Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-09-14 04:23:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Digitalstack:v0.8.17
Branches Tags
Digitalstack:main Digitalstack:feature/2fa Digitalstack:feature/plugins-versions-check Digitalstack:0.8 Digitalstack:feature/pot-hook-filter Digitalstack:feature/highscores-customize Digitalstack:develop Digitalstack:feature/twig-hooks-filters Digitalstack:feature/app-rewrite Digitalstack:feature/account-actions-ip-rework Digitalstack:feature/docker Digitalstack:feature/refactor-account-lost Digitalstack:feature-tables-headline Digitalstack:feature/phpstan Digitalstack:feature/eloquent-db-dump Digitalstack:feature/debug-bar Digitalstack:feature/csrf Digitalstack:0.9 Digitalstack:feature/cronjob Digitalstack:feature/settings Digitalstack:feature/new-router Digitalstack:feature/recaptcha-v3-plus-login Digitalstack:0.7
Digitalstack:v1.8.1 Digitalstack:v1.8 Digitalstack:v1.7.1 Digitalstack:v1.7 Digitalstack:v1.6.1 Digitalstack:v0.8.24 Digitalstack:v1.6 Digitalstack:v1.5 Digitalstack:v0.8.23 Digitalstack:v1.4 Digitalstack:v1.3.3 Digitalstack:v1.3.2 Digitalstack:v1.3.1 Digitalstack:v1.3 Digitalstack:v1.2 Digitalstack:v1.1 Digitalstack:v0.8.22 Digitalstack:v1.0.1 Digitalstack:v1.0 Digitalstack:v0.8.21 Digitalstack:v0.8.20 Digitalstack:v0.8.19 Digitalstack:v1.0-RC Digitalstack:v0.8.18 Digitalstack:v1.0-beta Digitalstack:v0.8.17 Digitalstack:v0.8.16 Digitalstack:v0.8.15 Digitalstack:v0.8.14 Digitalstack:v0.8.13 Digitalstack:v0.8.12 Digitalstack:v0.8.11 Digitalstack:v0.9.0-alpha Digitalstack:v0.8.10 Digitalstack:v0.8.9 Digitalstack:v0.8.8 Digitalstack:v0.8.7 Digitalstack:v0.8.6 Digitalstack:v0.7.12a Digitalstack:v0.7.11 Digitalstack:v0.7.10 Digitalstack:v0.7.9 Digitalstack:v0.7.8 Digitalstack:v0.7.7 Digitalstack:v0.7.6 Digitalstack:v0.7.5 Digitalstack:v0.7.4 Digitalstack:v0.7.3 Digitalstack:v0.7.1 Digitalstack:v0.7.0 Digitalstack:v0.6.6 Digitalstack:v0.6.5 Digitalstack:v0.6.4 Digitalstack:v0.6.3 Digitalstack:v0.6.2 Digitalstack:v0.6.1 Digitalstack:v0.6.0 Digitalstack:v0.5.1 Digitalstack:v0.5.0 Digitalstack:v0.4.3 Digitalstack:v0.4.2 Digitalstack:v0.4.1 Digitalstack:v0.4.0 Digitalstack:v0.3.1 Digitalstack:v0.3.0 Digitalstack:v0.2.4 Digitalstack:v0.2.3 Digitalstack:v0.2.2 Digitalstack:v0.2.1 Digitalstack:v0.2.0 Digitalstack:v0.1.5 Digitalstack:v0.1.4 Digitalstack:v0.1.3 Digitalstack:v0.1.1 Digitalstack:v0.1.2 Digitalstack:v0.1.0 Digitalstack:v0.0.6 Digitalstack:v0.0.5 Digitalstack:v0.0.4 Digitalstack:v0.0.3 Digitalstack:v0.0.2 Digitalstack:v0.0.1
..
compare: Digitalstack:v0.7.12a
Branches Tags
Digitalstack:main Digitalstack:feature/2fa Digitalstack:feature/plugins-versions-check Digitalstack:0.8 Digitalstack:feature/pot-hook-filter Digitalstack:feature/highscores-customize Digitalstack:develop Digitalstack:feature/twig-hooks-filters Digitalstack:feature/app-rewrite Digitalstack:feature/account-actions-ip-rework Digitalstack:feature/docker Digitalstack:feature/refactor-account-lost Digitalstack:feature-tables-headline Digitalstack:feature/phpstan Digitalstack:feature/eloquent-db-dump Digitalstack:feature/debug-bar Digitalstack:feature/csrf Digitalstack:0.9 Digitalstack:feature/cronjob Digitalstack:feature/settings Digitalstack:feature/new-router Digitalstack:feature/recaptcha-v3-plus-login Digitalstack:0.7
Digitalstack:v1.8.1 Digitalstack:v1.8 Digitalstack:v1.7.1 Digitalstack:v1.7 Digitalstack:v1.6.1 Digitalstack:v0.8.24 Digitalstack:v1.6 Digitalstack:v1.5 Digitalstack:v0.8.23 Digitalstack:v1.4 Digitalstack:v1.3.3 Digitalstack:v1.3.2 Digitalstack:v1.3.1 Digitalstack:v1.3 Digitalstack:v1.2 Digitalstack:v1.1 Digitalstack:v0.8.22 Digitalstack:v1.0.1 Digitalstack:v1.0 Digitalstack:v0.8.21 Digitalstack:v0.8.20 Digitalstack:v0.8.19 Digitalstack:v1.0-RC Digitalstack:v0.8.18 Digitalstack:v1.0-beta Digitalstack:v0.8.17 Digitalstack:v0.8.16 Digitalstack:v0.8.15 Digitalstack:v0.8.14 Digitalstack:v0.8.13 Digitalstack:v0.8.12 Digitalstack:v0.8.11 Digitalstack:v0.9.0-alpha Digitalstack:v0.8.10 Digitalstack:v0.8.9 Digitalstack:v0.8.8 Digitalstack:v0.8.7 Digitalstack:v0.8.6 Digitalstack:v0.7.12a Digitalstack:v0.7.11 Digitalstack:v0.7.10 Digitalstack:v0.7.9 Digitalstack:v0.7.8 Digitalstack:v0.7.7 Digitalstack:v0.7.6 Digitalstack:v0.7.5 Digitalstack:v0.7.4 Digitalstack:v0.7.3 Digitalstack:v0.7.1 Digitalstack:v0.7.0 Digitalstack:v0.6.6 Digitalstack:v0.6.5 Digitalstack:v0.6.4 Digitalstack:v0.6.3 Digitalstack:v0.6.2 Digitalstack:v0.6.1 Digitalstack:v0.6.0 Digitalstack:v0.5.1 Digitalstack:v0.5.0 Digitalstack:v0.4.3 Digitalstack:v0.4.2 Digitalstack:v0.4.1 Digitalstack:v0.4.0 Digitalstack:v0.3.1 Digitalstack:v0.3.0 Digitalstack:v0.2.4 Digitalstack:v0.2.3 Digitalstack:v0.2.2 Digitalstack:v0.2.1 Digitalstack:v0.2.0 Digitalstack:v0.1.5 Digitalstack:v0.1.4 Digitalstack:v0.1.3 Digitalstack:v0.1.1 Digitalstack:v0.1.2 Digitalstack:v0.1.0 Digitalstack:v0.0.6 Digitalstack:v0.0.5 Digitalstack:v0.0.4 Digitalstack:v0.0.3 Digitalstack:v0.0.2 Digitalstack:v0.0.1

97 Commits
v0.8.17 ... v0.7.12a

Author SHA1 Message Date
slawkens
e6b16cd420 Update to 0.7.12 2020-02-18 18:33:36 +01:00
slawkens
6bc14fb44f Fix #51 in 0.7 branch 2020-02-16 00:11:51 +01:00
slawkens
c37f593eda Temp fix for a space that Twig cuts.. 2020-02-15 03:54:20 +01:00
slawkens
5d499bc5e6 Patch some changes/fixes from 0.8 branch 
Fix Gesior signature double dollar $$
Add some missing <br/> to online page
Use  $config['last_kills_limit'] in lastkills.php
Fix save_ranks.php: getLastError();
Fix PHPMailer autoloader
Fix leaking sensitive informations on MySQL Connection Fail
Add nginx-sample.conf
Change myaac_monsters.loot to text
Add more files to ignore file
 2020-02-15 03:37:18 +01:00
slawkens
a7105d33f2 Fix some 7.4 notices about OTS_Account bans 
Example: Notice: Trying to access array offset on value of type bool in C:\UniServerZ\www\system\libs\pot\OTS_Account.php on line 784
(cherry picked from commit 259cda150d)
 2020-02-13 01:01:27 +01:00
slawkens
8af9186098 Update CHANGELOG.md 2019-05-04 08:19:01 +02:00
slawkens
2d427601ee * release 0.7.11 2019-05-04 00:20:37 +02:00
slawkens
454d4b088d * Update CHANGELOG.md 2019-04-27 17:39:41 +02:00
slawkens
738bfbfa5c Fixed guilds "Add new rank function" 
Exception thrown in OTS_GuildRank::__toString() method

https://otland.net/threads/myaac-bug-guild-new-rank.263953/

(cherry picked from commit 4d56650)
 2019-04-09 00:50:56 +02:00
slawkens
03223c1c30 Fix something that Open Tibia developers don't think about 2018-11-07 21:15:47 +01:00
slawkens
3c6f44d6ee Fix database_name in Usage_Statistics 2018-10-31 07:46:35 +01:00
slawkens
dacc5b9dab Fix bug where server_config table does not exist (OTHire as an example) 
Happened in Usage_Statistics class
Thanks for reporting the OtLand user - Olddies
 2018-10-31 07:45:50 +01:00
slawkens
a4bccbaa34 * change config.lua.ownerEmail to config.mail_address 2018-10-22 09:27:46 +02:00
slawkens
174054237b * fixed the mystical defect where "Create Account" button was not highlighted (on the account/manage page) 2018-10-22 09:16:53 +02:00
slawkens
bcc81fa34f (Nothing important) just remove a minus in a word "re-install" 
(cherry picked from commit a81824a)
 2018-10-18 08:25:20 +02:00
slawkens
ba1c5e9b2e * add fatal error message when myaac tables in database do not exist 2018-10-18 08:22:37 +02:00
slawkens
0129c79580 * add an additional text to the install page informing that user can reinstall MyAAC by deleting config.local.php 2018-10-18 08:20:13 +02:00
slawkens
c863ad460a * fixed multiple mail recipients when using admin mailer function 
It resulted in mail being sent to all users multiple times..
 2018-06-08 21:08:31 +02:00
slawkens
cb08e53103 * fix XSS in forum show_thread 2018-06-01 20:27:34 +02:00
slawkens
d5cc2a1090 * Fixed missing prefix for cache get() and delete() functions 
Cause those functions to not work correctly..

(cherry picked from commit b3625df)
 2018-06-01 15:06:30 +02:00
slawkens
6ba8d2c9cb * forgot to open <head> in install template 
(cherry picked from commit 050f596)
 2018-05-29 20:33:15 +02:00
slawkens
668e4688c4 * remove whitespaces (IDE formatting) 2018-05-29 20:18:19 +02:00
slawkens
bd19b8665a * do not display software version 2018-05-29 20:17:39 +02:00
slawkens
c5980f2350 * add .gitattributes 
(cherry picked from commit 15da31d)
 2018-05-29 20:05:21 +02:00
slawkens1
6c03984f53 * support for some old servers, where arrays are used in config.lua 2018-04-16 20:52:50 +02:00
slawkens1
ecd865f275 * fix #47 2018-03-24 01:25:24 +01:00
Sławek
5f1392e9f4 Updated CHANGELOG.md (format) 2018-03-03 11:35:34 +01:00
slawkens1
d6c10d277d * add .md extension to CHANGELOG 2018-03-03 11:31:51 +01:00
slawkens1
815b1f9b5b * update to 0.7.10 2018-03-03 11:31:01 +01:00
slawkens1
66568fbaf1 * fixed saving long ip addresses (unsigned) 2018-02-06 03:55:34 +01:00
slawkens1
18b6404e75 * added robots.txt 2018-02-05 21:32:53 +01:00
slawkens1
17b1f9a391 * fixed default accounts.vote value 2018-02-05 08:21:24 +01:00
Sławek
14137221fd * minimum PHP is now 5.3.3 
* added command to change permissions of system/cache directory
 2018-02-05 00:01:11 +01:00
slawkens1
ed4a166d6c * fixed chrome bug on save ERR_BLOCKED_BY_XSS_AUDITOR 2018-02-04 23:39:56 +01:00
slawkens1
8df12e3d9c * fixed edit page with php enabled 2018-02-04 23:39:32 +01:00
slawkens1
e2a625efd2 * new configurable: smtp_secure 
* as described in #43 by miqueiaspenha
 2018-01-29 23:12:07 +01:00
Sławek
5b3237770b Merge pull request #44 from miqueiaspenha/patch-1 
Update admin.dashboard.html.twig (GH-44)
 2018-01-29 22:58:56 +01:00
slawkens1
4ffb6cf8eb * fixed #42 
* changed mb_strtolower functions to strtolower() - was useless in this
case
* attemp to fix some bug with PHPMailer not finding its language file
* added .idea (phpstorm) to .gitignore
 2018-01-26 08:09:55 +01:00
slawkens
2c12ef93aa * twig requires php 5.3.3 2018-01-23 10:51:19 +01:00
slawkens1
d17c18cabc * auto add z_polls table on install 2018-01-14 09:45:16 +01:00
slawkens1
eeb09ddce6 * forgot closing curly brace 2018-01-14 09:30:56 +01:00
slawkens1
28683d66ee * update from master branch 
* update config.highscores_ids_hidden on install when there are samples
already in database
 2018-01-14 09:29:41 +01:00
slawkens1
7d2e522d2b * fixed plugin "You don't have rights to delete" 2018-01-14 09:16:24 +01:00
slawkens1
3fc2bef7c9 * added some names links to the account.management page 2018-01-14 09:00:48 +01:00
slawkens1
fade78efc1 * fixed hooks return value 
* (internal) added new function: $hooks->exist($type)
 2018-01-14 09:00:39 +01:00
slawkens1
d04f2b7965 * update to 0.7.10-dev 2018-01-13 22:07:08 +01:00
slawkens1
a9f205f047 * fixed installation (damn me..) 2018-01-13 22:03:28 +01:00
slawkens1
956f631750 * update to 0.7.9 2018-01-13 21:55:47 +01:00
slawkens1
f01428da48 * deleted more useless files 2018-01-13 21:44:06 +01:00
slawkens1
7351ab4436 * changed highscores_groups_hidden to 3 (for TFS 1.x) 2018-01-13 21:19:23 +01:00
slawkens1
d9510b01ba * fixed default stamina on otserv 0.6.x engine 2018-01-13 19:57:55 +01:00
slawkens1
79589ed1f4 * install: change permission check to is_writable 2018-01-13 19:43:23 +01:00
slawkens1
67590e13a6 * fixes to the latest commit (removed some files) 
* otserv 0.6.3: fixed some warning (on the characters page) and fatal
mysql error (on the mango signature)
 2018-01-13 19:43:08 +01:00
slawkens1
1e3aef211e * removed Thumbs.db 2018-01-13 19:20:46 +01:00
slawkens1
cda8191f79 * removed 6mb of trash (some useless things) 
* updated background-artwork to the latest version, removed other ones
* removed signature background.PSD (instead of an empty background.jpg
is provided - almost the same)
* removed arial.ttf font, instead arialbd.ttf is used for mango template
* added .gitignore file
 2018-01-13 19:14:45 +01:00
slawkens1
b91d3e70cc * (fix) TFS 1.x not showing promoted vocations in highscores 2018-01-12 18:16:50 +01:00
slawkens1
94e4ff313c * update to 0.7.8 2018-01-12 01:42:14 +01:00
slawkens1
2295d270f5 * fixed installation error " call to undefined method OTS_DB_MySQL::hasColumn()" 2018-01-12 01:26:48 +01:00
slawkens1
a4a829a7c2 * enabled emoticons plugin in tinymce :) 2018-01-08 20:02:50 +01:00
slawkens
f5aae3361f * uninstall: do not allow directories outside BASE 
* uninstall: do not allow absolute paths
 2018-01-08 17:26:29 +01:00
slawkens
736ec61f85 * some fixes regarding migrations 2018-01-08 14:02:49 +01:00
slawkens
1385189838 * updated tinymce to the latest (4.7.4) version 2018-01-08 13:10:59 +01:00
slawkens
bfa563285a * some typos in CHANGELOG 2018-01-08 11:51:12 +01:00
slawkens
d0f6670e98 * added some notice to the CHANGELOG 2018-01-08 11:50:34 +01:00
slawkens
ac701696d3 * update CHANGELOG 2018-01-08 11:47:28 +01:00
slawkens
702e29a5cb * fixed PHP warning about country not existing on online and characteres pages 2018-01-08 11:47:02 +01:00
slawkens
f26c334d47 * fixed characters page - config.characters.frags "Notice: Use of undefined constant" 2018-01-08 11:40:24 +01:00
slawkens
75e55bfaee * update to 0.7.7 2018-01-08 11:23:21 +01:00
slawkens
0d85b63d5d * fixed displaying special outfits (GM, CM) in online page 2018-01-08 11:22:46 +01:00
slawkens
14920a7193 * use Forum::isModerator() function 2018-01-08 11:00:11 +01:00
slawkens
5547fd7895 * added new forum option: "Enable HTML" 
* will be by default enabled for newses
* fixed bbcode parsing
 2018-01-08 10:41:33 +01:00
slawkens1
34cb1b1ffa * fixed tr bgcolor (#38) 2018-01-08 08:11:35 +01:00
slawkens1
4ffe4ab9b7 * update to 0.7.7-dev 2018-01-08 01:10:17 +01:00
slawkens1
bcf054104c * applied changes from master 
* important fix for servers with promotion column
* caused player.vocation to be resetted when saving player, for example:
on change name, accept invite to guild, leave guild
* fixed empty success message on leave guild
* (internal) using $player->getVocationName() where possible instead of
older method
* fixed some warning in guild show
 2018-01-08 01:05:19 +01:00
slawkens1
9fafa110bb * nothing important 2018-01-08 00:19:41 +01:00
slawkens1
35acec1be5 * fixed displaying Premium Account days v2 2018-01-08 00:18:11 +01:00
slawkens1
f157402fa3 * fixed displaying premium account days 
* function OTS_Account:getPremDays will now return -1 if there's
freePremium configurable enabled on the server
 2018-01-08 00:08:49 +01:00
slawkens1
513e8f4b30 * fixed getBoolean function when boolean is passed 2018-01-08 00:01:32 +01:00
slawkens1
35a5aafbb5 * fixed othire default column value (#26) 2018-01-07 23:21:41 +01:00
slawkens1
73a5e13006 * fixed warning in highscores when vocation doesn't exist 2018-01-07 12:06:26 +01:00
slawkens1
bcb0feea1a * fixed saving custom vocations in admin panel (#36) 2018-01-07 11:58:09 +01:00
slawkens1
774e789c8a * immediately reload config.lua when there's change in config.server_path detected 2018-01-06 03:08:27 +01:00
slawkens1
db25d38f4b * some fixes regarding latest commit 2018-01-05 23:43:15 +01:00
slawkens1
4b81213662 * dont add extra <br/> to the TinyMCE news forum posts 2018-01-05 21:45:38 +01:00
slawkens
a860c95975 * update to 0.7.6 2018-01-05 12:02:49 +01:00
slawkens
e2de0b1440 * fixed othire account creating/installation 
* fixed unexpected error logging about email fail
* added max_execution_time to the install finish step
 2018-01-05 09:31:11 +01:00
slawkens1
8b2ad2cf2f * fixed table name players -> players_online 2018-01-05 00:36:30 +01:00
slawkens1
88a320530c * some small fix regarding highscores vocation box 2018-01-04 00:28:16 +01:00
slawkens1
6e221fe469 * update to 0.7.5 2018-01-04 00:17:57 +01:00
slawkens1
679e08ec11 * fixed displaying article_text when it was empty saved 2018-01-04 00:09:35 +01:00
slawkens1
603495ca97 * small fix related to warning about news 
* fixed template path finding
* fixed news adding when type != ARTICLE
 2018-01-03 23:56:07 +01:00
slawkens1
4c6af13574 * save detected country on create account in session 
* warning about leaving news page with changes
 2018-01-03 22:04:33 +01:00
slawkens1
3fcbd42445 * added player status to tibiacom top 5 highscores box 
* fix when there are no changelogs or highscores yet
 2018-01-03 21:28:31 +01:00
slawkens1
e6d2e363d5 * fiedx bug on othire with config.account_premium_days 
* fixed getPremDays and isPremium functions (newest 11.x engines are
bugged when it comes to PACC, its not fault of MyAAC)
 2018-01-03 21:04:05 +01:00
slawkens1
0a067577a3 * fixed bug on TFS 1.x when online_afk is enabled 2018-01-03 01:11:34 +01:00
slawkens
a5b599088a * small fix regarding getTopPlayers function which was ignoring $limit variable 2018-01-02 10:32:08 +01:00
slawkens1
51ba514d2a * update to 0.7.5-dev 
* fixed faq containing html code
* update item_images_url config to 1092
* added ttf, woff and ico to the list of ignored files
* fixed infinite loop in init.php
 2017-12-29 11:07:43 +01:00
1586 changed files with 20720 additions and 48276 deletions
Expand all files Collapse all files

14
.editorconfig
View File

@@ -1,14 +0,0 @@
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
# with a newline ending every file
[*]
indent_style = tab
indent_size = 4
insert_final_newline = true
[*.md]
trim_trailing_whitespace = false
indent_style = tab

9
.gitattributes vendored
View File

@@ -1,11 +1,4 @@
* text=auto
.gitattributes export-ignore
.gitignore export-ignore
.github export-ignore
.editorconfig export-ignore
.travis.yml export-ignore
_config.yml export-ignore
release.sh export-ignore
*.sh text eol=lf
VERSION text eol=lf
_config.yml export-ignore

12
.github/FUNDING.yml vendored
View File

@@ -1,12 +0,0 @@
# These are supported funding model platforms
github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username
open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
liberapay: # Replace with a single Liberapay username
issuehunt: # Replace with a single IssueHunt username
otechie: # Replace with a single Otechie username
custom: paypal.me/slawkens # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

29
.github/ISSUE_TEMPLATE.md vendored
View File

@@ -1,29 +0,0 @@
<!--
Please use this issue tracker only for reporting MyAAC bugs.
If you need support, please use the discord server:
- https://discord.gg/2J39Wus (we have an own channel named #my-aac there)
or use otland support boards:
- https://otland.net/forums/support.16/
-->
### Server configuration
- Operating System:
- Web Server (+ version):
- PHP Version:
- Server name and version (for example: TFS 0.3):
- MyAAC Version:
### Client configuration (Your Computer)
- Browser:
- Operating System:
### Description:
### Steps To Reproduce:

16
.github/workflows/phplint.yml vendored
View File

@@ -1,16 +0,0 @@
name: PHP Linting
on:
pull_request:
branches: [master]
push:
branches: [master]
jobs:
phplint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: overtrue/phplint@3.4.0
with:
path: .
options: --exclude="system/libs/polyfill-mbstring/bootstrap80.php"

44
.gitignore vendored
View File

@@ -2,27 +2,9 @@ Thumbs.db
.DS_Store
.idea
#
/.htaccess
# composer
composer.lock
vendor
# npm
node_modules
tools/ext
# cypress
cypress.env.json
cypress/e2e/2-advanced-examples
cypress/screenshots
# created by release.sh
releases
tmp
config.local.php
PERSONAL_NOTES
# all custom templates
templates/*
@@ -33,44 +15,20 @@ templates/*
images/guilds/*
!images/guilds/default.gif
# editor images
images/editor/*
!images/editor/index.html
# gallery images
images/gallery/*
!images/gallery/index.html
!images/gallery/demon.jpg
!images/gallery/demon_thumb.gif
# cache
system/cache/*
!system/cache/index.html
!system/cache/twig/index.html
!system/cache/signatures/index.html
!system/cache/plugins/index.html
# php sessions
system/php_sessions/*
!system/php_sessions/index.html
# logs
system/logs/*
!system/logs/index.html
# data
system/data/*
!system/data/index.html
# plugins
plugins/*
!plugins/.htaccess
!plugins/example.json
!plugins/account-create-hint.json
!plugins/account-create-hint
!plugins/email-confirmed-reward.json
!plugins/email-confirmed-reward
landing
# others/rest
system/pages/downloads.php

22
.htaccess.dist
View File

@@ -1,19 +1,7 @@
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
Options -Indexes -MultiViews
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
<IfModule mod_rewrite.c>
RewriteEngine On
# you can put here your myaac root folder
# path relative to web root
#RewriteBase /myaac/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ index.php [L]
</IfModule>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ index.php [L]

20
.travis.yml
View File

@@ -1,20 +0,0 @@
language: php
php:
- 5.6
- 7.0
- 7.1
- 7.2
- 7.3
- 7.4
- 8.0
cache:
directories:
- $HOME/.composer/cache
before_script:
- composer require php-parallel-lint/php-parallel-lint --no-suggest --no-progress --no-interaction --no-ansi --quiet --optimize-autoloader
script:
- php vendor/bin/parallel-lint --no-progress --no-colors --exclude vendor --exclude "system/libs/pot/OTS_DB_PDOQuery_PHP71.php" .

447
CHANGELOG.md
View File

@@ -1,445 +1,16 @@
# Changelog
## [0.8.17 - 15.04.2024]
## [0.7.12 - 18.02.2020]
### Fixed
* change guild nick function causing crash on TFS 1.x because of invalid characters being accepted
* PHP Mailer autoload function on newer PHP
* gesior signature guild rank loading
* leaking database password when cannot connect
* config.last_kills_limit being ignored
* monster.loot being cutted off cause of too short column (changed to TEXT)
### Added
* TwigTypeCastingExtension (https://github.com/slawkens/myaac/commit/7181b988e9518320d57486670ca4e2d3b2fe1cfa)
### Fixed
* fix XSS in creatures.php (https://github.com/slawkens/myaac/commit/02eea950e4fd756e8d5c32e56181986d51f5ac70, @gesior)
* don't allow redirect to external website (https://github.com/slawkens/myaac/commit/ef62b53cec5a479cc85aa15940ad9ebbcefde876)
* change_info if account_country is disabled (https://github.com/slawkens/myaac/commit/62d3c198d567541a90900fe2d7ede070e7b1ff68)
### Changed
* use word-break: break-all in guilds description + character comment (https://github.com/slawkens/myaac/commit/191ad25eb2d4c1cec6f6668da7a345fec0ad2a7f)
* set default status_ip to 127.0.0.1, most server are hosted locally anyway (https://github.com/slawkens/myaac/commit/2793c41655b47f7db295143a298ccda70f11462b)
## [0.8.16 - 12.02.2024]
### Fixed
* broken installation
* database and finish step warnings/errors (https://github.com/slawkens/myaac/pull/245, @danilopucci)
* silently ignore if the hook does not exist
## [0.8.15 - 09.12.2023]
More security fixes, especially in bugtracker.
## [0-8.14 - 27.11.2023]
Security fixes.
### Fixed
* XSS vulnerability in bugtracker (https://github.com/slawkens/myaac/commit/83a91ec540072d319dd338abff45f8d5ebf48190)
* XSS vulnerability in forum (https://github.com/slawkens/myaac/commit/d1bc63d07ad88a143358cacd2c417891eea74dcc + https://github.com/slawkens/myaac/commit/55dbade8d5280c5baed45e5f7ebc3613b8e9b9e8)
* Session Fixation (https://github.com/slawkens/myaac/commit/483155cf4c1e3068aaee0d44541dfa61f6223379)
* displaying ban info on account page (https://github.com/slawkens/myaac/commit/764db0c203d1826ffce3a5a78f83a97e56bd0685)
### Changed
* Clear some additional cache keys - like database cache (https://github.com/slawkens/myaac/commit/4327b66f915d06dce504211692173606b9ef3b4e)
## [0.8.13 - 16.09.2023]
### Added
* latest client versions to config (https://github.com/slawkens/myaac/commit/765886f0c782807400c429577cde5e45bd7c308f)
* patching from develop - twig context for hooks (https://github.com/slawkens/myaac/commit/f1670f4012cc7595433fe0b1937c1f9b15a60b07)
### Fixed
* fixed XSS vulnerability in some pages (https://github.com/slawkens/myaac/commit/5c3b01aca4f3cfe8abc86b8ce48194b2da87b808)
Nothing more or less!
## [0.8.12 - 07.08.2023]
I've moved the repository back to my personal account. (Just so you know!)
I will also try to add git commits pointed to each change, lets see if you like it or not - you can comment in discussion, that will be created just after releasing this version :)
### Added
* forum: better error messages (Suggested by @anyeor) (https://github.com/slawkens/myaac/commit/34725e0257684fe5fa43875cc3a8f587ba04642e)
* more support for GesiorAAC classes, so some of them will work with MyAAC (https://github.com/slawkens/myaac/commit/a8172a518ff8939c4402349b16c064fcaf855d31)
* word-break on forum thread & reply (Suggested by @anyeor) (https://github.com/slawkens/myaac/commit/ce4aed0f1719d2aadc749e5238e883e3c10e2686)
### Fixed
* not working pages/links from database, introduced in 0.8.10 (Thanks to OtLand user - https://otland.net/members/0lo.99657/ for report) (https://github.com/slawkens/myaac/commit/1e874c7027769bd09e772a1cdac75d7e37991256)
* it was possible to create topic in board that was closed, ommiting the error check (Thanks to @anyeor for report) (https://github.com/slawkens/myaac/commit/0d52978d9fb99869500d35e7676f454ca5eaba14)
* PHP 8.2 compatibility - removed deprecated functions utf8_encode & utf8_decode (https://github.com/slawkens/myaac/commit/a338fd967cdbcc89e86be4e6b66b2cad2ff23251)
* guild description not being correctly shown (Reported by @anyeor) (https://github.com/slawkens/myaac/commit/f2a3ec1185df64ad9084d4ff55790ae4a5b3e5fd, https://github.com/slawkens/myaac/commit/df321154f63d458a4bc7d83bac5e3447b67317a4)
### Removed
* Some old code for verifying messages length (Reported by @anyeor) (https://github.com/slawkens/myaac/commit/df48363ea4ced4350fd90ffddf57d464ba5afa8b)
* some info about config failed to load, was never working (https://github.com/slawkens/myaac/commit/7a546e5a41036b0e9e926d337c6f2e3c41c591d2)
## [0.8.11 - 30.06.2023]
### Added
* new function from 0.9 - Cache::remember($key, $ttl, $callback)
* new characters page hooks
* line number & file to exception handler, to easier localize exceptions
### Changed
* rename to .htaccess.dist, causes some problems on default setup
* removing unneccessary PHP closing tags to prevent potential issues (by @SRNT-GG)
* display warning if hook file does not exist
### Fixed
* important: Not allow create char if limit is exceeded (by @anyeor) could have been used to spam database
* deleted chars: cannot change comment, name, gender, cannot create guild, cannot be invited, cannot accept invite, cannot be passed leadership to
* forum: quote and edit post buttons not being shown
* twig exception thrown when player does not exist, on character change comment (thanks @anyeor)
* BASE_DIR when accessing /tools
* do not display warning if HTTP_ACCEPT_LANGUAGE is not set
## [0.8.10 - 18.05.2023]
### Changed
* PHP 7.2.5 is now required, cause of Twig 2.x
* allow pages to be placed in templates folder, under pages/ subfolder
### Fixed
* Twig error with global variable on create account
* links/redirects from facebook, etc. like ?fbclid=x
* do not allow to continue install when there is no server database imported
* cannot go forward when config.local.php cannot be saved
* when server uses another items serializer
* small bug on install - please fill all input
## [0.8.9 - 16.03.2023]
### Added
* You can now disable server status checking for testing purposes, useful for local testing when there is no server running
* with this, the page won't need 2 seconds to load
* set status_enabled to false in config.php
* new buttons code for tibiacom template, can create button with any text
* patched some small changes from develop branch
### Changed
* add .git to denied folders in nginx-sample.conf
* plugins folder is now accessible from outside
* add plugins folder to twig search paths
### Fixed
* player save on tfs 1.5 with new ipv6
* more php 8.x compatibility
* rel path for exception message, causing message to be not in red background
## [0.8.8 - 18.02.2023]
### Added
* mail confirmed reward
* support for latest group changes in TFS
* new function: escapeHtml
### Updated
* TinyMCE to v4.9.1 (latest release in 4.x series)
* Twig to v2.15.4
### Changed
* you can now place custom pages in your template directory under pages/ folder
* HOOK_LOGOUT parameters, now only account_id is passed
### Fixed
* ipv6 introduced in latest TFS
* config.account_premium_days for TFS 1.4+
* better compatibility with GesiorAAC
* PHP 8.1 compatibility
* myaac_ db table detection failure
* reload creatures error, when items cache has been cleared
### Removed
* accounts.blocked column, which is not used by AAC
## [0.8.7 - 31.08.2022]
### Added
* login.php for client 12.x is now part of official repo
* browsehappy code
* config use character sample skill (#201, @gpedro)
* custom words blocked (#190, @gpedro)
### Changed
* save php sessions in myaac dir
* don't count deleted players when creating new character
### Fixed
* patch vulnerability in change_rank.php (#194, @gesior, @thatmichaelguy)
* fix guild invite page (#196, @worthdavi)
* players not showing on highscores page (#195)
* highscores page bug with high pages
* $player->getStorage() does not work at all (#169, @gesior)
* copying sample character when it have items with quotes (#200, @gpedro)
* IPv6 issue when env is set to dev (#171)
* admin page changed feet to match body colour (#174, @silic0nalph4)
* exception being thrown when creating duplicated character name (#191)
* rules page formatting (#177, @silic0nalph4)
* account character create if auto_login is enabled
* undefined variable notice on database_log enabled
* removed VERSION file
## [0.8.6 - 10.07.2021]
This update contains very important security fix.
Please update your MyAAC instances to this version.
## [0.8.5 - 08.06.2021]
### Changed
* bcmath module is not required anymore
* Gratis premium account fixes (#156, by @czbadaro)
* Update 404 response (#163, by @anyeor)
### Fixed
* compatibility with PHP 7.0 and lower
* deleting ranks in guilds (#158, by @Misztrz)
* guild back buttons (change logo & motd)
* forum table style (boards & thread view)
* guild list description new lines `<br>` being ignored (Thanks @anyeor for reporting)
## [0.8.4 - 18.02.2021]
### Added
* support for accounts.premium_ends_at (Latest TFS 1.x)
* more clients to clients.conf.php
### Changed
* minimum PHP 5.6 is now required
* password can now contain any characters
* add SSL on external image requests of items and outfits (@fernandomatos)
* Use local storage for saving menu items (tibiacom template) - fixes bug with some websites like wykop.pl (browser freeze)
* increase size of myaac_visitors.page column to 2048 (Thanks to OtLand user kaleuui)
### Fixed
* compatibility with PHP 8.0 (latest XAMPP)
* displaying PHP errors on env = "prod"
* the Guildnick not showing in the guild pages (@leesneaks)
* you cannot delete character more than twice (Thanks Okke)
* ignore arrays in config.lua (fixes experienceStages loading)
* parsing empty strings in config.lua (with comments)
* headling.php cannot find font
## [0.8.3 - 27.10.2020]
### Added
* pdo_mysql as required extension
* some notice about Email validation in create account
### Changed
* Move register DATABASE_VERSION into schema.sql
* Caused migrations being fired when user manually imported database
### Fixed
* creating very uncommon (bugged) account names
* XSS in character search
* Admin menu news editing warning when leaving page without touching the inputs
* Guild Invite not working on otservbr-global
* two boxes being show on email_change_cancel
* when adding poll = template tibiacom broken
* houses: Unknown column 'guild' in 'where clause (https://github.com/slawkens/myaac/issues/131)
* account create when account_mail_verify is enabled
* CloudFlare IP detection
* network_twitter link in tibiacom template
## [0.8.2 - 03.06.2020]
### Added
* Log query time in database_log (can be used for benchmarking)
* new PHP constant: IS_CLI
* $_SERVER['REQUEST_URI'] to database.log
* outfit to highscores box in tibiacom template
* system/data to .gitignore
* error_reporting in admin panel (when in dev mode), so it shows php notices and warnings
* example quests in config.php
### Changed
* account_login input type from password to text
### Fixed
* Guild Invite not working on otservbr-global (#123)
* news not updating after adding in admin panel
* wrong mana of character samples (#125)
* missing rules page on clean install
* double space character name creation (@Lee, #121)
* creatures page: Max count and chance not shown on hovered items
* exception being thrown when characters.frags enabled on TFS 1.x
* TFS 0.4 guilds creation (Where guilds.checkdata and motd doesn't have default value)
* ERR_TOO_MANY_REDIRECTS browser error on template change
* updating template menus on template change
* Account change info when config.account_country is disabled
* cancel change email request
* config.character_name_min/max_length being ignored in change_name.php
* some rare bugs when database is no up-to-date and someone enters admin panel
* extra line that is added when using a newer version than official release (@Lee)
* admin links in featured article
* some PHP Notice when HTTP_HOST is not set (Can happen on some old versions of HTTP protocol)
* Show character indicator in check_name.js
* Houses list View button was wrong (was from bootstrap)
* OTS_House __construct - not loading by houseid parameter
* message() function when executed in CLI
### Removed
* unused myaac_commands table from schema
* MyISAM engine from migration scripts (#128)
## [0.8.1 - 10.03.2020]
### Added
* Support for Nostalrius OTS
### Changed
* Move TODO to wiki
* .tooltip css class to .item_image (bootstrap conflict)
### Fixed
* Reloading of creatures/monsters throwing an exception
* Loading custom pages with old Gesior variables [#108](https://github.com/slawkens/myaac/issues/107)
* Some weird behaviour with installation of plugins
* CHANGELOG.md loading in Admin Panel
* spells displaying when level = 0
* Some PHP warnings and notices
## [0.8.0 - 19.02.2020]
### Added:
* new Awesome Bootstrap Admin Panel by Lee (@Leesneaks)
* using Bootstrap 3
* all existing pages were adjusted
* new editor: Accounts
* improved editor: Players
* new Reports View page
* Modules directory, which can be added using Plugins (@Leesneaks, @whiteblXK)
* move News Management here (@whiteblXK)
* interactive player outfit chooser (@tobi132)
* added Highscores by balance
* possibility to define colors and "Open in New Tab" on Template Menus (needs to be supported by Template)
* support for database persistent and socket connections (performance boost)
* Team page - display outfits of the players (configurable)
* added clear_cache.php, send_email.php bin commands (@slawkens, @tobi132)
* added locale pt_br (@ivenspontes)
* added load time into items & weapons loading admin page
* new, beautiful exception handler
* added travisci to prevent mistype (@gpedro, #89)
* added showing database name into installation script (@tobi132)
* compatibility with old z_ gesior table (@tobi132, #46)
* added nginx-sample.conf, .editorconfig, VERSION
* database towns table support for TFS 1.3 (@tobi132)
* added enable_tinymce option to Pages editor
### Fixed:
* account login redirect with special chars (like '&' and '?')
* black skull info at serverInfo (@tornadia)
* set correct limit at lastkills page from config (anyeor from OtLand)
* myaac_monsters table column loot problem (#79)
* players column deleted install description (@gpedro, #91)
* experience table being to wide and buggy on some templates (@tobi132, #90)
* fix errors with .htaccess files
* added index.html to prevent indexing the folder by mod_index
### Changed:
* Environment is now configurable by env setting (Significantly better load times with 'prod')
* replace spells, monsters tables with JavaScript Sortable Tables - DataTables (@Leesneaks)
* change default MySQL Storage Engine to InnoDB and Default Character Set to utf8
* updated OTS_House class to support latest TFS 1.x (new columns)
* updated monster images to the original ones from tibia.com
* increased the minimum length (3 -> 4) and decreased the maximum length (25 -> 21) of the New Character Name (by @vankk)
* use $db->exec instead of $db->query optimisation
* move items from database to Cache_PHP (Much more faster load time)
* allow simultaneous loading of config.ini and config.php in templates
* updated copyright year and SSL link (@EPuncker, #88)
* move commands, rules and downloads pages into database (@tobi132)
* better view of guilds (new buttons, table look and feel) (@tobi132)
* remove stupid alerts on account create
* remove .dist extension from .htaccess
### New Configurables (config.php)
* env (Environment)
* account_create_auto_login (Auto Login after Create Account - Registration)
* account_create_character_create (Create Character directly on Create Account page) (@tobi132)
* footer_show_load_time (display load time of the page in the footer)
* database_socket (Connection via Unix Socket)
* database_persistent (Database Persistent Connection)
* database_log (Logging of Database Queries)
* admin_panel_modules (Modules displayed in Admin Panel Dashboard)
* status_timeout, status_interval
* smtp_debug (More info about SMTP errors in error.log)
* team_display_outfit (Display outfit of the team members on teams page)
* highscores_balance (Display highscores by balance)
* character_name_min/max_length (Minimum and maximum length of character name)
* characters.deleted (display deleted characters on characters page)
### Forum:
* show image in full screen on click
* show user avatar (outfit) in posts
* replaced forum actions links (move, remove, edit, quote) with images
* redirect directly to the thread on user login (on new reply)
### Installer:
* AJAX loader for the important stuff
* create admin account: ask for e-mail + character name
* load items & weapons
* check user IP on install to prevent install by random user
* remember status of the installation
* remember language on first step (welcome)
* ask user for timezone
* auto detected browser language in select language
### Plugins
* sandbox for plugins, don't install when requirements are not satisfied
* allow comments inside plugin json file (php style)
* new require options for plugins: (look into example.json)
* require database version, table or column of the MyAAC schema
* require php-extension
* require semantic-version (like in composer.json)
* new hooks: LOGIN, LOGIN_ATTEMPT, LOGOUT, HOOK_ACCOUNT_CREATE_*
### Cache
* php 7.x APCu cache support (faster cache engine)
* new cache engine: plain PHP (is good with pure php 7.0+ and opcache)
* cache lastkills.php, $db->hasTable, $db->hasColumn, hooks and template menus
* stop using global $cache variable, use Singleton pattern instead
### Twig
* move pages to Twig templates: team, lastkills, serverinfo, houses, guilds.list, guild.view, admin.logs, admin.reports (@whiteblXK, @tobi132)
* replace "$twig->render()" with "$this->display"
* move Twig functions to separate file
* move tibiacom boxes to Twig templates
* allow Pages to be loaded as Twig template (this allows using Twig variables in Pages) (@tobi132)
* allow string to be passed to hook twig function
### Functions
* config($key), configLua($key)
* clearCache()
* OTS_Account:
* getCountry()
* setLastLogin($lastlogin) (@Leesneaks)
* setWebFlags(webflags) (@Leesneaks)
* OTS_Player:
* getAccountId()
* countBlessings() (@Leesneaks)
* checkBlessings($count) (@Leesneaks)
* is_sub_dir (in system/libs/plugins.php)
* Twig:
* getPlayerLink($name, $generate = true)
* removed SQLquote and SQLquery from OTS_Base_DB
* Add optional $params param into log_append (will log arrays) (@tobi132)
### Internal
* moved clients list to the new file (clients.conf.php)
* changed tableExist and fieldExist to $db->hasTable(table) + $db->hasColumn(table, column)
* changed deprecated $ots->createObject() functions with their OTS_ equivalents
* add global helper config($key) function + twig binding
* use config() instead of global $config
* remove unnecessary parentheses in include/require PHP functions
* use __DIR__ instead of dirname(__FILE__) - since PHP 5.3.0
* change intval() function to (int) casting (up to 6x faster)
* add release.sh script (for GitHub releases)
* use curl as alternative option for reporting install
### Libraries
* updated Twig to version v1.35.0
* updated TinyMCE to version v4.7.4
### Deprecations
* change deprecated HTML <center> tag to <div style="text-align:center">
* replace deprecated HTML <font> tag with <span>
* nginx-sample.conf
## [0.7.11 - 04.05.2019]
### Added:

14
CONTRIBUTORS.txt
View File

@@ -1,14 +0,0 @@
# automatically exported using this script:
# git log --all --format='%cN <%cE>' | sort -u > contributors
# in no particular order
# cleaned for readability
Evil Puncker <EPuncker@users.noreply.github.com>
Fernando Matos <fernando@pixele.com.br>
Lee <42119604+Leesneaks@users.noreply.github.com>
caio <caio.zucoli@gmail.com>
slawkens <slawkens@gmail.com>
tobi132 <52947952+tobi132@users.noreply.github.com>
vankk <nwtr.otland@hotmail.com>
whiteblXK <krzys16001@gmail.com>
xitobuh <jonas.hockert92@gmail.com>

3
CREDITS
View File

@@ -1,3 +1,2 @@
* Gesior.pl (2007 - 2008)
* Slawkens (2009 - 2023)
* Contributors listed in CONTRIBUTORS.txt
* Slawkens (2009 - 2017)

79
README.md
View File

@@ -1,31 +1,18 @@
# [MyAAC](https://my-aac.org)
MyAAC is a free and open-source Automatic Account Creator (AAC) written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
# myaac
MyAAC is a free and open-source Automatic Account Creator (AAC) and Content Management System (CMS) written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
Official website: https://my-aac.org
[![GitHub Workflow Status (with event)](https://img.shields.io/github/actions/workflow/status/slawkens/myaac/cypress.yml)](https://github.com/slawkens/myaac/actions)
[![License: GPL-3.0](https://img.shields.io/github/license/slawkens/myaac)](https://opensource.org/licenses/gpl-license)
[![Downloads Count](https://img.shields.io/github/downloads/slawkens/myaac/total)](https://github.com/slawkens/myaac/releases)
[![OpenTibia Discord](https://img.shields.io/discord/288399552581468162)](https://discord.gg/2J39Wus)
[![Closed Issues](https://img.shields.io/github/issues-closed-raw/slawkens/myaac)](https://github.com/slawkens/myaac/issues?q=is%3Aissue+is%3Aclosed)
| Version | Status | Branch | Requirements |
|:--------|:-----------------------|:--------|:---------------|
| **1.x** | **Active development** | develop | **PHP >= 8.1** |
| 0.9.x | Not developed anymore | 0.9 | PHP >= 7.2.5 |
| 0.8.x | Active support | master | PHP >= 7.2.5 |
| 0.7.x | End Of Life | 0.7 | PHP >= 5.3.3 |
### Requirements
### REQUIREMENTS
- PHP 5.3.3 or later
- MySQL database
- PHP Extensions: pdo, xml, json
- (optional) apache2 mod_rewrite (to use friendly_urls)
- (optional) zip PHP Extension (to install plugins)
- (optional) gd PHP Extension (for generating signature images)
- PDO PHP Extension
- XML PHP Extension
- ZIP PHP Extension
- (optional) mod_rewrite to use friendly_urls
### Installation
### INSTALLATION AND CONFIGURATION
Just decompress and untar the source (which you should have done by now,
if you're reading this), into your webserver's document root.
@@ -41,51 +28,19 @@ Official website: https://my-aac.org
chmod 660 images/guilds
chmod 660 images/houses
chmod 660 images/gallery
chmod -R 760 system/cache
chmod -R 770 system/cache
Visit http://your_domain/install (http://localhost/install) and follow instructions in the browser.
### Configuration
### KNOWN PROBLEMS
Check *config.php* to get more informations. (Notice: MyAAC 1.0+ doesn't use config.php anymore, it has been moved to Admin Panel - Settings page).
- none -
Use *config.local.php* for your local configuration changes.
### OTHER NOTES
### Branches
If you have a great idea or want contribute to the project - visit our website at http://www.my-aac.org
This repository follows the Git Flow Workflow.
Cheatsheet: [Git-Flow-Cheetsheet](https://danielkummer.github.io/git-flow-cheatsheet)
### LICENSING
That means, we use:
* master branch, for current stable release
* develop branch, for development version (next release)
* feature branches, for features etc.
### Known Problems
- Some compatibility issues with some exotical distibutions.
### Contributing
Contributions are more than welcome.
Pull requests should be made to the *develop* branch as that is the working branch, master is for release code.
Bug fixes to current release should be done to master branch.
Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our wiki.
### Other Notes
If you have a great idea or want contribute to the project - visit our website at https://www.my-aac.org
## Project supported by JetBrains
Many thanks to Jetbrains for kindly providing a license for me to work on this and other open-source projects.
[![JetBrains](https://resources.jetbrains.com/storage/products/company/brand/logos/jb_beam.svg)](https://www.jetbrains.com/?from=https://github.com/slawkens)
### License
This program and all associated files are released under the GNU Public License.
See [LICENSE](https://github.com/slawkens/myaac/blob/master/LICENSE) for details.
This program and all associated files are released under the GNU Public
License, see LICENSE for details.

16
SECURITY.md
View File

@@ -1,16 +0,0 @@
# Security Policy
## Supported Versions
| Version | Supported |
| ------- | ------------------ |
| 1.x.y | :white_check_mark: |
| 0.9.x | :x: |
| 0.8.x | :white_check_mark: |
| < 0.7 | :x: |
## Reporting a Vulnerability
If you found a security vulnerability, please write an email to security@my-aac.org
All reports will be taken very seriously, and a fix will be posted as soon as possible.

37
TODO Normal file
View File

@@ -0,0 +1,37 @@
// MyAAC TODO
0.*
* support duplicated vocation names with different ids
* plugins: option to define custom requirements check in json file, to check if system meets the requirement
* add support for defining max myaac version in plugin.json file
* cache Menus in templates
* don't show error indicators on first time load - createaccount page
* update Twig to the latest version from 1.x branch
* semantic versioning support for plugins (github.com/composer/semver)
* add some notice to the user that installing step "Import Schema" will take some time
* check user IP on installing to prevent install by random user
1.0:
* i18n support (issue #1 on github)
* New Admin Panel layout and interface
* add changelog management interface
* remove tibiacom template, and include it as a plugin
2.0
* remove compat functions
* folder restructure:
* var/ (for logs, cache and data), config/, bin, public/ (for index and images and other public content), system/ (for php files and classess)
* rename templates to layouts as templates is meant to be used for twig templates
* change gifts_system to shop_system configurable
* move most used options in system/templates dir to separate directories (more transparent)
At any time between (version not specified):
* better news archive with search function (like on tibia.com)
* guild wars management (issue #13 on github)
* update account.management page to be more realistic (like on tibia.com)
* update guilds page to be more realistic (like on tibia.com)
* possibility to add extra cache engines with plugins
* preferably configurable (enable/disable) forum TinyMCE editor
* new cache engine - plain php, is good with pure php 7.0+ and opcache
* OTAdmin support in Admin Panel
* database towns table support for TFS 1.3

1
_config.yml
View File

@@ -1 +0,0 @@
theme: jekyll-theme-slate

3
admin/includes/functions.php
View File

@@ -1,2 +1 @@
<?php
// nothing yet here
<?php

45
admin/index.php
View File

@@ -1,20 +1,16 @@
<?php
// few things we'll need
require '../common.php';
define('ADMIN_PANEL', true);
define('MYAAC_ADMIN', true);
if(file_exists(BASE . 'config.local.php')) {
require_once BASE . 'config.local.php';
}
require('../common.php');
require_once(BASE . 'config.local.php');
if(file_exists(BASE . 'install') && (!isset($config['installed']) || !$config['installed']))
{
header('Location: ' . BASE_URL . 'install/');
throw new RuntimeException('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
die('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
}
define('ADMIN_PANEL', true);
$content = '';
// validate page
@@ -25,24 +21,11 @@ if(empty($page) || preg_match("/[^a-zA-Z0-9_\-]/", $page))
$page = strtolower($page);
define('PAGE', $page);
require SYSTEM . 'functions.php';
require SYSTEM . 'init.php';
if(config('env') === 'dev') {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
}
// event system
require_once SYSTEM . 'hooks.php';
$hooks = new Hooks();
$hooks->load();
require SYSTEM . 'status.php';
require SYSTEM . 'login.php';
require SYSTEM . 'migrate.php';
require ADMIN . 'includes/functions.php';
require(SYSTEM . 'functions.php');
require(SYSTEM . 'init.php');
require(SYSTEM . 'status.php');
require(SYSTEM . 'login.php');
require(ADMIN . 'includes/functions.php');
$twig->addGlobal('config', $config);
$twig->addGlobal('status', $status);
@@ -52,8 +35,8 @@ if(!$logged || !admin()) {
$page = 'login';
}
// include our page
$file = ADMIN . 'pages/' . $page . '.php';
// include our page
$file = SYSTEM . 'pages/admin/' . $page . '.php';
if(!@file_exists($file)) {
$page = '404';
$file = SYSTEM . 'pages/404.php';
@@ -67,5 +50,5 @@ ob_end_clean();
// template
$template_path = 'template/';
require ADMIN . $template_path . 'template.php';
require(ADMIN . $template_path . 'template.php');
?>

490
admin/pages/accounts.php
View File

@@ -1,490 +0,0 @@
<?php
/**
* Account editor
*
* @package MyAAC
* @author Lee
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Account editor';
$base = BASE_URL . 'admin/?p=accounts';
if ($config['account_country'])
require SYSTEM . 'countries.conf.php';
function echo_success($message)
{
echo '<p class="success">' . $message . '</p>';
}
function echo_error($message)
{
global $error;
echo '<p class="error">' . $message . '</p>';
$error = true;
}
function verify_number($number, $name, $max_length)
{
if (!Validator::number($number))
echo_error($name . ' can contain only numbers.');
$number_length = strlen($number);
if ($number_length <= 0 || $number_length > $max_length)
echo_error($name . ' cannot be longer than ' . $max_length . ' digits.');
}
$hasSecretColumn = $db->hasColumn('accounts', 'secret');
$hasCoinsColumn = $db->hasColumn('accounts', 'coins');
$hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
$hasTypeColumn = $db->hasColumn('accounts', 'type');
$hasGroupColumn = $db->hasColumn('accounts', 'group_id');
if ($config['account_country']) {
$countries = array();
foreach (array('pl', 'se', 'br', 'us', 'gb') as $c)
$countries[$c] = $config['countries'][$c];
$countries['--'] = '----------';
foreach ($config['countries'] as $code => $c)
$countries[$code] = $c;
}
?>
<link rel="stylesheet" type="text/css" href="<?php echo BASE_URL; ?>tools/css/jquery.datetimepicker.css"/ >
<script src="<?php echo BASE_URL; ?>tools/js/jquery.datetimepicker.js"></script>
<?php
$id = 0;
if (isset($_REQUEST['id']))
$id = (int)$_REQUEST['id'];
else if (isset($_REQUEST['search_name'])) {
if (strlen($_REQUEST['search_name']) < 3 && !Validator::number($_REQUEST['search_name'])) {
echo 'Player name is too short.';
} else {
if (Validator::number($_REQUEST['search_name']))
$id = $_REQUEST['search_name'];
else {
$query = $db->query('SELECT `id` FROM `accounts` WHERE `name` = ' . $db->quote($_REQUEST['search_name']));
if ($query->rowCount() == 1) {
$query = $query->fetch();
$id = $query['id'];
} else {
$query = $db->query('SELECT `id`, `name` FROM `accounts` WHERE `name` LIKE ' . $db->quote('%' . $_REQUEST['search_name'] . '%'));
if ($query->rowCount() > 0 && $query->rowCount() <= 10) {
echo 'Do you mean?<ul>';
foreach ($query as $row)
echo '<li><a href="' . $base . '&id=' . $row['id'] . '">' . $row['name'] . '</a></li>';
echo '</ul>';
} else if ($query->rowCount() > 10)
echo 'Specified name resulted with too many accounts.';
}
}
}
}
$groups = new OTS_Groups_List();
if ($id > 0) {
$account = new OTS_Account();
$account->load($id);
if (isset($account, $_POST['save']) && $account->isLoaded()) {// we want to save
$error = false;
$_error = '';
$account_db = new OTS_Account();
if(USE_ACCOUNT_NAME) {
$name = $_POST['name'];
$account_db->find($name);
if ($account_db->isLoaded() && $account->getName() != $name)
echo_error('This name is already used. Please choose another name!');
}
$account_db->load($id);
if (!$account_db->isLoaded())
echo_error('Account with this id doesn\'t exist.');
//type/group
if($hasTypeColumn || $hasGroupColumn) {
$group = $_POST['group'];
}
$password = ((!empty($_POST["pass"]) ? $_POST['pass'] : null));
if (!Validator::password($password)) {
$errors['password'] = Validator::getLastError();
}
//secret
if($hasSecretColumn) {
$secret = $_POST['secret'];
}
//key
$key = $_POST['key'];
$email = $_POST['email'];
if (!Validator::email($email))
$errors['email'] = Validator::getLastError();
//tibia coins
if ($hasCoinsColumn) {
$t_coins = $_POST['t_coins'];
verify_number($t_coins, 'Tibia coins', 12);
}
// prem days
$p_days = (int)$_POST['p_days'];
verify_number($p_days, 'Prem days', 11);
//prem points
$p_points = $_POST['p_points'];
verify_number($p_points, 'Prem Points', 11);
//rl name
$rl_name = $_POST['rl_name'];
//location
$rl_loca = $_POST['rl_loca'];
//country
$rl_country = $_POST['rl_country'];
$web_flags = $_POST['web_flags'];
verify_number($web_flags, 'Web Flags', 1);
//created
$created = $_POST['created'];
verify_number($created, 'Created', 11);
//web last login
$web_lastlogin = $_POST['web_lastlogin'];
verify_number($web_lastlogin, 'Web Last logout', 11);
if (!$error) {
if(USE_ACCOUNT_NAME) {
$account->setName($name);
}
if ($hasTypeColumn) {
$account->setCustomField('type', $group);
} elseif ($hasGroupColumn) {
$account->setCustomField('group_id', $group);
}
if($hasSecretColumn) {
$account->setCustomField('secret', $secret);
}
$account->setCustomField('key', $key);
$account->setEMail($email);
if ($hasCoinsColumn) {
$account->setCustomField('coins', $t_coins);
}
$lastDay = 0;
if($p_days != 0 && $p_days != OTS_Account::GRATIS_PREMIUM_DAYS) {
$lastDay = time();
} else if ($lastDay != 0) {
$lastDay = 0;
}
$account->setPremDays($p_days);
$account->setLastLogin($lastDay);
if ($hasPointsColumn) {
$account->setCustomField('premium_points', $p_points);
}
$account->setRLName($rl_name);
$account->setLocation($rl_loca);
$account->setCountry($rl_country);
$account->setCustomField('created', $created);
$account->setWebFlags($web_flags);
$account->setCustomField('web_lastlogin', $web_lastlogin);
if (isset($password)) {
$config_salt_enabled = $db->hasColumn('accounts', 'salt');
if ($config_salt_enabled) {
$salt = generateRandomString(10, false, true, true);
$password = $salt . $password;
$account_logged->setCustomField('salt', $salt);
}
$password = encrypt($password);
$account->setPassword($password);
if ($config_salt_enabled)
$account->setCustomField('salt', $salt);
}
$account->save();
echo_success('Account saved at: ' . date('G:i'));
}
}
}
$search_account = '';
if (isset($_REQUEST['search_name']))
$search_account = $_REQUEST['search_name'];
else if (isset($_REQUEST['search_account']))
$search_account = $_REQUEST['search_account'];
else if ($id > 0 && isset($account) && $account->isLoaded()) {
if(USE_ACCOUNT_NAME) {
$search_account = $account->getName();
}
else {
$search_account = $account->getId();
}
}
?>
<div class="row">
<?php if (isset($account) && $account->isLoaded()) { ?>
<form action="<?php echo $base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post"
class="form-horizontal">
<div class="col-md-8">
<div class="box box-primary">
<div class="box-body">
<div class="row">
<?php if(USE_ACCOUNT_NAME): ?>
<div class="col-xs-4">
<label for="name" class="control-label">Account Name:</label>
<input type="text" class="form-control" id="name" name="name"
autocomplete="off" style="cursor: auto;"
value="<?php echo $account->getName(); ?>"/>
</div>
<?php endif; ?>
<div class="col-xs-5">
<label for="c_pass" class="control-label">Password: (check to change)</label>
<div class="input-group">
<span class="input-group-addon">
<input type="checkbox"
name="c_pass"
id="c_pass"
value="false"
class="input_control"/>
</span>
<input type="text" class="form-control" id="pass" name="pass"
autocomplete="off" maxlength="20"
value=""/>
</div>
</div>
<div class="col-xs-3">
<label for="account_id" class="control-label">Account ID:</label>
<input type="text" class="form-control" id="account_id" name="account_id"
autocomplete="off" style="cursor: auto;" size="8" maxlength="11" disabled
value="<?php echo $account->getId(); ?>"/>
</div>
</div>
<div class="row">
<?php
$acc_group = $account->getAccGroupId();
if ($hasTypeColumn) {
$groups = new OTS_Groups_List();
$acc_type = array("Normal", "Tutor", "Senior Tutor", "Gamemaster", "God");
if ($groups->getHighestId() == 6) {
$acc_type = array("Normal", "Tutor", "Senior Tutor", "Gamemaster", "Community Manager", "God");
}
?>
<div class="col-xs-6">
<label for="group" class="control-label">Account Type:</label>
<select name="group" id="group" class="form-control">
<?php foreach ($acc_type as $id => $a_type): ?>
<option value="<?php echo($id + 1); ?>" <?php echo($acc_group == ($id + 1) ? 'selected' : ''); ?>><?php echo $a_type; ?></option>
<?php endforeach; ?>
</select>
</div>
<?php
} elseif ($hasGroupColumn) {
?>
<div class="col-xs-6">
<label for="group" class="control-label">Account Type:</label>
<select name="group" id="group" class="form-control">
<?php
foreach ($groups->getGroups() as $id => $group): ?>
<option value="<?php echo $id; ?>" <?php echo($acc_group == $id ? 'selected' : ''); ?>><?php echo $group->getName(); ?></option>
<?php endforeach; ?>
</select>
</div>
<?php } ?>
<div class="col-xs-6">
<label for="web_flags" class="control-label">Website Access:</label>
<select name="web_flags" id="web_flags" class="form-control">
<?php $web_acc = array("None", "Admin", "Super Admin", "(Admin + Super Admin)");
foreach ($web_acc as $id => $a_type): ?>
<option value="<?php echo($id); ?>" <?php echo($account->getWebFlags() == ($id) ? 'selected' : ''); ?>><?php echo $a_type; ?></option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="row">
<?php if($hasSecretColumn): ?>
<div class="col-xs-6">
<label for="secret" class="control-label">Secret:</label>
<input type="text" class="form-control" id="secret" name="secret"
autocomplete="off" style="cursor: auto;" size="8" maxlength="11"
value="<?php echo $account->getCustomField('secret'); ?>"/>
</div>
<?php endif; ?>
<div class="col-xs-6">
<label for="key" class="control-label">Key:</label>
<input type="text" class="form-control" id="key" name="key"
autocomplete="off" style="cursor: auto;" size="8" maxlength="11"
value="<?php echo $account->getCustomField('key'); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6">
<label for="email" class="control-label">Email:</label>
<input type="text" class="form-control" id="email" name="email"
autocomplete="off" maxlength="20"
value="<?php echo $account->getEMail(); ?>"/>
</div>
<?php if ($hasCoinsColumn): ?>
<div class="col-xs-6">
<label for="t_coins" class="control-label">Tibia Coins:</label>
<input type="text" class="form-control" id="t_coins" name="t_coins"
autocomplete="off" maxlength="8"
value="<?php echo $account->getCustomField('coins') ?>"/>
</div>
<?php endif; ?>
<div class="col-xs-6">
<label for="p_days" class="control-label">Premium Days:</label>
<input type="text" class="form-control" id="p_days" name="p_days"
autocomplete="off" maxlength="11"
value="<?php echo $account->getPremDays(); ?>"/>
</div>
<?php if ($hasPointsColumn): ?>
<div class="col-xs-6">
<label for="p_points" class="control-label">Premium Points:</label>
<input type="text" class="form-control" id="p_points" name="p_points"
autocomplete="off" maxlength="8"
value="<?php echo $account->getCustomField('premium_points') ?>"/>
</div>
<?php endif; ?>
</div>
<div class="row">
<div class="col-xs-4">
<label for="rl_name" class="control-label">RL Name:</label>
<input type="text" class="form-control" id="rl_name" name="rl_name"
autocomplete="off" maxlength="20"
value="<?php echo $account->getRLName(); ?>"/>
</div>
<div class="col-xs-4">
<label for="rl_loca" class="control-label">Location:</label>
<input type="text" class="form-control" id="rl_loca" name="rl_loca"
autocomplete="off" maxlength="20"
value="<?php echo $account->getLocation(); ?>"/>
</div>
<div class="col-xs-4">
<label for="rl_country" class="control-label">Country:</label>
<select name="rl_country" id="rl_country" class="form-control">
<?php foreach ($countries as $id => $a_type): ?>
<option value="<?php echo($id); ?>" <?php echo($account->getCountry() == ($id) ? 'selected' : ''); ?>><?php echo $a_type; ?></option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="row">
<div class="col-xs-4">
<label for="created" class="control-label">Created:</label>
<input type="text" class="form-control" id="created" name="created"
autocomplete="off" maxlength="20"
value="<?php echo $account->getCustomField('created'); ?>"/>
</div>
<div class="col-xs-4">
<label for="web_lastlogin" class="control-label">Web Last Login:</label>
<input type="text" class="form-control" id="web_lastlogin" name="web_lastlogin"
autocomplete="off" maxlength="20"
value="<?php echo $account->getCustomField('web_lastlogin'); ?>"/>
</div>
</div>
<input type="hidden" name="save" value="yes"/>
<div class="box-footer">
<a href="<?php echo ADMIN_URL; ?>?p=accounts"><span class="btn btn-danger">Cancel</span></a>
<div class="pull-right">
<input type="submit" class="btn btn-primary" value="Update">
</div>
</div>
</div>
</div>
</form>
</div>
<?php } ?>
<div class="col-md-4">
<div class="box box-primary">
<div class="box-header with-border">
<h3 class="box-title">Search Account:</h3>
<div class="box-tools pull-right">
<button type="button" class="btn btn-box-tool" data-widget="collapse"><i class="fa fa-minus"></i>
</button>
</div>
</div>
<div class="box-body">
<form action="<?php echo $base; ?>" method="post">
<div class="input-group input-group-sm">
<input type="text" class="form-control" name="search_name" value="<?php echo escapeHtml($search_account); ?>"
maxlength="32" size="32">
<span class="input-group-btn">
<button type="submit" type="button" class="btn btn-info btn-flat">Search</button>
</span>
</div>
</form>
</div>
</div>
<?php
if (isset($account) && $account->isLoaded()) {
$account_players = array();
$query = $db->query('SELECT `name`,`level`,`vocation` FROM `players` WHERE `account_id` = ' . $account->getId() . ' ORDER BY `name`')->fetchAll();
if (isset($query)) {
?>
<div class="box">
<div class="box-header">
<h3 class="box-title">Character List:</h3>
</div>
<div class="box-body no-padding">
<table class="table table-striped">
<tbody>
<tr>
<th style="width: 10px">#</th>
<th>Name</th>
<th>Level</th>
<th style="width: 40px">Edit</th>
</tr>
<?php
$i = 1;
foreach ($query as $p) {
$account_players[] = $p;
echo '<tr>
<td>' . $i . '.</td>
<td>' . $p['name'] . '</td>
<td>' . $p['level'] . '</td>
<td><a href="?p=players&search_name=' . $p['name'] . '"><span class="btn btn-success btn-sm edit btn-flat"><i class="fa fa-edit"></i></span></a></span></td>
</tr>';
$i++;
} ?>
</tbody>
</table>
</div>
</div>
<?php
};
};
?>
</div>
<script type="text/javascript">
$('#lastlogout').datetimepicker({format: 'unixtime'});
$('#created').datetimepicker({format: 'unixtime'});
$('#web_lastlogin').datetimepicker({format: 'unixtime'});
$(document).ready(function () {
$('.input_control').change(function () {
$('input[name=pass]')[0].disabled = !this.checked;
$('input[name=pass]')[0].value = '';
}).change();
});
</script>

26
admin/pages/changelog.php
View File

@@ -1,26 +0,0 @@
<?php
/**
* CHANGELOG viewer
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'MyAAC Changelog';
if (!file_exists(BASE . 'CHANGELOG.md')) {
echo 'File CHANGELOG.md doesn\'t exist.';
return;
}
require LIBS . 'Parsedown.php';
$changelog = file_get_contents(BASE . 'CHANGELOG.md');
$Parsedown = new Parsedown();
$changelog = $Parsedown->text($changelog); # prints: <p>Hello <em>Parsedown</em>!</p>
echo '<div>' . $changelog . '</div>';

91
admin/pages/dashboard.php
View File

@@ -1,91 +0,0 @@
<?php
/**
* Dashboard
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Dashboard';
if (isset($_GET['clear_cache'])) {
if (clearCache()) {
success('Cache cleared.');
} else {
error('Error while clearing cache.');
}
}
if (isset($_GET['maintenance'])) {
$_status = (int)$_POST['status'];
$message = $_POST['message'];
if (empty($message)) {
error('Message cannot be empty.');
} else if (strlen($message) > 255) {
error('Message is too long. Maximum length allowed is 255 chars.');
} else {
$tmp = '';
if (fetchDatabaseConfig('site_closed', $tmp))
updateDatabaseConfig('site_closed', $_status);
else
registerDatabaseConfig('site_closed', $_status);
if (fetchDatabaseConfig('site_closed_message', $tmp))
updateDatabaseConfig('site_closed_message', $message);
else
registerDatabaseConfig('site_closed_message', $message);
}
}
$is_closed = getDatabaseConfig('site_closed') == '1';
$closed_message = 'Server is under maintenance, please visit later.';
$tmp = '';
if (fetchDatabaseConfig('site_closed_message', $tmp))
$closed_message = $tmp;
$query = $db->query('SELECT count(*) as `how_much` FROM `accounts`;');
$query = $query->fetch();
$total_accounts = $query['how_much'];
$query = $db->query('SELECT count(*) as `how_much` FROM `players`;');
$query = $query->fetch();
$total_players = $query['how_much'];
$query = $db->query('SELECT count(*) as `how_much` FROM `guilds`;');
$query = $query->fetch();
$total_guilds = $query['how_much'];
$query = $db->query('SELECT count(*) as `how_much` FROM `houses`;');
$query = $query->fetch();
$total_houses = $query['how_much'];
$twig->display('admin.statistics.html.twig', array(
'total_accounts' => $total_accounts,
'total_players' => $total_players,
'total_guilds' => $total_guilds,
'total_houses' => $total_houses
));
$twig->display('admin.dashboard.html.twig', array(
'is_closed' => $is_closed,
'closed_message' => $closed_message,
'status' => $status,
'account_type' => USE_ACCOUNT_NAME ? 'name' : 'number'
));
echo '<div class="row">';
$configAdminPanelModules = config('admin_panel_modules');
if(isset($configAdminPanelModules))
$configAdminPanelModules = explode(',', $configAdminPanelModules);
$twig_loader->prependPath(__DIR__ . '/modules/templates');
foreach($configAdminPanelModules as $box) {
$file = __DIR__ . '/modules/' . $box . '.php';
if(file_exists($file)) {
include($file);
}
}
echo '</div>';

0
admin/pages/index.html
View File

35
admin/pages/items.php
View File

@@ -1,35 +0,0 @@
<?php
/**
* Load items.xml
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Load items.xml';
require_once LIBS . 'items.php';
require_once LIBS . 'weapons.php';
$twig->display('admin.items.html.twig');
$reload = isset($_REQUEST['reload']) && (int)$_REQUEST['reload'] === 1;
if ($reload) {
$items_start_time = microtime(true);
if (Items::loadFromXML(true)) {
success('Successfully loaded items (in ' . round(microtime(true) - $items_start_time, 4) . ' seconds).');
}
else {
error(Items::getError());
}
$weapons_start_time = microtime(true);
if (Weapons::loadFromXML(true)) {
success('Successfully loaded weapons (in ' . round(microtime(true) - $weapons_start_time, 4) . ' seconds).');
}
else {
error(Weapons::getError());
}
}

26
admin/pages/login.php
View File

@@ -1,26 +0,0 @@
<?php
/**
* Login
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Login';
$logout = '';
if ($action == 'logout') {
$logout = "You have been logged out!";
}
if (isset($errors)) {
foreach ($errors as $error) {
error($error);
}
}
$twig->display('admin.login.html.twig', array(
'logout' => $logout,
'account' => USE_ACCOUNT_NAME ? 'Name' : 'Number',
));

81
admin/pages/logs.php
View File

@@ -1,81 +0,0 @@
<?php
/**
* Logs
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Logs Viewer';
$files = array();
$aac_path_logs = BASE . 'system/logs/';
foreach (scandir($aac_path_logs, SCANDIR_SORT_ASCENDING) as $f) {
if ($f[0] === '.' || is_dir($aac_path_logs . $f)) {
continue;
}
$files[] = array($f, $aac_path_logs);
}
$server_path_logs = $config['server_path'] . 'logs/';
if (!file_exists($server_path_logs)) {
$server_path_logs = $config['data_path'] . 'logs/';
}
if (file_exists($server_path_logs)) {
foreach (scandir($server_path_logs, SCANDIR_SORT_ASCENDING) as $f) {
if ($f[0] === '.') {
continue;
}
if (is_dir($server_path_logs . $f)) {
foreach (scandir($server_path_logs . $f, SCANDIR_SORT_ASCENDING) as $f2) {
if ($f2[0] === '.') {
continue;
}
$files[] = array($f . '/' . $f2, $server_path_logs);
}
continue;
}
$files[] = array($f, $server_path_logs);
}
}
foreach ($files as &$f) {
$f['mtime'] = filemtime($f[1] . $f[0]);
$f['name'] = $f[0];
}
unset($f);
$twig->display('admin.logs.html.twig', array('files' => $files));
define('EXIST_NONE', 0);
define('EXIST_SERVER_LOG', 1);
define('EXIST_AAC_LOG', 2);
$exist = EXIST_NONE;
$file = isset($_GET['file']) ? $_GET['file'] : null;
if (!empty($file)) {
if (!preg_match('/[^A-z0-9\' _\/\-\.]/', $file)) {
if (file_exists($aac_path_logs . $file)) {
$exist = EXIST_AAC_LOG;
} else if (file_exists($server_path_logs . $file)) {
$exist = EXIST_SERVER_LOG;
} else {
echo 'Specified file does not exist.';
}
if ($exist !== EXIST_NONE) {
$content = nl2br(file_get_contents(($exist === EXIST_SERVER_LOG ? $server_path_logs : $aac_path_logs) . $file));
$twig->display('admin.logs.view.html.twig', array('file' => $file, 'content' => $content));
}
} else {
echo 'Invalid file name specified.';
}
}

137
admin/pages/menus.php
View File

@@ -1,137 +0,0 @@
<?php
/**
* Menus
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Menus';
if (!hasFlag(FLAG_CONTENT_MENUS) && !superAdmin()) {
echo 'Access denied.';
return;
}
if (isset($_REQUEST['template'])) {
$template = $_REQUEST['template'];
if (isset($_REQUEST['menu'])) {
$post_menu = $_REQUEST['menu'];
$post_menu_link = $_REQUEST['menu_link'];
$post_menu_blank = $_REQUEST['menu_blank'];
$post_menu_color = $_REQUEST['menu_color'];
if (count($post_menu) != count($post_menu_link)) {
echo 'Menu count is not equal menu links. Something went wrong when sending form.';
return;
}
$db->query('DELETE FROM `' . TABLE_PREFIX . 'menu` WHERE `template` = ' . $db->quote($template));
foreach ($post_menu as $category => $menus) {
foreach ($menus as $i => $menu) {
if (empty($menu)) // don't save empty menu item
continue;
try {
$db->insert(TABLE_PREFIX . 'menu', array('template' => $template, 'name' => $menu, 'link' => $post_menu_link[$category][$i], 'blank' => $post_menu_blank[$category][$i] == 'on' ? 1 : 0, 'color' => str_replace('#', '', $post_menu_color[$category][$i]), 'category' => $category, 'ordering' => $i));
} catch (PDOException $error) {
warning('Error while adding menu item (' . $menu . '): ' . $error->getMessage());
}
}
}
$cache = Cache::getInstance();
if ($cache->enabled()) {
$cache->delete('template_menus');
}
success('Saved at ' . date('H:i'));
}
$file = TEMPLATES . $template . '/config.php';
if (file_exists($file)) {
require_once $file;
} else {
echo 'Cannot find template config.php file.';
return;
}
if (!isset($config['menu_categories'])) {
echo "No menu categories set in template config.php.<br/>This template doesn't support dynamic menus.";
return;
}
echo 'Hint: You can drag menu items.<br/>
Hint: Add links to external sites using: <b>http://</b> or <b>https://</b> prefix.<br/>
Not all templates support blank and colorful links.<br/><br/>
<div class="row">';
$menus = array();
$menus_db = $db->query('SELECT `name`, `link`, `blank`, `color`, `category`, `ordering` FROM `' . TABLE_PREFIX . 'menu` WHERE `enabled` = 1 AND `template` = ' . $db->quote($template) . ' ORDER BY `ordering` ASC;')->fetchAll();
foreach ($menus_db as $menu) {
$menus[$menu['category']][] = array('name' => $menu['name'], 'link' => $menu['link'], 'blank' => $menu['blank'], 'color' => $menu['color'], 'ordering' => $menu['ordering']);
}
$last_id = array();
echo '<form method="post" id="menus-form" action="?p=menus">';
echo '<input type="hidden" name="template" value="' . $template . '"/>';
foreach ($config['menu_categories'] as $id => $cat) {
echo ' <div class="col-md-12 col-lg-6">
<div class="box box-danger">
<div class="box-header with-border">
<h3 class="box-title">' . $cat['name'] . ' <img class="add-button" id="add-button-' . $id . '" src="' . BASE_URL . 'images/plus.png" width="16" height="16"/></h3>
</div>
<div class="box-body">';
echo '<ul class="sortable" id="sortable-' . $id . '">';
if (isset($menus[$id])) {
$i = 0;
foreach ($menus[$id] as $menu) {
echo '<li class="ui-state-default" id="list-' . $id . '-' . $i . '"><label>Name:</label><input type="text" name="menu[' . $id . '][]" value="' . escapeHtml($menu['name']) . '"/>
<label>Link:</label><input type="text" name="menu_link[' . $id . '][]" value="' . $menu['link'] . '"/>
<input type="hidden" name="menu_blank[' . $id . '][]" value="0" />
<label><input class="blank-checkbox" type="checkbox" ' . ($menu['blank'] == 1 ? 'checked' : '') . '/><span title="Open in New Window">Open in New Window</span></label>
<input class="color-picker" type="text" name="menu_color[' . $id . '][]" value="#' . $menu['color'] . '" />
<a class="remove-button" id="remove-button-' . $id . '-' . $i . '"><img src="' . BASE_URL . 'images/del.png"/></a></li>';
$i++;
$last_id[$id] = $i;
}
}
echo '</ul>';
echo ' </div>
</div>
</div>
';
}
echo ' </div><div class="row"><div class="col-md-6">';
echo '<input type="submit" class="btn btn-info" value="Save">';
echo '<input type="button" class="btn btn-default pull-right" value="Cancel" onclick="window.location = \'' . ADMIN_URL . '?p=menus&template=' . $template . '\';">';
echo '</div></div>';
echo '</form>';
$twig->display('admin.menus.js.html.twig', array(
'menus' => $menus,
'last_id' => $last_id
));
?>
<?php
} else {
$templates = $db->query('SELECT `template` FROM `' . TABLE_PREFIX . 'menu` GROUP BY `template`;')->fetchAll();
foreach ($templates as $key => $value) {
$file = TEMPLATES . $value['template'] . '/config.php';
if (!file_exists($file)) {
unset($templates[$key]);
}
}
$twig->display('admin.menus.form.html.twig', array(
'templates' => $templates
));
}

11
admin/pages/modules/coins.php
View File

@@ -1,11 +0,0 @@
<?php
if ($db->hasColumn('accounts', 'coins')) {
$coins = $db->query('SELECT `coins`, `' . (USE_ACCOUNT_NAME ? 'name' : 'id') . '` as `name` FROM `accounts` ORDER BY `coins` DESC LIMIT 10;');
} else {
$coins = 0;
}
$twig->display('coins.html.twig', array(
'coins' => $coins
));

0
admin/pages/modules/index.html
View File

11
admin/pages/modules/lastlogin.php
View File

@@ -1,11 +0,0 @@
<?php
if ($db->hasColumn('players', 'lastlogin')) {
$players = $db->query('SELECT name, level, lastlogin FROM players ORDER BY lastlogin DESC LIMIT 10;');
} else {
$players = 0;
}
$twig->display('lastlogin.html.twig', array(
'players' => $players,
));

10
admin/pages/modules/points.php
View File

@@ -1,10 +0,0 @@
<?php
if ($db->hasColumn('accounts', 'premium_points')) {
$points = $db->query('SELECT `premium_points`, `' . (USE_ACCOUNT_NAME ? 'name' : 'id') . '` as `name` FROM `accounts` ORDER BY `premium_points` DESC LIMIT 10;');
} else {
$points = 0;
}
$twig->display('points.html.twig', array(
'points' => $points,
));

29
admin/pages/modules/templates/coins.html.twig
View File

@@ -1,29 +0,0 @@
{% if coins is iterable %}
<div class="col-md-3">
<div class="box">
<div class="box-header">
<h3 class="box-title">Top 10 - Most coins</h3>
</div>
<div class="box-body no-padding">
<table class="table table-condensed">
<tbody>
<tr>
<th>#</th>
<th>Account {{ account_type }}</th>
<th>Tibia coins</th>
</tr>
{% set i = 0 %}
{% for result in coins %}
{% set i = i + 1 %}
<tr>
<td>{{ i }}</td>
<td>{{ result.name }}</td>
<td>{{ result.coins }}</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
</div>
{% endif %}

0
admin/pages/modules/templates/index.html
View File

29
admin/pages/modules/templates/lastlogin.html.twig
View File

@@ -1,29 +0,0 @@
{% if players is iterable %}
<div class="col-md-3">
<div class="box">
<div class="box-header">
<h3 class="box-title">Last 10 Logins</h3>
</div>
<div class="box-body no-padding">
<table class="table table-condensed">
<tbody>
<tr>
<th>#</th>
<th>Player</th>
<th>Login Date</th>
</tr>
{% set i = 0 %}
{% for result in players %}
{% set i = i + 1 %}
<tr>
<td>{{ i }}</td>
<td>{{ result.name }}</td>
<td>{{ result.lastlogin|date("M d Y, H:i:s") }}</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
</div>
{% endif %}

29
admin/pages/modules/templates/points.html.twig
View File

@@ -1,29 +0,0 @@
{% if points is iterable %}
<div class="col-md-3">
<div class="box">
<div class="box-header">
<h3 class="box-title">Top 10 - Most premium points</h3>
</div>
<div class="box-body no-padding">
<table class="table table-condensed">
<tbody>
<tr>
<th>#</th>
<th>Account {{ account_type }}</th>
<th>Premium points</th>
</tr>
{% set i = 0 %}
{% for result in points %}
{% set i = i + 1 %}
<tr>
<td>{{ i }}</td>
<td>{{ result.name }}</td>
<td>{{ result.premium_points }}</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
</div>
{% endif %}

154
admin/pages/news.php
View File

@@ -1,154 +0,0 @@
<?php
/**
* Pages
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
require_once LIBS . 'forum.php';
require_once LIBS . 'news.php';
$title = 'News Panel';
if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
echo 'Access denied.';
return;
}
header('X-XSS-Protection:0');
// some constants, used mainly by database (cannot by modified without schema changes)
define('TITLE_LIMIT', 100);
define('BODY_LIMIT', 65535); // maximum news body length
define('ARTICLE_TEXT_LIMIT', 300);
define('ARTICLE_IMAGE_LIMIT', 100);
$name = $p_title = '';
if(!empty($action))
{
$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
$p_title = isset($_REQUEST['title']) ? $_REQUEST['title'] : null;
$body = isset($_REQUEST['body']) ? stripslashes($_REQUEST['body']) : null;
$comments = isset($_REQUEST['comments']) ? $_REQUEST['comments'] : null;
$type = isset($_REQUEST['type']) ? (int)$_REQUEST['type'] : null;
$category = isset($_REQUEST['category']) ? (int)$_REQUEST['category'] : null;
$player_id = isset($_REQUEST['player_id']) ? (int)$_REQUEST['player_id'] : null;
$article_text = isset($_REQUEST['article_text']) ? $_REQUEST['article_text'] : null;
$article_image = isset($_REQUEST['article_image']) ? $_REQUEST['article_image'] : null;
$forum_section = isset($_REQUEST['forum_section']) ? $_REQUEST['forum_section'] : null;
$errors = array();
if($action == 'add') {
if(isset($forum_section) && $forum_section != '-1') {
$forum_add = Forum::add_thread($p_title, $body, $forum_section, $player_id, $account_logged->getId(), $errors);
}
if(News::add($p_title, $body, $type, $category, $player_id, isset($forum_add) && $forum_add != 0 ? $forum_add : 0, $article_text, $article_image, $errors)) {
$p_title = $body = $comments = $article_text = $article_image = '';
$type = $category = $player_id = 0;
success("Added successful.");
}
}
else if($action == 'delete') {
News::delete($id, $errors);
success("Deleted successful.");
}
else if($action == 'edit')
{
if(isset($id) && !isset($p_title)) {
$news = News::get($id);
$p_title = $news['title'];
$body = $news['body'];
$comments = $news['comments'];
$type = $news['type'];
$category = $news['category'];
$player_id = $news['player_id'];
$article_text = $news['article_text'];
$article_image = $news['article_image'];
}
else {
if(News::update($id, $p_title, $body, $type, $category, $player_id, $forum_section, $article_text, $article_image, $errors)) {
// update forum thread if exists
if(isset($forum_section) && Validator::number($forum_section)) {
$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = ".(int) $player_id.", `post_text` = ".$db->quote($body).", `post_topic` = ".$db->quote($p_title).", `edit_date` = " . time() . " WHERE `id` = " . $db->quote($forum_section));
}
$action = $p_title = $body = $comments = $article_text = $article_image = '';
$type = $category = $player_id = 0;
success("Updated successful.");
}
}
}
else if($action == 'hide') {
News::toggleHidden($id, $errors, $status);
success(($status == 1 ? 'Show' : 'Hide') . " successful.");
}
if(!empty($errors))
error(implode(", ", $errors));
}
$categories = array();
foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hidden` != 1') as $cat)
{
$categories[$cat['id']] = array(
'name' => $cat['name'],
'icon_id' => $cat['icon_id']
);
}
if($action == 'edit' || $action == 'new') {
if($action == 'edit') {
$player = new OTS_Player();
$player->load($player_id);
}
$account_players = $account_logged->getPlayersList();
$account_players->orderBy('group_id', POT::ORDER_DESC);
$twig->display('admin.news.form.html.twig', array(
'action' => $action,
'news_link' => getLink(PAGE),
'news_link_form' => '?p=news&action=' . ($action == 'edit' ? 'edit' : 'add'),
'news_id' => isset($id) ? $id : null,
'title' => isset($p_title) ? $p_title : '',
'body' => isset($body) ? escapeHtml($body) : '',
'type' => isset($type) ? $type : null,
'player' => isset($player) && $player->isLoaded() ? $player : null,
'player_id' => isset($player_id) ? $player_id : null,
'account_players' => $account_players,
'category' => isset($category) ? $category : 0,
'categories' => $categories,
'forum_boards' => getForumBoards(),
'forum_section' => isset($forum_section) ? $forum_section : null,
'comments' => isset($comments) ? $comments : null,
'article_text' => isset($article_text) ? $article_text : null,
'article_image' => isset($article_image) ? $article_image : null
));
}
$query = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news'));
$newses = array();
foreach ($query as $_news) {
$_player = new OTS_Player();
$_player->load($_news['player_id']);
$newses[$_news['type']][] = array(
'id' => $_news['id'],
'hidden' => $_news['hidden'],
'archive_link' => getLink('news') . '/archive/' . $_news['id'],
'title' => $_news['title'],
'date' => $_news['date'],
'player_name' => isset($_player) && $_player->isLoaded() ? $_player->getName() : '',
'player_link' => isset($_player) && $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
);
}
$twig->display('admin.news.html.twig', array(
'newses' => $newses
));

19
admin/pages/phpinfo.php
View File

@@ -1,19 +0,0 @@
<?php
/**
* PHP Info
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'PHP Info';
if (!function_exists('phpinfo')) { ?>
<b>phpinfo()</b> function is disabled in your webserver config.<br/>
You can enable it by editing <b>php.ini</b> file.
<?php return;
}
?>
<iframe src="<?php echo BASE_URL; ?>admin/tools/phpinfo.php" width="1024" height="550"/>

904
admin/pages/players.php
View File

@@ -1,904 +0,0 @@
<?php
/**
* Players editor
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Player editor';
$base = BASE_URL . 'admin/?p=players';
function echo_success($message)
{
echo '<p class="success">' . $message . '</p>';
}
function echo_error($message)
{
global $error;
echo '<p class="error">' . $message . '</p>';
$error = true;
}
function verify_number($number, $name, $max_length)
{
if (!Validator::number($number))
echo_error($name . ' can contain only numbers.');
$number_length = strlen($number);
if ($number_length <= 0 || $number_length > $max_length)
echo_error($name . ' cannot be longer than ' . $max_length . ' digits.');
}
$skills = array(
POT::SKILL_FIST => array('Fist fighting', 'fist'),
POT::SKILL_CLUB => array('Club fighting', 'club'),
POT::SKILL_SWORD => array('Sword fighting', 'sword'),
POT::SKILL_AXE => array('Axe fighting', 'axe'),
POT::SKILL_DIST => array('Distance fighting', 'dist'),
POT::SKILL_SHIELD => array('Shielding', 'shield'),
POT::SKILL_FISH => array('Fishing', 'fish')
);
$hasBlessingsColumn = $db->hasColumn('players', 'blessings');
$hasBlessingColumn = $db->hasColumn('players', 'blessings1');
$hasLookAddons = $db->hasColumn('players', 'lookaddons');
?>
<link rel="stylesheet" type="text/css" href="<?php echo BASE_URL; ?>tools/css/jquery.datetimepicker.css"/ >
<script src="<?php echo BASE_URL; ?>tools/js/jquery.datetimepicker.js"></script>
<?php
$id = 0;
if (isset($_REQUEST['id']))
$id = (int)$_REQUEST['id'];
else if (isset($_REQUEST['search_name'])) {
if (strlen($_REQUEST['search_name']) < 3 && !Validator::number($_REQUEST['search_name'])) {
echo 'Player name is too short.';
} else {
if (Validator::number($_REQUEST['search_name']))
$id = $_REQUEST['search_name'];
else {
$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($_REQUEST['search_name']));
if ($query->rowCount() == 1) {
$query = $query->fetch();
$id = $query['id'];
} else {
$query = $db->query('SELECT `id`, `name` FROM `players` WHERE `name` LIKE ' . $db->quote('%' . $_REQUEST['search_name'] . '%'));
if ($query->rowCount() > 0 && $query->rowCount() <= 10) {
echo 'Do you mean?<ul>';
foreach ($query as $row)
echo '<li><a href="' . $base . '&id=' . $row['id'] . '">' . $row['name'] . '</a></li>';
echo '</ul>';
} else if ($query->rowCount() > 10)
echo 'Specified name resulted with too many players.';
}
}
}
}
$groups = new OTS_Groups_List();
if ($id > 0) {
$player = new OTS_Player();
$player->load($id);
if (isset($player) && $player->isLoaded() && isset($_POST['save'])) {// we want to save
$error = false;
if ($player->isOnline())
echo_error('This player is actually online. You can\'t edit online players.');
$name = $_POST['name'];
$_error = '';
if (!Validator::characterName($name))
echo_error(Validator::getLastError());
//if(!Validator::newCharacterName($name)
// echo_error(Validator::getLastError());
$player_db = new OTS_Player();
$player_db->find($name);
if ($player_db->isLoaded() && $player->getName() != $name)
echo_error('This name is already used. Please choose another name!');
$account_id = $_POST['account_id'];
verify_number($account_id, 'Account id', 11);
$account_db = new OTS_Account();
$account_db->load($account_id);
if (!$account_db->isLoaded())
echo_error('Account with this id doesn\'t exist.');
$group = $_POST['group'];
if ($groups->getGroup($group) == false)
echo_error('Group with this id doesn\'t exist');
$level = $_POST['level'];
verify_number($level, 'Level', 11);
$experience = $_POST['experience'];
verify_number($experience, 'Experience', 20);
$vocation = $_POST['vocation'];
verify_number($vocation, 'Vocation id', 11);
if (!isset($config['vocations'][$vocation])) {
echo_error("Vocation with this id doesn't exist.");
}
// health
$health = $_POST['health'];
verify_number($health, 'Health', 11);
$health_max = $_POST['health_max'];
verify_number($health_max, 'Health max', 11);
// mana
$magic_level = $_POST['magic_level'];
verify_number($magic_level, 'Magic_level', 11);
$mana = $_POST['mana'];
verify_number($mana, 'Mana', 11);
$mana_max = $_POST['mana_max'];
verify_number($mana_max, 'Mana max', 11);
$mana_spent = $_POST['mana_spent'];
verify_number($mana_spent, 'Mana spent', 11);
// look
$look_body = $_POST['look_body'];
verify_number($look_body, 'Look body', 11);
$look_feet = $_POST['look_feet'];
verify_number($look_feet, 'Look feet', 11);
$look_head = $_POST['look_head'];
verify_number($look_head, 'Look head', 11);
$look_legs = $_POST['look_legs'];
verify_number($look_legs, 'Look legs', 11);
$look_type = $_POST['look_type'];
verify_number($look_type, 'Look type', 11);
if ($hasLookAddons) {
$look_addons = $_POST['look_addons'];
verify_number($look_addons, 'Look addons', 11);
}
// pos
$pos_x = $_POST['pos_x'];
verify_number($pos_x, 'Position x', 11);
$pos_y = $_POST['pos_y'];
verify_number($pos_y, 'Position y', 11);
$pos_z = $_POST['pos_z'];
verify_number($pos_z, 'Position z', 11);
$soul = $_POST['soul'];
verify_number($soul, 'Soul', 10);
$town = $_POST['town'];
verify_number($town, 'Town', 11);
$capacity = $_POST['capacity'];
verify_number($capacity, 'Capacity', 11);
$sex = $_POST['sex'];
verify_number($sex, 'Sex', 1);
$lastlogin = $_POST['lastlogin'];
verify_number($lastlogin, 'Last login', 20);
$lastlogout = $_POST['lastlogout'];
verify_number($lastlogout, 'Last logout', 20);
$skull = $_POST['skull'];
verify_number($skull, 'Skull', 1);
$skull_time = $_POST['skull_time'];
verify_number($skull_time, 'Skull time', 11);
if ($db->hasColumn('players', 'loss_experience')) {
$loss_experience = $_POST['loss_experience'];
verify_number($loss_experience, 'Loss experience', 11);
$loss_mana = $_POST['loss_mana'];
verify_number($loss_mana, 'Loss mana', 11);
$loss_skills = $_POST['loss_skills'];
verify_number($loss_skills, 'Loss skills', 11);
$loss_containers = $_POST['loss_containers'];
verify_number($loss_containers, 'Loss loss_containers', 11);
$loss_items = $_POST['loss_items'];
verify_number($loss_items, 'Loss items', 11);
}
if ($db->hasColumn('players', 'offlinetraining_time')) {
$offlinetraining = $_POST['offlinetraining'];
verify_number($offlinetraining, 'Offline Training time', 11);
}
if ($hasBlessingsColumn) {
$blessings = $_POST['blessings'];
verify_number($blessings, 'Blessings', 2);
}
$balance = $_POST['balance'];
verify_number($balance, 'Balance', 20);
if ($db->hasColumn('players', 'stamina')) {
$stamina = $_POST['stamina'];
verify_number($stamina, 'Stamina', 20);
}
$deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true');
$hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true');
$created = $_POST['created'];
verify_number($created, 'Created', 11);
$comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'], 0, 2000))) : NULL;
foreach ($_POST['skills'] as $skill => $value)
verify_number($value, $skills[$skill][0], 10);
foreach ($_POST['skills_tries'] as $skill => $value)
verify_number($value, $skills[$skill][0] . ' tries', 10);
if ($hasBlessingColumn) {
$bless_count = $_POST['blesscount'];
for ($i = 1; $i <= $bless_count; $i++) {
$a = 'blessing' . $i;
${'blessing' . $i} = (isset($_POST[$a]) && $_POST[$a] == 'true');
}
}
if (!$error) {
$player->setName($name);
$player->setAccount($account_db);
$player->setGroup($groups->getGroup($group));
$player->setLevel($level);
$player->setExperience($experience);
$player->setVocation($vocation);
$player->setHealth($health);
$player->setHealthMax($health_max);
$player->setMagLevel($magic_level);
$player->setMana($mana);
$player->setManaMax($mana_max);
$player->setManaSpent($mana_spent);
$player->setLookBody($look_body);
$player->setLookFeet($look_feet);
$player->setLookHead($look_head);
$player->setLookLegs($look_legs);
$player->setLookType($look_type);
if ($hasLookAddons)
$player->setLookAddons($look_addons);
if ($db->hasColumn('players', 'offlinetraining_time'))
$player->setCustomField('offlinetraining_time', $offlinetraining);
$player->setPosX($pos_x);
$player->setPosY($pos_y);
$player->setPosZ($pos_z);
$player->setSoul($soul);
$player->setTownId($town);
$player->setCap($capacity);
$player->setSex($sex);
$player->setLastLogin($lastlogin);
$player->setLastLogout($lastlogout);
//$player->setLastIP(ip2long($lastip));
$player->setSkull($skull);
$player->setSkullTime($skull_time);
if ($db->hasColumn('players', 'loss_experience')) {
$player->setLossExperience($loss_experience);
$player->setLossMana($loss_mana);
$player->setLossSkills($loss_skills);
$player->setLossContainers($loss_containers);
$player->setLossItems($loss_items);
}
if ($db->hasColumn('players', 'blessings'))
$player->setBlessings($blessings);
if ($hasBlessingColumn) {
for ($i = 1; $i <= $bless_count; $i++) {
$a = 'blessing' . $i;
$player->setCustomField('blessings' . $i, ${'blessing' . $i} ? '1' : '0');
}
}
$player->setBalance($balance);
if ($db->hasColumn('players', 'stamina'))
$player->setStamina($stamina);
if ($db->hasColumn('players', 'deletion'))
$player->setCustomField('deletion', $deleted ? '1' : '0');
else
$player->setCustomField('deleted', $deleted ? '1' : '0');
$player->setCustomField('hidden', $hidden ? '1' : '0');
$player->setCustomField('created', $created);
if (isset($comment))
$player->setCustomField('comment', $comment);
foreach ($_POST['skills'] as $skill => $value) {
$player->setSkill($skill, $value);
}
foreach ($_POST['skills_tries'] as $skill => $value) {
$player->setSkillTries($skill, $value);
}
$player->save();
echo_success('Player saved at: ' . date('G:i'));
}
}
}
$search_name = '';
if (isset($_REQUEST['search_name']))
$search_name = $_REQUEST['search_name'];
else if ($id > 0 && isset($player) && $player->isLoaded())
$search_name = $player->getName();
?>
<div class="row">
<?php
if (isset($player) && $player->isLoaded()) {
$account = $player->getAccount();
?>
<form action="<?php echo $base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post"
class="form-horizontal">
<div class="col-md-8">
<div class="box box-primary">
<div class="box-body">
<div class="nav-tabs-custom">
<ul class="nav nav-tabs">
<li class="active"><a href="#tab_1" data-toggle="tab" aria-expanded="true">Player</a>
</li>
<li class=""><a href="#tab_2" data-toggle="tab" aria-expanded="false">Stats</a></li>
<li class=""><a href="#tab_3" data-toggle="tab" aria-expanded="false">Skills</a></li>
<li class=""><a href="#tab_4" data-toggle="tab" aria-expanded="false">Pos/Look</a></li>
<li class=""><a href="#tab_5" data-toggle="tab" aria-expanded="false">Misc</a></li>
<li class="pull-right"><a
href="<?php echo ADMIN_URL; ?>?p=accounts&search_name=<?php echo $account->getId(); ?>"
class="text-muted"><i class="fa fa-gear" title="Edit Account"></i></a></li>
</ul>
<div class="tab-content">
<div class="tab-pane active" id="tab_1">
<div class="row">
<div class="col-xs-6">
<label for="name" class="control-label">Name</label>
<input type="text" class="form-control" id="name" name="name"
autocomplete="off" style="cursor: auto;"
value="<?php echo $player->getName(); ?>"/>
</div>
<div class="col-xs-6">
<label for="account_id" class="control-label">Account id:</label>
<input type="text" class="form-control" id="account_id" name="account_id"
autocomplete="off" style="cursor: auto;" size="8" maxlength="11"
value="<?php echo $account->getId(); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6 ">
<label for="group" class="control-label">Group:</label>
<select name="group" id="group" class="form-control">
<?php foreach ($groups->getGroups() as $id => $group): ?>
<option value="<?php echo $id; ?>" <?php echo($player->getGroup()->getId() == $id ? 'selected' : ''); ?>><?php echo $group->getName(); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="col-xs-6">
<label for="vocation" class="control-label">Vocation</label>
<select name="vocation" id="vocation" class="form-control">
<?php
foreach ($config['vocations'] as $id => $name) {
echo '<option value=' . $id . ($id == $player->getVocation() ? ' selected' : '') . '>' . $name . '</option>';
}
?>
</select>
</div>
</div>
<div class="row">
<div class="col-xs-6">
<label for="sex" class="control-label">Sex:</label>
<select name="sex" id="sex" class="form-control">>
<?php foreach ($config['genders'] as $id => $sex): ?>
<option value="<?php echo $id; ?>" <?php echo($player->getSex() == $id ? 'selected' : ''); ?>><?php echo strtolower($sex); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="col-xs-6">
<label for="town" class="control-label">Town:</label>
<select name="town" id="town" class="form-control">
<?php foreach ($config['towns'] as $id => $town): ?>
<option value="<?php echo $id; ?>" <?php echo($player->getTownId() == $id ? 'selected' : ''); ?>><?php echo $town; ?></option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="row">
<div class="col-xs-6">
<label for="skull" class="control-label">Skull:</label>
<select name="skull" id="skull" class="form-control">
<?php
$skull_type = array("None", "Yellow", "Green", "White", "Red", "Black", "Orange");
foreach ($skull_type as $id => $s_name) {
echo '<option value=' . $id . ($id == $player->getSkull() ? ' selected' : '') . '>' . $s_name . '</option>';
}
?>
</select>
</div>
<div class="col-xs-6">
<label for="skull_time" class="control-label">Skull time:</label>
<input type="text" class="form-control" id="skull_time" name="skull_time"
autocomplete="off" maxlength="11"
value="<?php echo $player->getSkullTime(); ?>"/>
</div>
</div>
<div class="row">
<?php if ($hasBlessingColumn):
$blesscount = $player->countBlessings();
$bless = $player->checkBlessings($blesscount);
?>
<input type="hidden" name="blesscount" value="<?php echo $blesscount; ?>"/>
<div class="col-xs-6">
<label for="blessings" class="control-label">Blessings:</label>
<div class="checkbox">
<?php
for ($i = 1; $i <= $blesscount; $i++) {
echo '<label><input style="margin-left: -16px;" type="checkbox" name="blessing' . $i . '" id="blessing' . $i . '"
value="true" ' . (($bless[$i - 1] == 1) ? ' checked' : '') . '/>' . $i . '</label>';
}
?>
</div>
</div>
<?php endif; ?>
<?php if ($hasBlessingsColumn): ?>
<div class="col-xs-6">
<label for="blessings" class="control-label">Blessings:</label>
<input type="text" class="form-control" id="blessings" name="blessings"
autocomplete="off" maxlength="11"
value="<?php echo $player->getBlessings(); ?>"/>
</div>
<?php endif; ?>
<div class="col-xs-6">
<label for="balance" class="control-label">Bank Balance:</label>
<input type="text" class="form-control" id="balance" name="balance"
autocomplete="off" maxlength="20"
value="<?php echo $player->getBalance(); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6">
<label for="deleted" class="control-label">Deleted:</label>
<input type="checkbox" name="deleted" id="deleted"
value="true" <?php echo($player->getCustomField($db->hasColumn('players', 'deletion') ? 'deletion' : 'deleted') == '1' ? ' checked' : ''); ?>/>
</div>
<div class="col-xs-6">
<label for="hidden" class="control-label">Hidden:</label>
<input type="checkbox" name="hidden" id="hidden"
value="true" <?php echo($player->isHidden() ? ' checked' : ''); ?>/>
</div>
</div>
</div>
<div class="tab-pane" id="tab_2">
<div class="row">
<div class="col-xs-6 ">
<label for="level" class="control-label">Level:</label>
<input type="text" class="form-control" id="level" name="level"
autocomplete="off"
style="cursor: auto;" value="<?php echo $player->getLevel(); ?>"/>
</div>
<div class="col-xs-6">
<label for="magic_level" class="control-label">Magic level:</label>
<input type="text" class="form-control" id="magic_level" name="magic_level"
autocomplete="off" size="8" maxlength="11" style="cursor: auto;"
value="<?php echo $player->getMagLevel(); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6 ">
<label for="experience" class="control-label">Experience:</label>
<input type="text" class="form-control" id="experience" name="experience"
autocomplete="off"
style="cursor: auto;"
value="<?php echo $player->getExperience(); ?>"/>
</div>
<div class="col-xs-6">
<label for="mana_spent" class="control-label">Mana spent:</label>
<input type="text" class="form-control" id="mana_spent" name="mana_spent"
autocomplete="off"
size="3" maxlength="11" style="cursor: auto;"
value="<?php echo $player->getManaSpent(); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6 ">
<label for="health" class="control-label">Health:</label>
<input type="text" class="form-control" id="health" name="health"
autocomplete="off"
size="5" maxlength="11" style="cursor: auto;"
value="<?php echo $player->getHealth(); ?>"/>
</div>
<div class="col-xs-6">
<label for="health_max" class="control-label">Health max:</label>
<input type="text" class="form-control" id="health_max" name="health_max"
autocomplete="off"
size="5" maxlength="11" style="cursor: auto;"
value="<?php echo $player->getHealthMax(); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6 ">
<label for="mana" class="control-label">Mana:</label>
<input type="text" class="form-control" id="mana" name="mana"
autocomplete="off" size="3"
maxlength="11" style="cursor: auto;"
value="<?php echo $player->getMana(); ?>"/>
</div>
<div class="col-xs-6">
<label for="mana_max" class="control-label">Mana max:</label>
<input type="text" class="form-control" id="mana_max" name="mana_max"
autocomplete="off"
size="3" maxlength="11" style="cursor: auto;"
value="<?php echo $player->getManaMax(); ?>"/>
</div>
</div>
<div class="row">
<div class="col-xs-6">
<label for="capacity" class="control-label">Capacity:</label>
<input type="text" class="form-control" id="capacity" name="capacity"
autocomplete="off"
size="3" maxlength="11" style="cursor: auto;"
value="<?php echo $player->getCap(); ?>"/>
</div>
<div class="col-xs-6 ">
<label for="soul" class="control-label">Soul:</label>
<input type="text" class="form-control" id="soul" name="soul"
autocomplete="off" size="3"
maxlength="10" style="cursor: auto;"
value="<?php echo $player->getSoul(); ?>"/>
</div>
<?php if ($db->hasColumn('players', 'stamina')): ?>
<div class="col-xs-6">
<label for="stamina" class="control-label">Stamina:</label>
<input type="text" class="form-control" id="stamina" name="stamina"
autocomplete="off"
maxlength="20" style="cursor: auto;"
value="<?php echo $player->getStamina(); ?>"/>
</div>
<?php endif; ?>
<?php if ($db->hasColumn('players', 'offlinetraining_time')): ?>
<div class="col-xs-6">
<label for="offlinetraining" class="control-label">Offline Training
Time:</label>
<input type="text" class="form-control" id="offlinetraining"
name="offlinetraining" autocomplete="off"
maxlength="11"
value="<?php echo $player->getCustomField('offlinetraining_time'); ?>"/>
</div>
<?php endif; ?>
</div>
</div>
<div class="tab-pane" id="tab_3">
<?php
$i = 0;
foreach ($skills as $id => $info) {
if ($i == 0 || $i++ == 2) {
$i = 0;
}
echo '
<div class="row">
<div class="col-xs-6 ">
<label for="skills[' . $id . ']" class="control-label">' . $info[0] . '</label>
<input type="text" class="form-control" id="skills[' . $id . ']" name="skills[' . $id . ']" maxlength="10" autocomplete="off" style="cursor: auto;" value="' . $player->getSkill($id) . '"/>
</div>
<div class="col-xs-6">
<label for="skills_tries[' . $id . ']" class="control-label">' . $info[0] . ' tries</label>
<input type="text" class="form-control" id="skills_tries[' . $id . ']" name="skills_tries[' . $id . ']" maxlength="10" autocomplete="off" style="cursor: auto;" value="' . $player->getSkillTries($id) . '"/>
</div>
</div>';
if ($i == 0)
echo '';
}
?>
</div>
<div class="tab-pane" id="tab_4">
<?php $outfit = $config['outfit_images_url'] . '?id=' . $player->getLookType() . ($hasLookAddons ? '&addons=' . $player->getLookAddons() : '') . '&head=' . $player->getLookHead() . '&body=' . $player->getLookBody() . '&legs=' . $player->getLookLegs() . '&feet=' . $player->getLookFeet(); ?>
<div id="imgchar"
style="width:64px;height:64px;position:absolute; top:30px; right:30px"><img id="player_outfit"
style="margin-left:0;margin-top:0px;width:64px;height:64px;"
src="<?php echo $outfit; ?>"
alt="player outfit"/></div>
<?php ?>
<td>Position:</td>
<div class="row">
<div class="col-xs-4">
<label for="pos_x" class="control-label">X:</label>
<input type="text" class="form-control" id="pos_x" name="pos_x"
autocomplete="off"
maxlength="11" style="cursor: auto;"
value="<?php echo $player->getPosX(); ?>"/>
</div>
<div class="col-xs-4">
<label for="pos_y" class="control-label">Y:</label>
<input type="text" class="form-control" id="pos_y" name="pos_y"
autocomplete="off"
maxlength="11" value="<?php echo $player->getPosY(); ?>"/>
</div>
<div class="col-xs-4">
<label for="pos_z" class="control-label">Z:</label>
<input type="text" class="form-control" id="pos_z" name="pos_z"
autocomplete="off"
maxlength="11" value="<?php echo $player->getPosZ(); ?>"/>
</div>
</div>
<td>Look:</td>
<div class="row">
<div class="col-xs-3">
<label for="look_head" class="control-label">Head: <span
id="look_head_val"></span></label>
<input type="range" min="0" max="132"
value="<?php echo $player->getLookHead(); ?>"
class="slider form-control" id="look_head" name="look_head">
</div>
<div class="col-xs-3">
<label for="look_body" class="control-label">Body: <span
id="look_body_val"></span></label>
<input type="range" min="0" max="132"
value="<?php echo $player->getLookBody(); ?>"
class="slider form-control" id="look_body" name="look_body">
</div>
<div class="col-xs-3">
<label for="look_legs" class="control-label">Legs: <span
id="look_legs_val"></span></label>
<input type="range" min="0" max="132"
value="<?php echo $player->getLookLegs(); ?>"
class="slider form-control" id="look_legs" name="look_legs">
</div>
<div class="col-xs-3">
<label for="look_feet" class="control-label">Feet: <span
id="look_feet_val"></span></label>
<input type="range" min="0" max="132"
value="<?php echo $player->getLookFeet(); ?>"
class="slider form-control" id="look_feet" name="look_feet">
</div>
</div>
<div class="row">
<div class="col-xs-6">
<label for="look_type" class="control-label">Type:</label>
<input type="text" class="form-control" id="look_type" name="look_type"
autocomplete="off"
maxlength="11" style="cursor: auto;"
value="<?php echo $player->getLookType(); ?>"/>
</div>
<?php if ($hasLookAddons): ?>
<div class="col-xs-6">
<label for="look_addons" class="control-label">Addons:</label>
<input type="text" class="form-control" id="look_addons"
name="look_addons" autocomplete="off"
maxlength="11" value="<?php echo $player->getLookAddons(); ?>"/>
</div>
<?php endif; ?>
</div>
</div>
<div class="tab-pane" id="tab_5">
<div class="row">
<div class="col-xs-6">
<label for="created" class="control-label">Created:</label>
<input type="text" class="form-control" id="created" name="created"
autocomplete="off"
maxlength="10"
value="<?php echo $player->getCustomField('created'); ?>"/>
</div>
<div class="col-xs-6">
<label for="lastlogin" class="control-label">Last login:</label>
<input type="text" class="form-control" id="lastlogin" name="lastlogin"
autocomplete="off"
maxlength="20" value="<?php echo $player->getLastLogin(); ?>"/>
</div>
<div class="col-xs-6">
<label for="lastlogout" class="control-label">Last logout:</label>
<input type="text" class="form-control" id="lastlogout" name="lastlogout"
autocomplete="off"
maxlength="20" value="<?php echo $player->getLastLogout(); ?>"/>
</div>
<div class="col-xs-6">
<label for="lastip" class="control-label">Last IP:</label>
<input type="text" class="form-control" id="lastip" name="lastip"
autocomplete="off"
maxlength="10" value="<?php
if (strlen($player->getLastIP()) > 11) {
echo inet_ntop($player->getLastIP());
}
else {
echo longToIp($player->getLastIP());
}
?>"
readonly/>
</div>
</div>
<?php if ($db->hasColumn('players', 'loss_experience')): ?>
<div class="row">
<div class="col-xs-6">
<label for="loss_experience" class="control-label">Experience
Loss:</label>
<input type="text" class="form-control" id="loss_experience"
name="loss_experience" autocomplete="off"
maxlength="11"
value="<?php echo $player->getLossExperience(); ?>"/>
</div>
<div class="col-xs-6">
<label for="loss_mana" class="control-label">Mana Loss:</label>
<input type="text" class="form-control" id="loss_mana"
name="loss_mana" autocomplete="off"
maxlength="11" value="<?php echo $player->getLossMana(); ?>"/>
</div>
<div class="col-xs-6">
<label for="loss_skills" class="control-label">Skills Loss:</label>
<input type="text" class="form-control" id="loss_skills"
name="loss_skills" autocomplete="off"
maxlength="11" value="<?php echo $player->getLossSkills(); ?>"/>
</div>
<div class="col-xs-6">
<label for="loss_containers" class="control-label">Containers
Loss:</label>
<input type="text" class="form-control" id="loss_containers"
name="loss_containers" autocomplete="off"
maxlength="11"
value="<?php echo $player->getLossContainers(); ?>"/>
</div>
<div class="col-xs-6">
<label for="loss_items" class="control-label">Items Loss:</label>
<input type="text" class="form-control" id="loss_items"
name="loss_items" autocomplete="off"
maxlength="11" value="<?php echo $player->getLossItems(); ?>"/>
</div>
</div>
<?php endif; ?>
<div class="row">
<div class="col-xs-12">
<label for="comment" class="control-label">Comment:</label>
<textarea class="form-control" name="comment" rows="10" cols="50"
wrap="virtual"><?php echo $player->getCustomField("comment"); ?></textarea>
<small>[max.
length: 2000 chars, 50 lines (ENTERs)]
</small>
</div>
</div>
</div>
</div>
</div>
</div>
<input type="hidden" name="save" value="yes"/>
<div class="box-footer">
<a href="<?php echo ADMIN_URL; ?>?p=players"><span class="btn btn-danger">Cancel</span></a>
<div class="pull-right">
<input type="submit" class="btn btn-primary" value="Update">
</div>
</div>
</div>
</div>
</form>
<?php } ?>
<div class="col-md-4">
<div class="box box-primary">
<div class="box-header with-border">
<h3 class="box-title">Search Player:</h3>
<div class="box-tools pull-right">
<button type="button" class="btn btn-box-tool" data-widget="collapse"><i class="fa fa-minus"></i>
</button>
</div>
</div>
<div class="box-body">
<form action="<?php echo $base; ?>" method="post">
<div class="input-group input-group-sm">
<input type="text" class="form-control" name="search_name" value="<?php echo escapeHtml($search_name); ?>"
maxlength="32" size="32">
<span class="input-group-btn">
<button type="submit" type="button" class="btn btn-info btn-flat">Search</button>
</span>
</div>
</form>
</div>
</div>
<?php
if (isset($account) && $account->isLoaded()) {
$account_players = array();
$query = $db->query('SELECT `name`,`level`,`vocation` FROM `players` WHERE `account_id` = ' . $account->getId() . ' ORDER BY `name`')->fetchAll();
if (isset($query)) {
?>
<div class="box">
<div class="box-header">
<h3 class="box-title">Character List:</h3>
</div>
<div class="box-body no-padding">
<table class="table table-striped">
<tbody>
<tr>
<th style="width: 10px">#</th>
<th>Name</th>
<th>Level</th>
<th style="width: 40px">Edit</th>
</tr>
<?php
$i = 1;
foreach ($query as $p) {
$account_players[] = $p;
echo '<tr>
<td>' . $i . '.</td>
<td>' . $p['name'] . '</td>
<td>' . $p['level'] . '</td>
<td><a href="?p=players&search_name=' . $p['name'] . '"><span class="btn btn-success btn-sm edit btn-flat"><i class="fa fa-edit"></i></span></a></span></td>
</tr>';
$i++;
} ?>
</tbody>
</table>
</div>
</div>
<?php
};
};
?>
</div>
<script type="text/javascript">
$('#lastlogin').datetimepicker({
format: 'unixtime'
});
$('#lastlogout').datetimepicker({
format: 'unixtime'
});
$('#created').datetimepicker({
format: 'unixtime'
});
var slider_head = document.getElementById("look_head");
var output_head = document.getElementById("look_head_val");
var slider_body = document.getElementById("look_body");
var output_body = document.getElementById("look_body_val");
var slider_legs = document.getElementById("look_legs");
var output_legs = document.getElementById("look_legs_val");
var slider_feet = document.getElementById("look_feet");
var output_feet = document.getElementById("look_feet_val");
output_head.innerHTML = slider_head.value;
output_body.innerHTML = slider_body.value;
output_legs.innerHTML = slider_legs.value;
output_feet.innerHTML = slider_feet.value;
slider_head.oninput = function () {
output_head.innerHTML = this.value;
}
slider_body.oninput = function () {
output_body.innerHTML = this.value;
}
slider_legs.oninput = function () {
output_legs.innerHTML = this.value;
}
slider_feet.oninput = function () {
output_feet.innerHTML = this.value;
}
$('#look_head').change(function() {updateOutfit()});
$('#look_body').change(function() {updateOutfit()});
$('#look_legs').change(function() {updateOutfit()});
$('#look_feet').change(function() {updateOutfit()});
$('#look_type').change(function() {updateOutfit()});
<?php if($hasLookAddons): ?>
$('#look_addons').change(function() {updateOutfit()});
<?php endif; ?>
function updateOutfit()
{
var look_head = $('#look_head').val();
var look_body = $('#look_body').val();
var look_legs = $('#look_legs').val();
var look_feet = $('#look_feet').val();
var look_type = $('#look_type').val();
var look_addons = '';
<?php if($hasLookAddons): ?>
look_addons = '&addons=' + $('#look_addons').val();
<?php endif; ?>
new_outfit = '<?= $config['outfit_images_url']; ?>?id=' + look_type + look_addons + '&head=' + look_head + '&body=' + look_body + '&legs=' + look_legs + '&feet=' + look_feet;
$("#player_outfit").attr("src", new_outfit);
console.log(new_outfit);
}
</script>

61
admin/pages/reports.php
View File

@@ -1,61 +0,0 @@
<?php
/**
* Reports
*
* @package MyAAC
* @author Lee
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Report Viewer';
$files = array();
$server_path_reports = $config['data_path'] . 'reports/';
if (file_exists($server_path_reports)) {
foreach (scandir($server_path_reports, SCANDIR_SORT_ASCENDING) as $f) {
if ($f[0] === '.') {
continue;
}
if (is_dir($server_path_reports . $f)) {
foreach (scandir($server_path_reports . $f, SCANDIR_SORT_ASCENDING) as $f2) {
if ($f2[0] === '.') {
continue;
}
$files[] = array($f . '/' . $f2, $server_path_reports);
}
continue;
}
$files[] = array($f, $server_path_reports);
}
}
foreach ($files as &$f) {
$f['mtime'] = filemtime($f[1] . $f[0]);
$f['name'] = $f[0];
}
unset($f);
$twig->display('admin.reports.html.twig', array('files' => $files));
$file = isset($_GET['file']) ? $_GET['file'] : NULL;
if (!empty($file)) {
if (!preg_match('/[^A-z0-9\' _\/\-\.]/', $file)) {
if (file_exists($server_path_reports . $file)) {
$content = nl2br(file_get_contents($server_path_reports . $file));
$twig->display('admin.logs.view.html.twig', array('file' => $file, 'content' => $content));
} else {
echo 'Specified file does not exist.';
}
} else {
echo 'Invalid file name specified.';
}
}

163
admin/template/style.css
View File

@@ -1,44 +1,147 @@
.slidecontainer {
width: 100%;
*{
margin:0;
padding:0;
}
body {
font-family: Helvetica;
color: #313334;
background: /*#f9f9f9 #EEEEEE*/#F7F6F1;
}
.slider {
-webkit-appearance: none;
width: 100%;
img {border: none;}
outline: none;
opacity: 0.7;
-webkit-transition: .2s;
transition: opacity .2s;
a:link {color: #000; text-decoration: none;}
a:visited {color: #000; text-decoration: none;}
a:focus {color: #000; text-decoration: none;}
a:active {color: #000; text-decoration: underline;}
a:hover {color: #000; text-decoration: underline;}
a.current {font-weight: bold;}
h5.blue {color: #6b7b95;}
h5.red {color: #c17878;}
h5.green {color: #78ba91;}
h5.purple {color: #a87aad;}
h1, h2, h3, h4, h5, h6 {color: #313334; font-weight: bold;}
.separator {color:#BCE}
.margin-left{
margin-left:5px;
}
.slider:hover {
opacity: 1;
.button { background:#eee repeat-x 0 0; border:solid 1px #b1a874; color:#7f7f7f; font-size:11px; padding:2px 6px 2px 6px; cursor:pointer; line-height:14px !important; }
.button:hover { color:#333; border-color:#857b42; }
.field, .button { -moz-border-radius:4px; -webkit-border-radius:4px; }
.small-field, .button, .pagging a { -moz-border-radius:3px; -webkit-border-radius:3px; }
.table th {
background-color: #4CAF50;
color: white;
text-align: left;
}
.slider::-webkit-slider-thumb {
-webkit-appearance: none;
appearance: none;
width: 15px;
height: 25px;
background: #3c8dbc;
cursor: pointer;
.table, .table td, .table th{
border: 1px solid #ddd;
}
.slider::-moz-range-thumb {
width: 25px;
height: 25px;
background: #3c8dbc;
cursor: pointer;
}
.table th a:link {color: white; text-decoration: none;}
.table th a:link {color: white; text-decoration: none;}
.table th a:visited {color: white; text-decoration: none;}
.table th a:focus {color: white; text-decoration: none;}
.table th a:active {color: white; text-decoration: underline;}
.table th a:hover {color: white; text-decoration: underline;}
td.details-control {
.table tr:nth-child(odd) {background-color: #d1d1d1}
a.ico { color:#9d9c9a; font-size:10px; text-decoration: none; padding:0 0 0 14px; background-repeat:no-repeat; background-position:0 0; }
a.ico:hover { color:#333;}
#container{
width:960px;
margin-left:auto;
margin-right:auto;
}
#header {
/*width: 960px;*/
padding-left: auto;
padding-right: auto;
border-bottom: 1px dotted black;
margin-top: 40px;
}
#header h1 {
margin: 0;
padding-top: 20px;
text-align: center;
color: forestgreen;
cursor: pointer;
}
tr.shown td.details-control {
#sidebar{
background: #FFF;
width: 170px;
float: left;
margin: 10px 0 10px 0;
padding: 10px;
border: 1px solid #CCC;
}
#content {
width: 740px;
float: right;
margin: 20px 0 10px 0;
padding: 10px;
}
#footer {
margin-top: 20px;
border-top: 1px dotted black;
text-align: center;
color: red;
clear: both;
}
/*********************
Sidebar
*********************/
#sidebar ul{
list-style:none;
line-height:22px;
}
#sidebar ul li a,#sidebar ul li a:visited{
padding-left:19px;
text-decoration:none;
margin:0 3px;
display:block;
}
#sidebar ul li a:hover{
text-decoration:underline;
}
#sidebar ul li ul{
margin-left:10px;
}
#sidebar h3{
padding:2px;
font-size:14px;
}
/*********************
Status & version boxes
*********************/
#status {
position: absolute; top: 10px; left: 10px;
margin: 0px;
float: right;
font-size: 12px;
}
#status .success {
margin: 0px;
}
#version {
position: absolute; top: 10px; right: 10px;
float: right;
text-align: right;
font-size: 12px;
}
/*********************
Infobox
*********************/
#infobox{
border:1px solid #e9e8e3;
}
#infobox h3{
background:#f7f6f1;
border-bottom:1px solid #e9e8e3;
color:#654322;
}

313
admin/template/template.php
View File

@@ -1,229 +1,110 @@
<?php defined('MYAAC') or die('Direct access not allowed!'); ?>
<!DOCTYPE html>
<html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<?php echo template_header(true);
$title_full = (isset($title) ? $title . $config['title_separator'] : '') . $config['lua']['serverName'];
?>
<title><?php echo $title_full ?></title>
<link rel="shortcut icon" href="<?php echo BASE_URL; ?>images/favicon.ico" type="image/x-icon" />
<link rel="icon" href="<?php echo BASE_URL; ?>images/favicon.ico" type="image/x-icon" />
<meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/bootstrap.min.css">
<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/AdminLTE.min.css">
<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/skins/skin-blue.min.css">
<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/font-awesome.min.css">
<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/ionicons.min.css">
<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/jquery.dataTables.min.css">
<link rel="stylesheet" type="text/css" href="<?php echo $template_path; ?>style.css"/>
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
<link rel="stylesheet"
href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic">
<?php echo template_header(true); ?>
<title><?php echo $title . $config['title_separator'] . $config['lua']['serverName']; ?> - Powered by MyAAC</title>
<link rel="stylesheet" type="text/css" href="<?php echo $template_path; ?>style.css" />
</head>
<body class="hold-transition skin-blue sidebar-mini">
<div class="wrapper">
<?php
if ($logged && admin()) {
?>
<header class="main-header">
<a href="." class="logo">
<span class="logo-mini"><b>M</b>A</span>
<span class="logo-lg"><b>My</b>AAC</span>
</a>
<nav class="navbar navbar-static-top" role="navigation">
<a href="#" class="sidebar-toggle" data-toggle="push-menu" role="button">
<span class="sr-only">Toggle navigation</span>
</a>
<div class="navbar-custom-menu">
<ul class="nav navbar-nav">
<li>
<a href="#" data-toggle="control-sidebar"><i class="fa fa-gears"></i></a>
</li>
</ul>
</div>
</nav>
</header>
<aside class="main-sidebar">
<section class="sidebar">
<ul class="sidebar-menu" data-widget="tree">
<li class="header">MyAAC</li>
<?php
$icons_a = array(
'dashboard','newspaper-o', 'envelope',
'book', 'list',
'plug', 'user',
'edit', 'gavel',
'wrench', 'edit', 'book', 'book',
);
$menus = array(
'Dashboard' => 'dashboard',
'News' => 'news',
'Mailer' => 'mailer',
'Pages' => 'pages',
'Menus' => 'menus',
'Plugins' => 'plugins',
'Visitors' => 'visitors',
'Editor' => array(
'Accounts' => 'accounts',
'Players' => 'players',
),
'Items' => 'items',
'Tools' => array(
'Notepad' => 'notepad',
'phpinfo' => 'phpinfo',
),
'Logs' => array(
'Logs' => 'logs',
'Reports' => 'reports',
),
);
$i = 0;
foreach ($menus as $_name => $_page) {
$has_child = is_array($_page);
if (!$has_child) {
echo '<li ';
if ($page == $_page) echo ' class="active"';
echo ">";
echo '<a href="?p=' . $_page . '"><i class="fa fa-' . (isset($icons_a[$i]) ? $icons_a[$i] : 'link') . '"></i> <span>' . $_name . '</span></a></li>';
}
if ($has_child) {
$used_menu = "";
$nav_construct = '';
foreach ($_page as $__name => $__page) {
$nav_construct = $nav_construct . '<li';
if ($page == $__page) {
$nav_construct = $nav_construct . ' class="active"';
$used_menu = true;
}
$nav_construct = $nav_construct . '><a href="?p=' . $__page . '"><i class="fa fa-circle-o"></i> ' . $__name . '</a></li>';
}
echo '<li class="treeview' . (($used_menu) ? ' menu-open' : '') . '">
<a href="#"><i class="fa fa-' . (isset($icons_a[$i]) ? $icons_a[$i] : 'link') . '"></i> <span>' . $_name . '</span>
<span class="pull-right-container"><i class="fa fa-angle-left pull-right"></i></span></a>
<ul class="treeview-menu" style="' . (($used_menu) ? ' display: block' : ' display: none') . '">';
echo $nav_construct;
echo '</ul>
</li>';
}
$i++;
}
$query = $db->query('SELECT `name`, `page`, `flags` FROM `' . TABLE_PREFIX . 'admin_menu` ORDER BY `ordering`');
$menu_db = $query->fetchAll();
foreach ($menu_db as $item) {
if ($item['flags'] == 0 || hasFlag($item['flags'])) {
echo '<li ';
if ($page == $item['page']) echo ' class="active"';
echo ">";
echo '<a href="?p=' . $item['page'] . '"><i class="fa fa-link"></i> <span>' . $item['name'] . '</span></a></li>';
}
}
?>
</ul>
</section>
</aside>
<div class="content-wrapper">
<section class="content-header">
<h1><?php echo(isset($title) ? $title : ''); ?>
<small> - Admin Panel</small>
<div class="pull-right">
<span class="label label-<?php echo(($status['online']) ? 'success' : 'danger'); ?>"><?php echo $config['lua']['serverName'] ?></span>
</div>
</h1>
</section>
<section class="content">
<?php echo $content; ?>
</section>
</div>
<footer class="main-footer">
<div class="pull-right hidden-xs">
<body>
<?php if($page != 'tools'): ?>
<div id="container">
<div id="header">
<?php if($logged && admin()): ?>
<div id="status">
<?php if ($status['online']): ?>
<p class="success" style="width: 120px; text-align: center;">Server Online</p>
<?php if($status['online']): ?>
<p class="success" style="width: 120px; text-align: center;">Status: Online<br/>
<?php echo $status['uptimeReadable'] . ', ' . $status['players'] . '/' . $status['playersMax']; ?><br/>
<?php echo $config['lua']['ip'] . ' : ' . $config['lua']['loginPort']; ?>
</p>
<?php else: ?>
<p class="error" style="width: 120px; text-align: center;">Server Offline</p>
<p class="error" style="width: 120px; text-align: center;">Status: Offline</p>
<?php endif; ?>
</div>
<div id="version">Version: <?php echo MYAAC_VERSION; ?> (<a id="update" href="?p=version">Check for updates</a>)<br/>
Logged in as: <b><?php echo (USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()); ?></b><br/>
<a href="<?php echo BASE_URL; ?>" target="_blank">Preview</a> <span class="separator">|</span> <a href="?action=logout">Log out<img src="<?php echo BASE_URL; ?>images/icons/logout.png" alt="" title="Log out" /></a>
</div>
<?php endif; ?>
<h1><?php echo $config['lua']['serverName'] . (isset($title) ? ' - ' . $title : ''); ?> - Admin Panel</h1>
</div>
<?php echo base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4='); ?>
</footer>
<div id="wrapper">
<?php
if($logged && admin()) {
?>
<div id="sidebar">
<ul>
<?php
$menus = array(
'Dashboard' => 'dashboard',
'Mailer' => 'mailer',
'Pages' => 'pages',
'Menus' => 'menus',
'Plugins' => 'plugins',
'Statistics' => 'statistics',
'Visitors' => 'visitors',
'Players' => 'players',
'Items' => 'items',
'Tools' => array(
'phpinfo' => 'phpinfo'
),
'Notepad' => 'notepad',
'Logs' => 'logs'
);
<aside class="control-sidebar control-sidebar-dark">
<ul class="nav nav-tabs nav-justified control-sidebar-tabs">
<li class="active"><a href="#control-sidebar-home-tab" data-toggle="tab"><i class="fa fa-home"></i></a></li>
<li><a href="#control-sidebar-settings-tab" data-toggle="tab"><i class="fa fa-gears"></i></a></li>
</ul>
<div class="tab-content">
<div class="tab-pane active" id="control-sidebar-home-tab">
<h3 class="control-sidebar-heading">Account</h3>
<ul class="control-sidebar-menu">
<li>
<a href="?action=logout">
<i class="menu-icon fa fa-sign-out bg-red"></i>
<div class="menu-info">
<h4 class="control-sidebar-subheading">Log out</h4>
<p>This will log you out
of <?php echo(USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()); ?></p>
</div>
</a>
</li>
</ul>
<h3 class="control-sidebar-heading">Site</h3>
<ul class="control-sidebar-menu">
<li>
<a href="<?php echo BASE_URL; ?>" target="_blank">
<i class="menu-icon fa fa-eye bg-blue"></i>
<div class="menu-info">
<h4 class="control-sidebar-subheading">Preview</h4>
<p>This will open a new tab</p>
</div>
</a>
</li>
$i = 0;
foreach($menus as $_name => $_page) {
//echo '<a ' . ($page == $_page ? ' class="current"' : '') . 'href="?p=' . $_page . '">' . $_name . '</a>';
echo '<li><h3>';
$has_child = is_array($_page);
if(!$has_child) {
echo '<a href="?p=' . $_page . '">';
if($page == $_page) echo '<u>';
echo $_name;
if($page == $_page) echo '</u>';
echo '</a>';
}
else
echo $_name;
echo '</h3>';
if($has_child) {
echo '<ul>';
foreach($_page as $__name => $__page)
echo '<li><a href="?p=' . $__page . '">';
if($page == $__page) echo '<u>';
echo $__name;
if($page == $__page) echo '</u>';
echo '</a></li>';
echo '</ul>';
}
echo '</li>';
}
$query = $db->query('SELECT `name`, `page`, `flags` FROM `' . TABLE_PREFIX . 'admin_menu` ORDER BY `ordering`');
$menu_db = $query->fetchAll();
foreach($menu_db as $item) {
if($item['flags'] == 0 || hasFlag($item['flags'])) {
echo '<li><h3>
<a href="?p=' . $item['page'] . '">';
if($page == $item['page']) echo '<u>';
echo $item['name'];
if($page == $item['page']) echo '</u>';
echo '</a></h3></li>';
}
}
?>
</ul>
</div>
<div class="tab-pane" id="control-sidebar-settings-tab">
<form method="post">
<h3 class="control-sidebar-heading">Version</h3>
<div class="form-group">
<label class="control-sidebar-subheading">
<?php echo MYAAC_VERSION; ?> (<a href="?p=version">Check for updates</a>)<br/>
</label>
<label class="control-sidebar-subheading">
<p><a href="https://github.com/slawkens/myaac" target="_blank">Github</a></p>
</div>
</form>
</div>
<?php
}
?>
<div id="content"><?php echo $content; ?></div>
</div>
</aside>
<div class="control-sidebar-bg"></div>
</div>
<?php }
if (!$logged && !admin()) {
echo $content;
}
?>
<script src="<?php echo BASE_URL; ?>tools/js/bootstrap.min.js"></script>
<script src="<?php echo BASE_URL; ?>tools/js/jquery-ui.min.js"></script>
<script src="<?php echo BASE_URL; ?>tools/js/jquery.dataTables.min.js"></script>
<script src="<?php echo BASE_URL; ?>tools/js/adminlte.min.js"></script>
<div id="footer">
<?php echo base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4='); ?>
</div>
</div>
<?php endif; ?>
</body>
</html>
</html>

11
admin/tools/phpinfo.php
View File

@@ -1,10 +1,8 @@
<?php
define('MYAAC_ADMIN', true);
require '../../common.php';
require SYSTEM . 'functions.php';
require SYSTEM . 'init.php';
require SYSTEM . 'login.php';
require('../../common.php');
require(SYSTEM . 'functions.php');
require(SYSTEM . 'init.php');
require(SYSTEM . 'login.php');
if(!admin())
die('Access denied.');
@@ -13,3 +11,4 @@ if(!function_exists('phpinfo'))
die('phpinfo() disabled on this web server.');
phpinfo();
?>

12
admin/tools/status.php
View File

@@ -1,11 +1,9 @@
<?php
define('MYAAC_ADMIN', true);
require '../../common.php';
require SYSTEM . 'init.php';
require SYSTEM . 'functions.php';
require SYSTEM . 'status.php';
require SYSTEM . 'login.php';
require('../../common.php');
require(SYSTEM . 'init.php');
require(SYSTEM . 'functions.php');
require(SYSTEM . 'status.php');
require(SYSTEM . 'login.php');
if(!admin())
die('Access denied.');

51
common.php
View File

@@ -20,18 +20,17 @@
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
* @copyright 2017 MyAAC
* @link http://my-aac.org
*/
if (version_compare(phpversion(), '7.2.5', '<')) die('PHP version 7.2.5 or higher is required.');
session_start();
define('MYAAC', true);
define('MYAAC_VERSION', '0.8.17');
define('DATABASE_VERSION', 33);
define('MYAAC_VERSION', '0.7.12');
define('DATABASE_VERSION', 22);
define('TABLE_PREFIX', 'myaac_');
define('START_TIME', microtime(true));
define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
define('IS_CLI', in_array(php_sapi_name(), ['cli', 'phpdb']));
define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX'));
// account flags
define('FLAG_ADMIN', 1);
@@ -47,7 +46,6 @@ define('FLAG_CONTENT_GALLERY', 512);
define('FLAG_CONTENT_VIDEOS', 1024);
define('FLAG_CONTENT_FAQ', 2048);
define('FLAG_CONTENT_MENUS', 4096);
define('FLAG_CONTENT_PLAYERS', 8192);
// news
define('NEWS', 1);
@@ -55,7 +53,7 @@ define('TICKER', 2);
define('ARTICLE', 3);
// directories
define('BASE', __DIR__ . '/');
define('BASE', dirname(__FILE__) . '/');
define('ADMIN', BASE . 'admin/');
define('SYSTEM', BASE . 'system/');
define('CACHE', SYSTEM . 'cache/');
@@ -85,43 +83,26 @@ define('TFS_03', 4);
define('TFS_FIRST', TFS_02);
define('TFS_LAST', TFS_03);
if (!IS_CLI) {
session_save_path(SYSTEM . 'php_sessions');
session_start();
}
// basedir
$basedir = '';
$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
$size = count($tmp) - 1;
$size = sizeof($tmp) - 1;
for($i = 1; $i < $size; $i++)
$basedir .= '/' . $tmp[$i];
$basedir = str_replace(array('/admin', '/install', '/tools'), '', $basedir);
$basedir = str_replace('/admin', '', $basedir);
$basedir = str_replace('/install', '', $basedir);
define('BASE_DIR', $basedir);
if (file_exists(BASE . 'config.local.php') && !defined('MYAAC_INSTALL')) {
require BASE . 'config.local.php';
}
if(isset($_SERVER['HTTP_HOST'])) {
if (isset($_SERVER['HTTPS'][0]) && $_SERVER['HTTPS'] == 'on')
define('SERVER_URL', 'https://' . $_SERVER['HTTP_HOST']);
else
define('SERVER_URL', 'http://' . $_SERVER['HTTP_HOST']);
if(!IS_CLI) {
if (isset($_SERVER['HTTP_HOST'][0])) {
$baseHost = $_SERVER['HTTP_HOST'];
} else {
if (isset($_SERVER['SERVER_NAME'][0])) {
$baseHost = $_SERVER['SERVER_NAME'];
} else {
$baseHost = $_SERVER['SERVER_ADDR'];
}
}
define('SERVER_URL', 'http' . (isset($_SERVER['HTTPS'][0]) && strtolower($_SERVER['HTTPS']) === 'on' ? 's' : '') . '://' . $baseHost);
define('BASE_URL', SERVER_URL . BASE_DIR . '/');
define('ADMIN_URL', SERVER_URL . BASE_DIR . '/admin/');
//define('CURRENT_URL', BASE_URL . $_SERVER['REQUEST_URI']);
if(@$config['env'] === 'dev') {
require SYSTEM . 'exception.php';
}
}
require SYSTEM . 'autoload.php';
?>

3
config.local.php Normal file
View File

@@ -0,0 +1,3 @@
<?php
// place for your configuration directives, so you can later easily update myaac
?>

127
config.php
View File

@@ -12,25 +12,14 @@
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
* @copyright 2017 MyAAC
* @link http://my-aac.org
*/
$config = array(
// directories & files
'server_path' => '', // path to the server directory (same directory where config file is located)
/**
* Environment Setting
*
* if you use this script on your live server - set to 'prod' (production)
* if you want to test and debug the script locally, or develop plugins, set to 'dev' (development)
* WARNING: on 'dev' cache is disabled, so site will be significantly slower !!!
* WARNING2: on 'dev' all PHP errors/warnings are displayed
* Recommended: 'prod' cause of speed (page load time is better)
*/
'env' => 'prod', // 'prod' for production and 'dev' for development
'template' => 'kathrine', // template used by website (kathrine, tibiacom)
'template_allow_change' => true, // allow users to choose their own template while browsing website?
@@ -41,7 +30,7 @@ $config = array(
'client' => 1098, // 954 = client 9.54
'session_prefix' => 'myaac_', // must be unique for every site on your server
'friendly_urls' => false, // mod_rewrite is required for this, it makes links looks more elegant to eye, and also are SEO friendly (example: https://my-aac.org/guilds/Testing instead of https://my-aac.org/?subtopic=guilds&name=Testing). Remember to rename .htaccess.dist to .htaccess
'friendly_urls' => false, // mod_rewrite is required for this, it makes links looks more elegant to eye, and also are SEO friendly (example: http://my-aac.org/guilds/Testing instead of http://my-aac.org/?subtopic=guilds&name=Testing). Remember to rename .htaccess.dist to .htaccess
'gzip_output' => false, // gzip page content before sending it to the browser, uses less bandwidth but more cpu cycles
// gesior backward support (templates & pages)
@@ -57,6 +46,8 @@ $config = array(
// footer
'footer' => ''/*'<br/>Your Server &copy; 2016. All rights reserved.'*/,
'debug_level' => 0, // 0 - disabled, 1 - show load time, 2 - show db query counter, 3 - both, 4 - memory usage, 5 - load time & memory usage, 6 - queries & memory usage, 7 - all
'language' => 'en', // default language (currently only 'en' available)
'language_allow_change' => false,
@@ -65,7 +56,7 @@ $config = array(
'views_counter' => true,
// cache system. by default file cache is used
'cache_engine' => 'auto', // apc, apcu, eaccelerator, xcache, file, auto, or blank to disable.
'cache_engine' => 'auto', // apc, eaccelerator, xcache, file, auto, or blank to disable.
'cache_prefix' => 'myaac_', // have to be unique if running more MyAAC instances on the same server (except file system cache)
// database details (leave blank for auto detect from config.lua)
@@ -74,9 +65,6 @@ $config = array(
'database_user' => '',
'database_password' => '',
'database_name' => '',
'database_log' => false, // should database queries be logged and and saved into system/logs/database.log?
'database_socket' => '', // set if you want to connect to database through socket (example: /var/run/mysqld/mysqld.sock)
'database_persistent' => false, // use database permanent connection (like server), may speed up your site
// multiworld system (only TFS 0.3)
'multiworld' => false, // use multiworld system?
@@ -86,21 +74,12 @@ $config = array(
),
// images
'outfit_images_url' => 'https://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
'item_images_url' => 'https://item-images.ots.me/1092/', // set to images/items if you host your own items in images folder
'outfit_images_url' => 'http://outfit-images.ots.me/outfit.php', // set to animoutfit.php for animated outfit
'item_images_url' => 'http://item-images.ots.me/1092/', // set to images/items if you host your own items in images folder
// account
'account_management' => true, // disable if you're using other method to manage users (fe. tfs account manager)
'account_create_auto_login' => false, // auto login after creating account?
'account_create_character_create' => true, // allow directly to create character on create account page?
'account_mail_verify' => false, // force users to confirm their email addresses when registering
'account_mail_confirmed_reward' => [ // reward users for confirming their E-Mails
// account_mail_verify needs to be enabled too
'premium_days' => 0,
'premium_points' => 0,
'coins' => 0,
'message' => 'You received %d %s for confirming your E-Mail address.' // example: You received 20 premium points for confirming your E-Mail address.
],
'account_mail_verify' => false, // force users to confirm their email addresses when registering account
'account_mail_unique' => true, // email addresses cannot be duplicated? (one account = one email)
'account_premium_days' => 0, // default premium days on new account
'account_premium_points' => 0, // default premium points on new account
@@ -119,17 +98,16 @@ $config = array(
'mail_address' => 'no-reply@your-server.org', // server e-mail address (from:)
'mail_admin' => 'your-address@your-server.org', // admin email address, where mails from contact form will be sent
'mail_signature' => array( // signature that will be included at the end of every message sent using _mail function
'plain' => ""/*"--\nMy Server,\nhttp://www.myserver.com"*/,
'plain' => ''/*'--\nMy Server,\nhttp://www.myserver.com'*/,
'html' => ''/*'<br/>My Server,\n<a href="http://www.myserver.com">myserver.com</a>'*/
),
'smtp_enabled' => false, // send by smtp or mail function (set false if use mail function, set to true if you use GMail or Microsoft Outlook)
'smtp_host' => '', // mail host. smtp.gmail.com for GMail / smtp-mail.outlook.com for Microsoft Outlook
'smtp_port' => 25, // 25 (default) / 465 (ssl, GMail) / 587 (tls, Microsoft Outlook)
'smtp_enabled' => false, // send by smtp or mail function (set false if use mail function)
'smtp_host' => '', // mail host
'smtp_port' => 25, // 25 (default) / 465 (ssl, e.g. gmail)
'smtp_auth' => true, // need authorization?
'smtp_user' => 'admin@example.org', // here your email username
'smtp_user' => 'admin@example.org',
'smtp_pass' => '',
'smtp_secure' => '', // What kind of encryption to use on the SMTP connection. Options: '', 'ssl' (GMail) or 'tls' (Microsoft Outlook)
'smtp_debug' => false, // set true to debug (you will see more info in error.log)
'smtp_secure' => '', // What kind of encryption to use on the SMTP connection. Options: '', 'ssl' or 'tls', use 'ssl' for gmail
// reCAPTCHA (prevent spam bots)
'recaptcha_enabled' => false, // enable recaptcha verification code
@@ -148,7 +126,7 @@ $config = array(
0 => 'Female',
1 => 'Male'
),
// new character config
'character_samples' => array( // vocations, format: ID_of_vocation => 'Name of Character to copy'
//0 => 'Rook Sample',
@@ -158,22 +136,11 @@ $config = array(
4 => 'Knight Sample'
),
'use_character_sample_skills' => false,
// it must show limited number of players after using search in character page
'characters_search_limit' => 15,
// town list used when creating character
// won't be displayed if there is only one item (rookgaard for example)
'character_towns' => array(1),
// characters length
// This is the minimum and the maximum length that a player can create a character. It is highly recommend the maximum length to be 21.
'character_name_min_length' => 4,
'character_name_max_length' => 21,
// list of towns
// if you use TFS 1.3 with support for 'towns' table in database, then you can ignore this - it will be configured automatically (generated from your .OTBM map)
'towns' => array(
0 => 'No town',
1 => 'Sample town'
@@ -188,6 +155,13 @@ $config = array(
'guild_description_lines_limit' => 6, // limit of lines, if description has more lines it will be showed as long text, without 'enters'
'guild_motd_chars_limit' => 150, // limit of MOTD (message of the day) that is shown later in the game on the guild channel
'quests' => array(), // quests list (displayed in character view), name => storage
'signature_enabled' => true,
'signature_type' => 'tibian', // signature engine to use: tibian, mango, gesior
'signature_cache_time' => 5, // how long to store cached file (in minutes), default 5 minutes
'signature_browser_cache' => 60, // how long to cache by browser (in minutes), default 1 hour
// online page
'online_record' => true, // display players record?
'online_vocations' => false, // display vocation statistics?
@@ -201,7 +175,6 @@ $config = array(
'team_display_status' => true,
'team_display_lastlogin' => true,
'team_display_world' => false,
'team_display_outfit' => true,
// bans page
'bans_limit' => 50,
@@ -211,7 +184,6 @@ $config = array(
'highscores_vocation_box' => true, // show 'Choose a vocation' box on the highscores (allowing peoples to sort highscores by vocation)?
'highscores_vocation' => true, // show player vocation under his nickname?
'highscores_frags' => false, // show 'Frags' tab (best fraggers on the server)? Only 0.3
'highscores_balance' => false, // show 'Balance' tab (richest players on the server)
'highscores_outfit' => true, // show player outfit?
'highscores_country_box' => false, // doesnt work yet! (not implemented)
'highscores_groups_hidden' => 3, // this group id and higher won't be shown on the highscores
@@ -230,17 +202,8 @@ $config = array(
'quests' => true,
'skills' => true,
'equipment' => true,
'frags' => false,
'deleted' => false, // should deleted characters from same account be still listed on the list of characters? When enabled it will show that character is "[DELETED]"
'frags' => false
),
'quests' => array(
//'Some Quest' => 123,
//'Some Quest Two' => 456,
), // quests list (displayed in character view), name => storage
'signature_enabled' => true,
'signature_type' => 'tibian', // signature engine to use: tibian, mango, gesior
'signature_cache_time' => 5, // how long to store cached file (in minutes), default 5 minutes
'signature_browser_cache' => 60, // how long to cache by browser (in minutes), default 1 hour
// news page
'news_limit' => 5, // limit of news on the latest news page
@@ -250,52 +213,38 @@ $config = array(
// gifts/shop system
'gifts_system' => false,
// support/system
'bug_report' => true, // this configurable has no effect, its always enabled
// forum
'forum' => 'site', // link to the server forum, set to "site" if you want to use build in forum system, otherwise leave empty if you aren't going to use any forum
'forum_level_required' => 0, // level required to post, 0 to disable
'forum_post_interval' => 30, // in seconds
'forum_posts_per_page' => 20,
'forum_threads_per_page' => 20,
// uncomment to force use table for forum
//'forum_table_prefix' => 'z_', // what forum mysql table to use, z_ (for gesior old forum) or myaac_ (for myaac)
// last kills
'last_kills_limit' => 50, // max. number of deaths shown on the last kills page
// status, took automatically from config file if empty
'status_enabled' => true, // you can disable status checking by settings this to "false"
'status_ip' => '127.0.0.1',
'status_ip' => '',
'status_port' => '',
'status_timeout' => 1.0, // how long to wait for the initial response from the server (default: 1 second)
// how often to connect to server and update status (default: every minute)
// if your status timeout in config.lua is bigger, that it will be used instead
// when server is offline, it will be checked every time web refreshes, ignoring this variable
'status_interval' => 60,
// admin panel
'admin_panel_modules' => 'lastlogin,points,coins',
// other
'anonymous_usage_statistics' => true,
'email_lai_sec_interval' => 60, // time in seconds between e-mails to one account from lost account interface, block spam
'google_analytics_id' => '', // e.g.: UA-XXXXXXX-X
'experiencetable_columns' => 3, // how many columns to display in experience table page. * experiencetable_rows, 5 = 500 (will show up to 500 level)
'experiencetable_rows' => 200, // till how many levels in one column
'experiencetable_columns' => 5, // how many columns to display in experience table page. * experiencetable_rows, 5 = 500 (will show up to 500 level)
'experiencetable_rows' => 100, // till how many levels in one column
'date_timezone' => 'Europe/Berlin', // more info at http://php.net/manual/en/timezones.php
'footer_show_load_time' => true, // display load time of the page in the footer
'npc' => array(),
// character name blocked
'character_name_blocked' => array(
'prefix' => array(),
'names' => array(),
'words' => array(),
),
'monsters' => array(),
'npc' => array()
);
// download link to client.
$config['client_download'] = 'http://tibia-clients.com/clients/download/'. $config['client'] .'/exe/windows';
$config['client_download_linux'] = 'http://tibia-clients.com/clients/download/'. $config['client'] .'/tar/linux';
?>

BIN
images/error.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.2 KiB

0
images/gallery/index.html
View File

BIN
images/icons/comment_add.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 530 B

BIN
images/loading_spinner.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 67 KiB

BIN
images/monsters/acidblob.gif
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.8 KiB

After

Width:  |  Height:  |  Size: 3.0 KiB

BIN
images/monsters/acolyte of the cult.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
images/monsters/adept of the cult.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
images/monsters/ancient scarab.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.0 KiB

BIN
images/monsters/animated-statue.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
images/monsters/annihilon.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.5 KiB

BIN
images/monsters/apprentice sheng.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
images/monsters/armadile.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/monsters/ashmunrah.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.1 KiB

BIN
images/monsters/asura.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.1 KiB

BIN
images/monsters/asuranight.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.1 KiB

BIN
images/monsters/avalanche.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 7.9 KiB

BIN
images/monsters/axeitus headbanger.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
images/monsters/azure frog.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
images/monsters/barbaria.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.2 KiB

BIN
images/monsters/barbarian brutetamer.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.2 KiB

BIN
images/monsters/barbarian headsplitter.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.8 KiB

BIN
images/monsters/barbarian skullhunter.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
images/monsters/barklessdevotee.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/monsters/barklessfanatic.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.8 KiB

0
images/monsters/bonelord.gif → images/monsters/beholder.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.5 KiB

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
images/monsters/betrayed wraith.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.2 KiB

BIN
images/monsters/big boss trolliver.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.6 KiB

BIN
images/monsters/black sheep.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
images/monsters/blazing fire elemental.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.8 KiB

BIN
images/monsters/blistering fire elemental.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.9 KiB

BIN
images/monsters/blood crab.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.6 KiB

BIN
images/monsters/bloodbeast.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.0 KiB

BIN
images/monsters/bloodhand.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.9 KiB

BIN
images/monsters/bloodpaw.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.7 KiB

BIN
images/monsters/bloodpriest.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.9 KiB

BIN
images/monsters/blue djinn.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.2 KiB

BIN
images/monsters/boar.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.9 KiB

BIN
images/monsters/bog raider.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.8 KiB

BIN
images/monsters/bogfrog.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.7 KiB

BIN
images/monsters/bones.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.2 KiB

BIN
images/monsters/boogy.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.0 KiB

BIN
images/monsters/bovinus.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.1 KiB

BIN
images/monsters/breachbrood.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.1 KiB

BIN
images/monsters/brimstonebug.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.8 KiB

BIN
images/monsters/brutus bloodbeard.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.7 KiB

BIN
images/monsters/butterfly purple.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 417 B

BIN
images/monsters/butterfly.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
images/monsters/calamary.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.4 KiB

BIN
images/monsters/carrion worm.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
images/monsters/cave rat.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.3 KiB

BIN
images/monsters/chakoya toolshaper.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
images/monsters/chakoya tribewarden.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.5 KiB

BIN
images/monsters/chakoya windcaller.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.5 KiB

BIN
images/monsters/charged energy elemental.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.4 KiB

BIN
images/monsters/charlatan.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.9 KiB

BIN
images/monsters/chokingfear.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.2 KiB

Some files were not shown because too many files have changed in this diff Show More