
 {
 	require(PAGES . 'forum/' . $action . '.php');

system/pages/forum/edit_post.php

@@ -18,14 +18,14 @@ if(Forum::canPost($account_logged))
 		return;
 	}
 	
-	$thread = $db->query("SELECT `author_guid`, `author_aid`, `first_post`, `post_topic`, `post_date`, `post_text`, `post_smile`, `id`, `section` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = ".$post_id." LIMIT 1")->fetch();
+	$thread = $db->query("SELECT `author_guid`, `author_aid`, `first_post`, `post_topic`, `post_date`, `post_text`, `post_smile`, `post_html`, `id`, `section` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = ".$post_id." LIMIT 1")->fetch();
 	if(isset($thread['id']))
 	{
 		$first_post = $db->query("SELECT `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`section` FROM `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`id` = ".(int) $thread['first_post']." LIMIT 1")->fetch();
 		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.$first_post['post_topic'].'</a> >> <b>Edit post</b>';
 		if(Forum::hasAccess($thread['section'] && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())))
 		{
-			$char_id = $post_topic = $text = $smile = null;
+			$char_id = $post_topic = $text = $smile = $html = null;
 			$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 			$saved = false;
 			if(isset($_REQUEST['save']))
@@ -33,9 +33,10 @@ if(Forum::canPost($account_logged))
 				$text = stripslashes(trim($_REQUEST['text']));
 				$char_id = (int) $_REQUEST['char_id'];
 				$post_topic = stripslashes(trim($_REQUEST['topic']));
-				$smile = (int) $_REQUEST['smile'];
+				$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
+				$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
 				$lenght = 0;
-				for($i = 0; $i <= strlen($post_topic); $i++)
+				for($i = 0; $i < strlen($post_topic); $i++)
 				{
 					if(ord($post_topic[$i]) >= 33 && ord($post_topic[$i]) <= 126)
 						$lenght++;
@@ -43,12 +44,11 @@ if(Forum::canPost($account_logged))
 				if(($lenght < 1 || strlen($post_topic) > 60) && $thread['id'] == $thread['first_post'])
 					$errors[] = 'Too short or too long topic (short: '.$lenght.' long: '.strlen($post_topic).' letters). Minimum 1 letter, maximum 60 letters.';
 				$lenght = 0;
-				for($i = 0; $i <= strlen($text); $i++)
+				for($i = 0; $i < strlen($text); $i++)
 				{
 					if(ord($text[$i]) >= 33 && ord($text[$i]) <= 126)
 						$lenght++;
 				}
-				
 				if($lenght < 1 || strlen($text) > 15000)
 					$errors[] = 'Too short or too long post (short: '.$lenght.' long: '.strlen($text).' letters). Minimum 1 letter, maximum 15000 letters.';
 				if($char_id == 0)
@@ -56,7 +56,7 @@ if(Forum::canPost($account_logged))
 				if(empty($post_topic) && $thread['id'] == $thread['first_post'])
 					$errors[] = 'Thread topic can\'t be empty.';
 				
-				$player_on_account == false;
+				$player_on_account = false;
 				
 				if(count($errors) == 0)
 				{
@@ -71,7 +71,7 @@ if(Forum::canPost($account_logged))
 					$saved = true;
 					if($account_logged->getId() != $thread['author_aid'])
 						$char_id = $thread['author_guid'];
-					$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = ".(int) $char_id.", `post_text` = ".$db->quote($text).", `post_topic` = ".$db->quote($post_topic).", `post_smile` = ".(int) $smile.", `last_edit_aid` = ".(int) $account_logged->getId().",`edit_date` = ".time()." WHERE `id` = ".(int) $thread['id']);
+					$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = ".(int) $char_id.", `post_text` = ".$db->quote($text).", `post_topic` = ".$db->quote($post_topic).", `post_smile` = ".$smile.", `post_html` = ".$html.", `last_edit_aid` = ".(int) $account_logged->getId().",`edit_date` = ".time()." WHERE `id` = ".(int) $thread['id']);
 					$post_page = $db->query("SELECT COUNT(`" . TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`post_date` <= ".$thread['post_date']." AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['first_post'])->fetch();
 					$_page = (int) ceil($post_page['posts_count'] / $config['forum_threads_per_page']) - 1;
 					header('Location: ' . getForumThreadLink($thread['first_post'], $_page));
@@ -83,6 +83,7 @@ if(Forum::canPost($account_logged))
 				$char_id = (int) $thread['author_guid'];
 				$post_topic = $thread['post_topic'];
 				$smile = (int) $thread['post_smile'];
+				$html = (int) $thread['post_html'];
 			}
 			
 			if(!$saved)
@@ -94,9 +95,12 @@ if(Forum::canPost($account_logged))
 					'post_id' => $post_id,
 					'players' => $players_from_account,
 					'player_id' => $char_id,
-					'topic' => htmlspecialchars($post_topic),
-					'text' => htmlspecialchars($text),
-					'smile' => $smile
+					'post_topic' => $canEdit ? $post_topic : htmlspecialchars($post_topic),
+					'post_text' => $canEdit ? $text : htmlspecialchars($text),
+					'post_smile' => $smile > 0,
+					'post_html' => $html > 0,
+					'html' => $html,
+					'canEdit' => $canEdit
 				));
 			}
 		}

system/pages/forum/new_post.php

@@ -27,7 +27,8 @@ if(Forum::canPost($account_logged))
 		$text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL;
 		$char_id = (int) (isset($_REQUEST['char_id']) ? $_REQUEST['char_id'] : 0);
 		$post_topic = isset($_REQUEST['topic']) ? stripslashes(trim($_REQUEST['topic'])) : '';
-		$smile = (int) (isset($_REQUEST['smile']) ? $_REQUEST['smile'] : 0);
+		$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
+		$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
 		$saved = false;
 		if(isset($_REQUEST['quote']))
 		{
@@ -72,7 +73,7 @@ if(Forum::canPost($account_logged))
 			if(count($errors) == 0)
 			{
 				$saved = true;
-				Forum::add_post($thread['id'], $thread['section'], $account_logged->getId(), (int) $char_id, $text, $post_topic, (int) $smile, time(), $_SERVER['REMOTE_ADDR']);
+				Forum::add_post($thread['id'], $thread['section'], $account_logged->getId(), (int) $char_id, $text, $post_topic, $smile, $html, time(), $_SERVER['REMOTE_ADDR']);
 				$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `replies`=`replies`+1, `last_post`=".time()." WHERE `id` = ".(int) $thread_id);
 				$post_page = $db->query("SELECT COUNT(`" . TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`post_date` <= ".time()." AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id'])->fetch();
 				$_page = (int) ceil($post_page['posts_count'] / $config['forum_threads_per_page']) - 1;
@@ -85,11 +86,14 @@ if(Forum::canPost($account_logged))
 		{
 			if(!empty($errors))
 				echo $twig->render('error_box.html.twig', array('errors' => $errors));
-			
-			$threads = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_smile` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." ORDER BY `" . TABLE_PREFIX . "forum`.`post_date` DESC LIMIT 5")->fetchAll();
-			
+				
+			$threads = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`post_html`, `" . TABLE_PREFIX . "forum`.`author_aid` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." ORDER BY `" . TABLE_PREFIX . "forum`.`post_date` DESC LIMIT 5")->fetchAll();
 			foreach($threads as &$thread) {
-				$thread['post'] = Forum::showPost($thread['post_topic'], $thread['post_text'], $thread['post_smile']);
+				$player_account = new OTS_Account();
+				$player_account->load($thread['author_aid']);
+				if($player_account->isLoaded()) {
+					$thread['post'] = Forum::showPost(($thread['post_html'] > 0 ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($thread['post_html'] > 0 ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile'] == 0, $thread['post_html'] > 0);
+				}
 			}
 			
 			echo $twig->render('forum.new_post.html.twig', array(
@@ -98,9 +102,11 @@ if(Forum::canPost($account_logged))
 				'players' => $players_from_account,
 				'post_topic' => $post_topic,
 				'post_text' => $text,
-				'post_smile' => $smile,
+				'post_smile' => $smile > 0,
+				'post_html' => $html > 0,
 				'topic' => $thread['post_topic'],
-				'threads' => $threads
+				'threads' => $threads,
+				'canEdit' => $canEdit
 			));
 		}
 	}

system/pages/forum/new_thread.php

@@ -24,7 +24,8 @@ if(Forum::canPost($account_logged))
 			$text = isset($_REQUEST['text']) ? stripslashes($_REQUEST['text']) : '';
 			$char_id = (int)(isset($_REQUEST['char_id']) ? $_REQUEST['char_id'] : 0);
 			$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
-			$smile = (int)(isset($_REQUEST['smile']) ? $_REQUEST['smile'] : 0);
+			$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
+			$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
 			$saved = false;
 			if (isset($_REQUEST['save'])) {
 				$errors = array();
@@ -68,7 +69,7 @@ if(Forum::canPost($account_logged))
 				}
 				if (count($errors) == 0) {
 					$saved = true;
-					$db->query("INSERT INTO `" . TABLE_PREFIX . "forum` (`first_post` ,`last_post` ,`section` ,`replies` ,`views` ,`author_aid` ,`author_guid` ,`post_text` ,`post_topic` ,`post_smile` ,`post_date` ,`last_edit_aid` ,`edit_date`, `post_ip`) VALUES ('0', '" . time() . "', '" . (int)$section_id . "', '0', '0', '" . $account_logged->getId() . "', '" . (int)$char_id . "', " . $db->quote($text) . ", " . $db->quote($post_topic) . ", '" . (int)$smile . "', '" . time() . "', '0', '0', '" . $_SERVER['REMOTE_ADDR'] . "')");
+					$db->query("INSERT INTO `" . TABLE_PREFIX . "forum` (`first_post` ,`last_post` ,`section` ,`replies` ,`views` ,`author_aid` ,`author_guid` ,`post_text` ,`post_topic` ,`post_smile`, `post_html` ,`post_date` ,`last_edit_aid` ,`edit_date`, `post_ip`) VALUES ('0', '" . time() . "', '" . (int)$section_id . "', '0', '0', '" . $account_logged->getId() . "', '" . (int)$char_id . "', " . $db->quote($text) . ", " . $db->quote($post_topic) . ", '" . (int)$smile . "', '" . (int)$html . "', '" . time() . "', '0', '0', '" . $_SERVER['REMOTE_ADDR'] . "')");
 					$thread_id = $db->lastInsertId();
 					$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `first_post`=" . (int)$thread_id . " WHERE `id` = " . (int)$thread_id);
 					header('Location: ' . getForumThreadLink($thread_id));
@@ -85,8 +86,10 @@ if(Forum::canPost($account_logged))
 					'players' => $players_from_account,
 					'post_player_id' => $char_id,
 					'post_thread' => $post_topic,
-					'text' => $text,
-					'smiles_enabled' => $smile > 0
+					'post_text' => $text,
+					'post_smile' => $smile > 0,
+					'post_html' => $html > 0,
+					'canEdit' => $canEdit
 				));
 			}
 		}

system/pages/forum/show_thread.php

@@ -33,7 +33,7 @@ for($i = 0; $i < $posts_count['posts_count'] / $config['forum_threads_per_page']
 	else
 		$links_to_pages .= '<b>'.($i + 1).' </b>';
 }
-$threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `players`.`account_id`, `players`.`vocation`" . (fieldExist('promotion', 'players') ? ", `players`.`promotion`" : "") . ", `players`.`level`, `" . TABLE_PREFIX . "forum`.`id`,`" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`section`,`" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_date`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`last_edit_aid`, `" . TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." ORDER BY `" . TABLE_PREFIX . "forum`.`post_date` LIMIT ".$config['forum_posts_per_page']." OFFSET ".($_page * $config['forum_posts_per_page']))->fetchAll();
+$threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `players`.`account_id`, `players`.`vocation`" . (fieldExist('promotion', 'players') ? ", `players`.`promotion`" : "") . ", `players`.`level`, `" . TABLE_PREFIX . "forum`.`id`,`" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`section`,`" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_date`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`post_html`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`last_edit_aid`, `" . TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." ORDER BY `" . TABLE_PREFIX . "forum`.`post_date` LIMIT ".$config['forum_posts_per_page']." OFFSET ".($_page * $config['forum_posts_per_page']))->fetchAll();
 if(isset($threads[0]['name']))
 	$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
 echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($threads[0]['section']) . '">'.$sections[$threads[0]['section']]['name'].'</a> >> <b>'.$thread_name['post_topic'].'</b>';
@@ -47,8 +47,8 @@ foreach($threads as $thread)
 		die();
 	}
 	
-	echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$player->getVocation()].'<br />Level: '.$thread['level'].'<br />';
-	
+	echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$player->getVocationName().'<br />Level: '.$thread['level'].'<br />';
+
 	$rank = $player->getRank();
 	if($rank->isLoaded())
 	{
@@ -56,11 +56,9 @@ foreach($threads as $thread)
 		if($guild->isLoaded())
 			echo $rank->getName().' of <a href="'.getGuildLink($guild->getName(), false).'">'.$guild->getName().'</a><br />';
 	}
-	$player_account = $player->getAccount();
-	$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
-	
+
 	$posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch();
-	echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.Forum::showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'</td></tr>
+	echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.Forum::showPost(($thread['post_html'] > 0 ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($thread['post_html'] > 0 ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile'] == 0, $thread['post_html'] > 0).'</td></tr>
 		<tr bgcolor="'.getStyle($number_of_rows++).'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
 	if($thread['edit_date'] > 0)
 	{

system/pages/guilds/leave_guild.php

@@ -94,7 +94,7 @@ else
 {
 	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		$player->setRank();
-		$twig->render('success.html.twig', array(
+		echo $twig->render('success.html.twig', array(
 			'title' => 'Leave guild',
 			'description' => 'Player with name <b>'.$player->getName().'</b> leaved guild <b>'.$guild->getName().'</b>.',
 			'custom_buttons' => $twig->render('guilds.back_button.html.twig', array(

system/pages/guilds/show.php

@@ -10,6 +10,7 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
+$title = 'Guilds';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 if(!Validator::guildName($guild_name))
 	$errors[] = Validator::getLastError();
@@ -41,6 +42,7 @@ else
 	$players_from_account_in_guild = array();
 	if($logged)
 	{
+		$players_from_account_ids = array();
 		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player)
 		{

system/pages/highscores.php

@@ -22,11 +22,17 @@ $add_sql = '';
 $config_vocations = $config['vocations'];
 if($config['highscores_vocation_box'] && isset($vocation))
 {
-	for($i = 1; $i < count($config_vocations) / 2; $i++)
-	{
-		if(strtolower($config_vocations[$i]) == $vocation)
-		{
-			$add_sql = 'AND ' . $db->fieldName('vocation') . ' = ' . $db->quote($i);
+	foreach($config['vocations'] as $id => $name) {
+		if(strtolower($name) == $vocation) {
+			$add_vocs = array($id);
+	
+			$i = $id + $config['vocations_amount'];
+			while(isset($config['vocations'][$i])) {
+				$add_vocs[] = $i;
+				$i += $config['vocations_amount'];
+			}
+	
+			$add_sql = 'AND `vocation` IN (' . implode(', ', $add_vocs) . ')';
 			break;
 		}
 	}
@@ -178,6 +184,7 @@ $i = 0;
 $online_exist = false;
 if(fieldExist('online', 'players'))
 	$online_exist = true;
+
 foreach($skills as $player)
 {
 	if(!$online_exist) {
@@ -211,7 +218,11 @@ echo '
 							$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
 					}
 
-					echo '<br/><small>' . $config['vocations'][$player['vocation']] . '</small>';
+					$tmp = 'Unknown';
+					if(isset($config['vocations'][$player['vocation']])) {
+						$tmp = $config['vocations'][$player['vocation']];
+					}
+					echo '<br/><small>' . $tmp . '</small>';
 				}
 echo '
 			</td>

system/status.php

@@ -104,7 +104,7 @@ function updateStatus() {
 		{
 			// get amount of players that are currently logged in-game, including disconnected clients (exited)
 			if(tableExist('players_online')) { // tfs 1.x
-				$query = $db->query('SELECT COUNT(`player_id`) AS `playersTotal` FROM `players`;');
+				$query = $db->query('SELECT COUNT(`player_id`) AS `playersTotal` FROM `players_online`;');
 			}
 			else {
 				$query = $db->query('SELECT COUNT(`id`) AS `playersTotal` FROM `players` WHERE `online` > 0');

system/templates/account.management.html.twig

@@ -51,7 +51,17 @@
 	<div id="two">
 		<h1>My account</h1>
 		<p>Welcome to your account page, {{ account }}<br>
-			You have {{ account_logged.getPremDays() }} days remaining premium account.</p>
+			{% if config.lua.freePremium %}
+			You have unlimited Premium Account.
+			{% else %}
+				{% set premiumDays = account_logged.getPremDays() %}
+				{% if premiumDays == 0 %}
+				You don't have Premium Account
+				{% else %}
+				You have {{ premiumDays }} days remaining Premium Account.
+				{% endif %}
+			{% endif %}
+		</p>
 
 		{# if account dont have recovery key show hint #}
 		{% if recovery_key is empty %}
@@ -150,7 +160,7 @@
 			{% for player in players %}
 				{% set i = i + 1 %}
 				<tr bgcolor="{{ getStyle(i) }}">
-					<td><a href="{{ getLink('characters/' ~ player.getName()|urlencode) }}">{{ player.getName() }}</a></td><td>{{ player.getLevel() }}</td><td>{{ config.vocations[player.getVocation()] }}</td><td>{{ config.towns[player.getTownId()] }}</td><td>{% if player.getLastLogin() > 0 %}{{ player.getLastLogin|date('d F Y (H:i)') }}{% else %}Never.{% endif %}</td><td>{%  if player.isOnline() %}<font color="green">ONLINE</font>{% else %}<font color="red">Offline</font>{% endif %}</td><td>{% if player.isHidden() %}Hidden{% else %}Visible{% endif %}</td><td>[<a href="{{ getLink('account/character/comment/' ~ player.getName|urlencode) }}" >Edit</a>]</td>
+					<td><a href="{{ getLink('characters/' ~ player.getName()|urlencode) }}">{{ player.getName() }}</a></td><td>{{ player.getLevel() }}</td><td>{{ player.getVocationName() }}</td><td>{{ config.towns[player.getTownId()] }}</td><td>{% if player.getLastLogin() > 0 %}{{ player.getLastLogin|date('d F Y (H:i)') }}{% else %}Never.{% endif %}</td><td>{%  if player.isOnline() %}<font color="green">ONLINE</font>{% else %}<font color="red">Offline</font>{% endif %}</td><td>{% if player.isHidden() %}Hidden{% else %}Visible{% endif %}</td><td>[<a href="{{ getLink('account/character/comment/' ~ player.getName|urlencode) }}" >Edit</a>]</td>
 				</tr>
 			{% endfor %}
 		</table>

system/templates/admin.mailer.html.twig

@@ -3,8 +3,8 @@
 	tinymce.init({
 		selector : "textarea",
 		theme : "modern",
-        plugins: 'print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help code',
-        toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
+        plugins: 'print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help code emoticons',
+        toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | emoticons link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
 		image_advtab: true,
 		relative_urls : false,
 		remove_script_host : false,

system/templates/admin.pages.form.html.twig

@@ -74,8 +74,8 @@
 			tinymce.init({
 				selector : "#body",
 				theme : "modern",
-				plugins: 'code print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help',
-				toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
+				plugins: 'code print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help emoticons',
+				toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | emoticons link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
 				image_advtab: true,
 				relative_urls : false,
 				remove_script_host : false,

system/templates/characters.html.twig

@@ -256,10 +256,11 @@
 			</tr>
 			{% set i = 0 %}
 			{% for frag in frags %}
-			<tr bgcolor="'{{ getStyle(i) }}">
+			<tr bgcolor="{{ getStyle(i) }}">
 				<td width="20%" align="center">{{ frag.time|date("j M Y, H:i") }}</td>
 				<td>{{ frag.description|raw }}({% if frag.unjustified %}<font size="1" color="red">Unjustified</font>{% else %}<font size="1" color="green">Justified</font>{% endif %})</td>
 			</tr>
+			{% set i = i + 1 %}
 			{% endfor %}
 		</table>
 		<!-- FRAGS_END -->
@@ -380,12 +381,8 @@
 				<td>
 					<nobr>{{ i }}.&#160;{{ player.getName() }}{% if player.isDeleted() %}<font color="red"> [DELETED]</font>{% endif %}</nobr>
 				</td>
-				{% set vocation = 'Unknown' %}
-				{% if config.vocations[player.getVocation()] is defined %}
-					{% set vocation = config.vocations[player.getVocation()] %}
-				{% endif %}
 
-				<td>{{ player.getLevel() }} {{ vocation }}</td>
+				<td>{{ player.getLevel() }} {{ player.getVocationName() }}</td>
 				<td>{% if player.isOnline() %}<b><font color="green">Online</font></b>{% endif %}</td>
 				<td>
 					<table border="0" cellspacing="0" cellpadding="0">

system/templates/forum.edit_post.html.twig

@@ -22,21 +22,27 @@
 		</tr>
 		<tr bgcolor="{{ config.lightborder }}">
 			<td><b>Topic:</b></td>
-			<td><input type="text" value="{{ topic|raw }}" name="topic" size="40" maxlength="60" /> (Optional)</td>
+			<td><input type="text" value="{{ post_topic|raw }}" name="topic" size="40" maxlength="60" /> (Optional)</td>
 		</tr>
 		<tr bgcolor="{{ config.darkborder }}">
 			<td valign="top"><b>Message:</b><font size="1"><br/>You can use:<br/>[player]Nick[/player]<br />[url]http://address.com/[/url]<br />[img]http://images.com/images3.gif[/img]<br />[code]Code[/code]<br />[b]<b>Text</b>[/b]<br />[i]<i>Text</i>[/i]<br/>[u]<u>Text</u>[/u]<br />and smileys:<br />;) , :) , :D , :( , :rolleyes:<br />:cool: , :eek: , :o , :p</font>
 			</td>
 			<td>
-				<textarea rows="10" cols="60" name="text">{{ text|raw }}</textarea><br />(Max. 15,000 letters)
+				<textarea rows="10" cols="60" name="text">{{ post_text|raw }}</textarea><br />(Max. 15,000 letters)
 			</td>
 		</tr>
 		<tr bgcolor="{{ config.lightborder }}">
 			<td valign="top">Options:</td>
 			<td>
 				<label>
-					<input type="checkbox" name="smile" value="1"{% if smile == 1 %} checked="checked"{% endif %}/>Disable Smileys in This Post
+					<input type="checkbox" name="smile" value="1"{% if post_smile %} checked="checked"{% endif %}/>Disable Smileys in This Post
 				</label>
+				{% if canEdit %}
+					<br/>
+					<label>
+						<input type="checkbox" name="html" value="1"{% if post_html %} checked="checked"{% endif %}/>Enable HTML in this post (moderator only)
+					</label>
+				{% endif %}
 			</td>
 		</tr>
 	</table>

system/templates/forum.new_post.html.twig

@@ -28,7 +28,17 @@
 		</tr>
 		<tr bgcolor="{{ config.lightborder }}">
 			<td valign="top">Options:</td>
-			<td><label><input type="checkbox" name="smile" value="1"{% if post_smile == 1 %} checked="checked"{% endif %}/>Disable Smileys in This Post </label></td>
+			<td>
+				<label>
+					<input type="checkbox" name="smile" value="1"{% if post_smile %} checked="checked"{% endif %}/>Disable Smileys in This Post
+				</label>
+				{% if canEdit %}
+					<br/>
+					<label>
+						<input type="checkbox" name="html" value="1"{% if post_html %} checked="checked"{% endif %}/>Enable HTML in this post (moderator only)
+					</label>
+				{% endif %}
+			</td>
 		</tr>
 	</table>
 	<center>

system/templates/forum.new_thread.html.twig

@@ -25,11 +25,21 @@
 		</tr>
 		<tr bgcolor="{{ config.darkborder }}">
 			<td valign="top"><b>Message:</b><font size="1"><br />You can use:<br />[player]Nick[/player]<br />[url]http://address.com/[/url]<br />[img]http://images.com/images3.gif[/img]<br />[code]Code[/code]<br />[b]<b>Text</b>[/b]<br />[i]<i>Text</i>[/i]<br />[u]<u>Text</u>[/u]<br />and smileys:<br />;) , :) , :D , :( , :rolleyes:<br />:cool: , :eek: , :o , :p</font></td>
-			<td><textarea rows="10" cols="60" name="text">{{ text|escape }}</textarea><br />(Max. 15,000 letters)</td>
+			<td><textarea rows="10" cols="60" name="text">{{ post_text|escape }}</textarea><br />(Max. 15,000 letters)</td>
 		</tr>
 		<tr bgcolor="{{ config.lightborder }}">
 			<td valign="top">Options:</td>
-			<td><label><input type="checkbox" name="smile" value="1"{% if smiles_enabled %} checked="checked"{% endif %}/>Disable Smileys in This Post </label></td>
+			<td>
+				<label>
+					<input type="checkbox" name="smile" value="1"{% if post_smile %} checked="checked"{% endif %}/>Disable Smileys in This Post
+				</label>
+				{% if canEdit %}
+				<br/>
+				<label>
+					<input type="checkbox" name="html" value="1"{% if post_html %} checked="checked"{% endif %}/>Enable HTML in this post (moderator only)
+				</label>
+			{% endif %}
+			</td>
 		</tr>
 	</table>
 	<center>

system/templates/news.add.html.twig

@@ -149,8 +149,8 @@
 	tinymce.init({
 		selector : "#body",
 		theme : "modern",
-		plugins: 'print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help code',
-		toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
+		plugins: 'print preview searchreplace autolink directionality visualblocks visualchars fullscreen image link media template codesample table charmap hr pagebreak nonbreaking anchor toc insertdatetime advlist lists textcolor wordcount spellchecker imagetools contextmenu colorpicker textpattern help code emoticons',
+		toolbar1: 'formatselect | bold italic strikethrough forecolor backcolor | emoticons link | alignleft aligncenter alignright alignjustify  | numlist bullist outdent indent  | removeformat code',
 		image_advtab: true,
 		setup: function(ed){
 			ed.on('NodeChange', function(e) {

system/templates/online.html.twig

@@ -101,7 +101,7 @@
 			<td>{{ player.country_image|raw }}</td>
 		{% endif %}
 		{% if config.online_outfit %}
-			<td width="5%"><img style="position:absolute;margin-top:{% if player.looktype in  [75, 266, 302] %}-20px;margin-left:-0px;{% else %}-45px;margin-left:-25px;{%  endif %}" src="{{ player.outfit }}" alt="player outfit"/></td>
+			<td width="5%"><img style="position:absolute;margin-top:{% if player.player.looktype in [75, 266, 302] %}-20px;margin-left:-0px;{% else %}-45px;margin-left:-25px;{%  endif %}" src="{{ player.outfit }}" alt="player outfit"/></td>
 		{% endif %}
 			<td>{{ player.name|raw }}{{ player.skull }}</td>
 			<td>{{ player.level }}</td>

templates/kathrine/style.css

@@ -3,7 +3,7 @@
 
 body
 {
-	background: #a7a597 url('images/background.png') no-repeat top left;
+	background: #a7a597 url('images/background.jpg') no-repeat top left;
 	margin: 0px;
 	padding: 0px;
 	font-family: Verdana, Arial, Helvetica, sans-serif;

templates/tibiacom/config.php

@@ -10,7 +10,7 @@ $config['boxes'] = "highscores,newcomer,gallery,networks,poll";
 $config['network_facebook'] = 'tibia'; // leave empty to disable
 $config['network_twitter'] = 'tibia'; // leave empty to disable
 
-$config['background_image'] = "background-artwork-860.jpg";
+$config['background_image'] = "background-artwork.jpg";
 $config['logo_image'] = "tibia-logo-artwork-top.gif";
 $config['gallery_image'] = 1;
 $config['menu_categories'] = array(