Release 0.8.11

This reverts commit fa015b8d39.

.github/workflows/phplint.yml

@@ -0,0 +1,16 @@
+name: PHP Linting
+on:
+  pull_request:
+    branches: [master]
+  push:
+    branches: [master]
+
+jobs:
+  phplint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: overtrue/phplint@7.4
+        with:
+          path: .
+          options: --exclude="system/libs/polyfill-mbstring/bootstrap80.php"

.gitignore

@@ -9,6 +9,10 @@ vendor
 # npm
 node_modules
 
+# cypress
+cypress.env.json
+cypress/e2e/2-advanced-examples
+
 # created by release.sh
 releases
 tmp
@@ -37,7 +41,7 @@ system/cache/*
 
 # php sessions
 system/php_sessions/*
-!system/php_sessions//index.html
+!system/php_sessions/index.html
 
 # logs
 system/logs/*

CHANGELOG.md

@@ -1,5 +1,39 @@
 # Changelog
 
+## [0.8.11 - 30.06.2023]
+
+### Added
+* new function from 0.9 - Cache::remember($key, $ttl, $callback)
+* new characters page hooks
+* line number & file to exception handler, to easier localize exceptions
+
+### Changed
+* rename to .htaccess.dist, causes some problems on default setup
+* removing unneccessary PHP closing tags to prevent potential issues (by @SRNT-GG)
+* display warning if hook file does not exist
+
+### Fixed
+* important: Not allow create char if limit is exceeded (by @anyeor) could have been used to spam database
+* deleted chars: cannot change comment, name, gender, cannot create guild, cannot be invited, cannot accept invite, cannot be passed leadership to
+* forum: quote and edit post buttons not being shown
+* twig exception thrown when player does not exist, on character change comment (thanks @anyeor)
+* BASE_DIR when accessing /tools
+* do not display warning if HTTP_ACCEPT_LANGUAGE is not set
+
+## [0.8.10 - 18.05.2023]
+
+### Changed
+* PHP 7.2.5 is now required, cause of Twig 2.x
+* allow pages to be placed in templates folder, under pages/ subfolder
+
+### Fixed
+* Twig error with global variable on create account
+* links/redirects from facebook, etc. like ?fbclid=x
+* do not allow to continue install when there is no server database imported
+* cannot go forward when config.local.php cannot be saved
+* when server uses another items serializer
+* small bug on install - please fill all input
+
 ## [0.8.9 - 16.03.2023]
 
 ### Added

README.md

@@ -13,7 +13,7 @@ Official website: https://my-aac.org
 
 ### Requirements
 
-	- PHP 5.6 or later
+	- PHP 7.2.5 or later
 	- MySQL database
 	- PDO PHP Extension
 	- XML PHP Extension

admin/includes/functions.php

@@ -1 +1,2 @@
-<?php
+<?php
+// nothing yet here

admin/index.php

@@ -68,4 +68,4 @@ ob_end_clean();
 // template
 $template_path = 'template/';
 require ADMIN . $template_path . 'template.php';
-?>
+

admin/pages/pages.php

@@ -196,5 +196,3 @@ class Pages
 		return !count($errors);
 	}
 }
-
-?>

admin/pages/statistics.php

@@ -36,4 +36,3 @@ $twig->display('admin.statistics.html.twig', array(
 	'account_type' => (USE_ACCOUNT_NAME ? 'name' : 'number'),
 	'points' => $points
 ));
-?>

admin/pages/version.php

@@ -47,4 +47,3 @@ function version_revert($version)
 	$release = $version;
 	return $major . '.' . $minor . '.' . $release;
 }*/
-?>

admin/tools/phpinfo.php

@@ -13,4 +13,3 @@ if(!function_exists('phpinfo'))
 	die('phpinfo() disabled on this web server.');
 
 phpinfo();
-?>

common.php

@@ -23,10 +23,10 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
-if (version_compare(phpversion(), '5.6', '<')) die('PHP version 5.6 or higher is required.');
+if (version_compare(phpversion(), '7.2.5', '<')) die('PHP version 7.2.5 or higher is required.');
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.8.9');
+define('MYAAC_VERSION', '0.8.11');
 define('DATABASE_VERSION', 33);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
@@ -97,7 +97,7 @@ $size = count($tmp) - 1;
 for($i = 1; $i < $size; $i++)
 	$basedir .= '/' . $tmp[$i];
 
-$basedir = str_replace(array('/admin', '/install'), '', $basedir);
+$basedir = str_replace(array('/admin', '/install', '/tools'), '', $basedir);
 define('BASE_DIR', $basedir);
 
 if(!IS_CLI) {

index.php

@@ -74,6 +74,14 @@ if((!isset($config['installed']) || !$config['installed']) && file_exists(BASE .
 	throw new RuntimeException('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
 }
 
+require_once SYSTEM . 'init.php';
+require_once SYSTEM . 'template.php';
+
+// verify myaac tables exists in database
+if(!$db->hasTable('myaac_account_actions')) {
+	throw new RuntimeException('Seems that the table <strong>myaac_account_actions</strong> of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting <a href="' . BASE_URL . 'install">this</a> url.');
+}
+
 $found = false;
 if(empty($uri) || isset($_REQUEST['template'])) {
 	$_REQUEST['p'] = 'news';
@@ -81,7 +89,11 @@ if(empty($uri) || isset($_REQUEST['template'])) {
 }
 else {
 	$tmp = strtolower($uri);
-	if(!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(SYSTEM . 'pages/' . $tmp . '.php')) {
+	if (!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(TEMPLATES . $template_name . '/pages/' . $tmp . '.php')) {
+		$_REQUEST['p'] = $uri;
+		$found = true;
+	}
+	else if (!preg_match('/[^A-z0-9_\-]/', $uri) && file_exists(SYSTEM . 'pages/' . $tmp . '.php')) {
 		$_REQUEST['p'] = $uri;
 		$found = true;
 	}
@@ -154,6 +166,12 @@ else {
 	}
 }
 
+// handle ?fbclid=x, etc. (show news page)
+if (!$found && count($_GET) > 0 && !isset($_REQUEST['subtopic']) && !isset($_REQUEST['p'])) {
+	$_REQUEST['p'] = $_REQUEST['subtopic'] = 'news';
+	$found = true;
+}
+
 // define page visited, so it can be used within events system
 $page = isset($_REQUEST['subtopic']) ? $_REQUEST['subtopic'] : (isset($_REQUEST['p']) ? $_REQUEST['p'] : '');
 if(empty($page) || !preg_match('/^[A-z0-9\_\-]+$/', $page)) {
@@ -174,18 +192,10 @@ define('PAGE', $page);
 
 $template_place_holders = array();
 
-require_once SYSTEM . 'init.php';
-
-// verify myaac tables exists in database
-if(!$db->hasTable('myaac_account_actions')) {
-	throw new RuntimeException('Seems that the table <strong>myaac_account_actions</strong> of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting <a href="' . BASE_URL . 'install">this</a> url.');
-}
-
 // event system
 require_once SYSTEM . 'hooks.php';
 $hooks = new Hooks();
 $hooks->load();
-require_once SYSTEM . 'template.php';
 require_once SYSTEM . 'login.php';
 require_once SYSTEM . 'status.php';
 
@@ -288,6 +298,7 @@ if($config['backward_support']) {
 	$config['site'] = &$config;
 	$config['server'] = &$config['lua'];
 	$config['site']['shop_system'] = $config['gifts_system'];
+	$config['site']['gallery_page'] = true;
 
 	if(!isset($config['vdarkborder']))
 		$config['vdarkborder'] = '#505050';
@@ -335,12 +346,10 @@ if($load_it)
 				)) . $content;
 		}
 	} else {
-		$file = TEMPLATES . $template_name . '/pages/' . $page . '.php';
-		if(!@file_exists($file) || preg_match('/[^A-z0-9_\-]/', $page))
-		{
-			$file = SYSTEM . 'pages/' . $page . '.php';
-			if(!@file_exists($file) || preg_match('/[^A-z0-9_\-]/', $page))
-			{
+		$file = TEMPLATES . "$template_name/pages/$page.php";
+		if(!@file_exists($file) || preg_match('/[^A-z0-9_\-]/', $page)) {
+			$file = SYSTEM . "pages/$page.php";
+			if(!@file_exists($file) || preg_match('/[^A-z0-9_\-]/', $page)) {
 				$page = '404';
 				$file = SYSTEM . 'pages/404.php';
 			}

install/includes/config.php

@@ -38,4 +38,3 @@ if(!isset($error) || !$error) {
 		$error = true;
 	}
 }
-?>

install/index.php

@@ -70,7 +70,7 @@ if($step == 'database') {
 
 		$key = str_replace('var_', '', $key);
 
-		if(in_array($key, array('account', 'password', 'email', 'player_name'))) {
+		if(in_array($key, array('account', 'account_id', 'password', 'email', 'player_name'))) {
 			continue;
 		}
 
@@ -114,14 +114,12 @@ if($step == 'database') {
 	}
 }
 else if($step == 'admin') {
-	$config_failed = true;
-	if(file_exists(BASE . 'config.local.php') && isset($config['installed']) && $config['installed'] && isset($_SESSION['saved'])) {
-		$config_failed = false;
-	}
-
-	if($config_failed) {
+	if(!file_exists(BASE . 'config.local.php') || !isset($config['installed']) || !$config['installed']) {
 		$step = 'database';
 	}
+	else {
+		$_SESSION['saved'] = true;
+	}
 }
 else if($step == 'finish') {
 	$email = $_SESSION['var_email'];

install/steps/2-license.php

@@ -5,4 +5,3 @@ $twig->display('install.license.html.twig', array(
 	'license' => file_get_contents(BASE . 'LICENSE'),
 	'buttons' => next_buttons()
 ));
-?>

install/steps/4-config.php

@@ -18,4 +18,3 @@ $twig->display('install.config.html.twig', array(
 	'errors' => isset($errors) ? $errors : null,
 	'buttons' => next_buttons()
 ));
-?>

install/steps/5-database.php

@@ -57,16 +57,35 @@ if(!$error) {
 			error($database_error);
 		}
 		else {
+			if(!$db->hasTable('accounts')) {
+				$tmp = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
+				error($tmp);
+				$error = true;
+			}
+
+			if(!$db->hasTable('players')) {
+				$tmp = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
+				error($tmp);
+				$error = true;
+			}
+
+			if(!$db->hasTable('guilds')) {
+				$tmp = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
+				error($tmp);
+				$error = true;
+			}
+
+			if(!$error) {
 				$twig->display('install.installer.html.twig', array(
 					'url' => 'tools/5-database.php',
 					'message' => $locale['loading_spinner']
 				));
 
-			if(!$error) {
 				if(!Validator::email($_SESSION['var_mail_admin'])) {
 					error($locale['step_config_mail_admin_error']);
 					$error = true;
 				}
+
 				if(!Validator::email($_SESSION['var_mail_address'])) {
 					error($locale['step_config_mail_address_error']);
 					$error = true;
@@ -92,7 +111,7 @@ if(!$error) {
 					unset($_SESSION['saved']);
 
 					$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.local.php</b>', $locale['step_database_error_file']);
-					warning($locale['step_database_error_file'] . '<br/>
+					error($locale['step_database_error_file'] . '<br/>
 						<textarea cols="70" rows="10">' . $content . '</textarea>');
 				}
 			}
@@ -103,6 +122,6 @@ if(!$error) {
 
 <form action="<?php echo BASE_URL; ?>install/" method="post">
 	<input type="hidden" name="step" id="step" value="admin" />
-	<?php echo next_buttons(true, $error ? false : true);
+	<?php echo next_buttons(true, !$error);
 	?>
 </form>

install/tools/5-database.php

@@ -23,24 +23,6 @@ if(!$error) {
 	}
 }
 
-if(!$db->hasTable('accounts')) {
-	$locale['step_database_error_table'] = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
-	error($locale['step_database_error_table']);
-	return;
-}
-
-if(!$db->hasTable('players')) {
-	$locale['step_database_error_table'] = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
-	error($locale['step_database_error_table']);
-	return;
-}
-
-if(!$db->hasTable('guilds')) {
-	$locale['step_database_error_table'] = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
-	error($locale['step_database_error_table']);
-	return;
-}
-
 if($db->hasTable(TABLE_PREFIX . 'account_actions')) {
 	$locale['step_database_error_table_exist'] = str_replace('$TABLE$', TABLE_PREFIX . 'account_actions', $locale['step_database_error_table_exist']);
 	warning($locale['step_database_error_table_exist']);

nginx-sample.conf

@@ -32,6 +32,6 @@ server {
 		include snippets/fastcgi-php.conf;
 		fastcgi_read_timeout 240;
 		fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
-		# for ubuntu 22.04+ it will be php8.1-fpm.-sock
+		# for ubuntu 22.04+ it will be php8.1-fpm.sock
 	}
 }

system/compat/pages.php

@@ -10,6 +10,14 @@
 defined('MYAAC') or die('Direct access not allowed!');
 switch($page)
 {
+	case 'adminpanel':
+		header('Location: ' . ADMIN_URL);
+		die;
+
+	case 'archive':
+		$page = 'newsarchive';
+		break;
+
 	case 'whoisonline':
 		$page = 'online';
 		break;
@@ -37,4 +45,3 @@ switch($page)
 	default:
 		break;
 }
-?>

system/counter.php

@@ -51,4 +51,3 @@ else
 		updateDatabaseConfig('views_counter', $views_counter); // update counter
 	}
 }
-?>

system/database.php

@@ -116,5 +116,4 @@ defined('MYAAC') or die('Direct access not allowed!');
 				'<li>MySQL is not configured propertly in <i>config.lua</i>.</li>' .
 				'<li>MySQL server is not running.</li>' .
 			'</ul>' . $error->getMessage());
-
 	}

system/exception.php

@@ -23,6 +23,8 @@ function exception_handler($exception) {
 
 	$backtrace_formatted = nl2br($exception->getTraceAsString());
 
+	$message = $message . "<br/><br/>File: {$exception->getFile()}<br/>Line: {$exception->getLine()}";
+
 	// display basic error message without template
 	// template is missing, why? probably someone deleted templates dir, or it wasn't downloaded right
 	$template_file = SYSTEM . 'templates/exception.html.twig';

system/functions.php

@@ -7,11 +7,10 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+defined('MYAAC') or die('Direct access not allowed!');
 
 use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
-defined('MYAAC') or die('Direct access not allowed!');
-
 function message($message, $type, $return)
 {
 	if(IS_CLI) {
@@ -757,10 +756,10 @@ function get_browser_languages()
 {
 	$ret = array();
 
-	$acceptLang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
-	if(!isset($acceptLang[0]))
+	if(empty($_SERVER['HTTP_ACCEPT_LANGUAGE']))
 		return $ret;
 
+	$acceptLang = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
 	$languages = strtolower($acceptLang);
 	// $languages = 'pl,en-us;q=0.7,en;q=0.3 ';
 	// need to remove spaces from strings to avoid error
@@ -798,7 +797,7 @@ function get_plugins()
 	$ret = array();
 
 	$path = PLUGINS;
-	foreach(scandir($path, 0) as $file) {
+	foreach(scandir($path, SCANDIR_SORT_ASCENDING) as $file) {
 		$file_ext = pathinfo($file, PATHINFO_EXTENSION);
 		$file_name = pathinfo($file, PATHINFO_FILENAME);
 		if ($file === '.' || $file === '..' || $file === 'disabled' || $file === 'example.json' || $file_ext !== 'json' || is_dir($path . $file))

system/hooks.php

@@ -9,41 +9,47 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
-define('HOOK_STARTUP', 1);
-define('HOOK_BEFORE_PAGE', 2);
-define('HOOK_AFTER_PAGE', 3);
-define('HOOK_FINISH', 4);
-define('HOOK_TIBIACOM_ARTICLE', 5);
-define('HOOK_TIBIACOM_BORDER_3', 6);
-define('HOOK_CHARACTERS_BEFORE_INFORMATIONS', 7);
-define('HOOK_CHARACTERS_AFTER_INFORMATIONS', 8);
-define('HOOK_CHARACTERS_BEFORE_SIGNATURE', 9);
-define('HOOK_CHARACTERS_AFTER_SIGNATURE', 10);
-define('HOOK_CHARACTERS_AFTER_ACCOUNT', 11);
-define('HOOK_CHARACTERS_AFTER_CHARACTERS', 12);
-define('HOOK_LOGIN', 13);
-define('HOOK_LOGIN_ATTEMPT', 14);
-define('HOOK_LOGOUT', 15);
-define('HOOK_ACCOUNT_CREATE_BEFORE_FORM', 16);
-define('HOOK_ACCOUNT_CREATE_BEFORE_BOXES', 17);
-define('HOOK_ACCOUNT_CREATE_BETWEEN_BOXES_1', 18);
-define('HOOK_ACCOUNT_CREATE_BETWEEN_BOXES_2', 19);
-define('HOOK_ACCOUNT_CREATE_AFTER_BOXES', 20);
-define('HOOK_ACCOUNT_CREATE_BEFORE_ACCOUNT', 21);
-define('HOOK_ACCOUNT_CREATE_AFTER_ACCOUNT', 22);
-define('HOOK_ACCOUNT_CREATE_AFTER_EMAIL', 23);
-define('HOOK_ACCOUNT_CREATE_AFTER_COUNTRY', 24);
-define('HOOK_ACCOUNT_CREATE_AFTER_PASSWORDS', 25);
-define('HOOK_ACCOUNT_CREATE_AFTER_RECAPTCHA', 26);
-define('HOOK_ACCOUNT_CREATE_BEFORE_CHARACTER_NAME', 27);
-define('HOOK_ACCOUNT_CREATE_AFTER_CHARACTER_NAME', 28);
-define('HOOK_ACCOUNT_CREATE_AFTER_SEX', 29);
-define('HOOK_ACCOUNT_CREATE_AFTER_VOCATION', 30);
-define('HOOK_ACCOUNT_CREATE_AFTER_TOWNS', 31);
-define('HOOK_ACCOUNT_CREATE_BEFORE_SUBMIT_BUTTON', 32);
-define('HOOK_ACCOUNT_CREATE_AFTER_FORM', 33);
-define('HOOK_ACCOUNT_CREATE_AFTER_SUBMIT', 34);
-define('HOOK_EMAIL_CONFIRMED', 35);
+$i = 0;
+define('HOOK_STARTUP', ++$i);
+define('HOOK_BEFORE_PAGE', ++$i);
+define('HOOK_AFTER_PAGE', ++$i);
+define('HOOK_FINISH', ++$i);
+define('HOOK_TIBIACOM_ARTICLE', ++$i);
+define('HOOK_TIBIACOM_BORDER_3', ++$i);
+define('HOOK_CHARACTERS_BEFORE_INFORMATIONS', ++$i);
+define('HOOK_CHARACTERS_AFTER_INFORMATIONS', ++$i);
+define('HOOK_CHARACTERS_BEFORE_SKILLS', ++$i);
+define('HOOK_CHARACTERS_AFTER_SKILLS', ++$i);
+define('HOOK_CHARACTERS_AFTER_QUESTS', ++$i);
+define('HOOK_CHARACTERS_AFTER_EQUIPMENT', ++$i);
+define('HOOK_CHARACTERS_BEFORE_DEATHS', ++$i);
+define('HOOK_CHARACTERS_BEFORE_SIGNATURE', ++$i);
+define('HOOK_CHARACTERS_AFTER_SIGNATURE', ++$i);
+define('HOOK_CHARACTERS_AFTER_ACCOUNT', ++$i);
+define('HOOK_CHARACTERS_AFTER_CHARACTERS', ++$i);
+define('HOOK_LOGIN', ++$i);
+define('HOOK_LOGIN_ATTEMPT', ++$i);
+define('HOOK_LOGOUT', ++$i);
+define('HOOK_ACCOUNT_CREATE_BEFORE_FORM', ++$i);
+define('HOOK_ACCOUNT_CREATE_BEFORE_BOXES', ++$i);
+define('HOOK_ACCOUNT_CREATE_BETWEEN_BOXES_1', ++$i);
+define('HOOK_ACCOUNT_CREATE_BETWEEN_BOXES_2', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_BOXES', ++$i);
+define('HOOK_ACCOUNT_CREATE_BEFORE_ACCOUNT', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_ACCOUNT', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_EMAIL', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_COUNTRY', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_PASSWORDS', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_RECAPTCHA', ++$i);
+define('HOOK_ACCOUNT_CREATE_BEFORE_CHARACTER_NAME', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_CHARACTER_NAME', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_SEX', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_VOCATION', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_TOWNS', ++$i);
+define('HOOK_ACCOUNT_CREATE_BEFORE_SUBMIT_BUTTON', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_FORM', ++$i);
+define('HOOK_ACCOUNT_CREATE_AFTER_SUBMIT', ++$i);
+define('HOOK_EMAIL_CONFIRMED', ++$i);
 define('HOOK_FIRST', HOOK_STARTUP);
 define('HOOK_LAST', HOOK_EMAIL_CONFIRMED);
 
@@ -68,9 +74,7 @@ class Hook
 		}*/
 
 		global $db, $config, $template_path, $ots, $content, $twig;
-		if(file_exists(BASE . $this->_file)) {
-			$ret = require BASE . $this->_file;
-		}
+		$ret = include BASE . $this->_file;
 
 		return !isset($ret) || $ret == 1 || $ret;
 	}

system/init.php

@@ -31,9 +31,6 @@ if($config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($
 require_once SYSTEM . 'libs/cache.php';
 $cache = Cache::getInstance();
 
-// twig
-require_once SYSTEM . 'twig.php';
-
 // trim values we receive
 if(isset($_POST))
 {
@@ -114,7 +111,7 @@ if(!isset($foundValue)) {
 $config['data_path'] = $foundValue;
 unset($foundValue);
 
-// new config values for compability
+// new config values for compatibility
 if(!isset($config['highscores_ids_hidden']) || count($config['highscores_ids_hidden']) == 0) {
 	$config['highscores_ids_hidden'] = array(0);
 }
@@ -126,6 +123,9 @@ require_once SYSTEM . 'libs/pot/OTS.php';
 $ots = POT::getInstance();
 require_once SYSTEM . 'database.php';
 
+// twig
+require_once SYSTEM . 'twig.php';
+
 define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
 // load vocation names
 $tmp = '';

system/item.php

@@ -58,4 +58,3 @@ function outputItem($id = 100, $count = 1)
 	$file_name = Items_Images::$outputDir . $file_name . '.gif';
 	readfile($file_name);
 }
-?>

system/libs/CreateCharacter.php

@@ -138,7 +138,7 @@ class CreateCharacter
 
 		if(empty($errors))
 		{
-			$number_of_players_on_account = $account->getPlayersList(false)->count();
+			$number_of_players_on_account = $account->getPlayersList(true)->count();
 			if($number_of_players_on_account >= config('characters_per_account'))
 				$errors[] = 'You have too many characters on your account <b>('.$number_of_players_on_account.'/'.config('characters_per_account').')</b>!';
 		}
@@ -252,11 +252,13 @@ class CreateCharacter
 			}
 		}
 
+		if ($db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
 			$loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$char_to_copy->getId()."");
 			foreach($loaded_items_to_copy as $save_item) {
 				$blob = $db->quote($save_item['attributes']);
 				$db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', $blob);");
 			}
+		}
 
 		global $twig;
 		$twig->display('success.html.twig', array(

system/libs/cache.php

@@ -110,4 +110,21 @@ class Cache
 	 * @return bool
 	 */
 	public function enabled() {return false;}
+
+	public static function remember($key, $ttl, $callback)
+	{
+		$cache = self::getInstance();
+		if(!$cache->enabled()) {
+			return $callback();
+		}
+
+		$value = null;
+		if ($cache->fetch($key, $value)) {
+			return unserialize($value);
+		}
+
+		$value = $callback();
+		$cache->set($key, serialize($value),$ttl);
+		return $value;
+	}
 }

system/libs/data.php

@@ -41,4 +41,3 @@ class Data
 		return $db->update($this->table, $data, $where);
 	}
 }
-?>

system/libs/pot/E_OTS_ErrorCode.php

@@ -32,5 +32,3 @@ class E_OTS_ErrorCode extends Exception
 }
 
 /**#@-*/
-
-?>

system/libs/pot/E_OTS_Generic.php

@@ -36,5 +36,3 @@ class E_OTS_Generic extends E_OTS_ErrorCode
 }
 
 /**#@-*/
-
-?>

system/libs/pot/E_OTS_NotAContainer.php

@@ -22,5 +22,3 @@ class E_OTS_NotAContainer extends Exception
 }
 
 /**#@-*/
-
-?>

system/libs/pot/E_OTS_OTBMError.php

@@ -32,5 +32,3 @@ class E_OTS_OTBMError extends E_OTS_ErrorCode
 }
 
 /**#@-*/
-
-?>

system/libs/pot/E_OTS_ReadOnly.php

@@ -22,5 +22,3 @@ class E_OTS_ReadOnly extends Exception
 }
 
 /**#@-*/
-
-?>

system/libs/pot/IOTS_Cipher.php

@@ -37,5 +37,3 @@ interface IOTS_Cipher
 }
 
 /**#@-*/
-
-?>

system/libs/pot/IOTS_DataDisplay.php

@@ -89,5 +89,3 @@ interface IOTS_DataDisplay
 }
 
 /**#@-*/
-
-?>

system/libs/pot/IOTS_Display.php

@@ -96,5 +96,3 @@ interface IOTS_Display
 }
 
 /**#@-*/
-
-?>

system/libs/pot/IOTS_GuildAction.php

@@ -67,5 +67,3 @@ interface IOTS_GuildAction
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Account.php

@@ -922,7 +922,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
         $access = 0;
 
         // finds ranks of all characters
-        foreach($this->getPlayersList() as $player)
+        foreach($this->getPlayersList(false) as $player)
         {
             $rank = $player->getRank();
 
@@ -1126,5 +1126,3 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_AccountBans_List.php

@@ -34,5 +34,3 @@ class OTS_AccountBans_List extends OTS_Bans_List
         $this->setFilter($filter);
     }
 }
-
-?>

system/libs/pot/OTS_Admin.php

@@ -735,5 +735,3 @@ class OTS_Admin
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Bans_List.php

@@ -100,5 +100,3 @@ class OTS_Bans_List extends OTS_Base_List
         }
     }
 }
-
-?>

system/libs/pot/OTS_Base_DB.php

@@ -248,5 +248,3 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_BinaryTools.php

@@ -146,5 +146,3 @@ class OTS_BinaryTools
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Container.php

@@ -149,5 +149,3 @@ class OTS_Container extends OTS_Item implements IteratorAggregate
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_FileLoader.php

@@ -357,5 +357,3 @@ class OTS_FileLoader
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Group.php

@@ -671,5 +671,3 @@ class OTS_Group extends OTS_Row_DAO implements IteratorAggregate, Countable
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Guild.php

@@ -837,5 +837,3 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_GuildRanks_List.php

@@ -72,5 +72,3 @@ class OTS_GuildRanks_List extends OTS_Base_List
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_House.php

@@ -529,5 +529,3 @@ class OTS_House extends OTS_Row_DAO
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_IPBans_List.php

@@ -34,5 +34,3 @@ class OTS_IPBans_List extends OTS_Bans_List
         $this->setFilter($filter);
     }
 }
-
-?>

system/libs/pot/OTS_InfoRespond.php

@@ -387,5 +387,3 @@ class OTS_InfoRespond extends DOMDocument
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_ItemsList.php

@@ -676,5 +676,3 @@ class OTS_ItemsList extends OTS_FileLoader implements IteratorAggregate, Countab
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_MapCoords.php

@@ -130,5 +130,3 @@ class OTS_MapCoords
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_MonstersList.php

@@ -299,5 +299,3 @@ class OTS_MonstersList implements Iterator, Countable, ArrayAccess
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Player.php

@@ -3627,5 +3627,3 @@ class OTS_Player extends OTS_Row_DAO
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_PlayerBans_List.php

@@ -34,5 +34,3 @@ class OTS_PlayerBans_List extends OTS_Bans_List
         $this->setFilter($filter);
     }
 }
-
-?>

system/libs/pot/OTS_Row_DAO.php

@@ -75,5 +75,3 @@ abstract class OTS_Row_DAO extends OTS_Base_DAO
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_SQLField.php

@@ -121,5 +121,3 @@ class OTS_SQLField
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_ServerInfo.php

@@ -227,5 +227,3 @@ class OTS_ServerInfo
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Spell.php

@@ -482,5 +482,3 @@ class OTS_Spell
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_Toolbox.php

@@ -113,5 +113,3 @@ class OTS_Toolbox
 }
 
 /**#@-*/
-
-?>

system/libs/pot/OTS_XTEA.php

@@ -151,5 +151,3 @@ class OTS_XTEA implements IOTS_Cipher
 }
 
 /**#@-*/
-
-?>

system/libs/rfc6238.php

@@ -282,4 +282,3 @@ class TokenAuth6238 {
 		return $result;
 	}
 }
-?>

system/libs/validator.php

@@ -432,4 +432,3 @@ class Validator
 		return self::$lastError;
 	}
 }
-?>

system/locale/de/admin.php

@@ -6,4 +6,3 @@
  * @author Slawkens <slawkens@gmail.com>
  */
 $locale['title'] = 'MyAAC Admin';
-?>

system/locale/de/main.php

@@ -12,4 +12,3 @@ $locale['direction']= 'ltr';
 
 $locale['error404'] = 'Diese Seite konnte nicht gefunden werden.';
 $locale['news'] = 'Neuesten Nachrichten';
-?>

system/locale/en/install.php

@@ -123,4 +123,3 @@ $locale['step_finish_title'] = 'Installation finished!';
 $locale['step_finish_desc'] = 'Congratulations! <b>MyAAC</b> is ready to use!<br/>You can now login to $ADMIN_PANEL$, or visit $HOMEPAGE$.<br/><br/>
 <span style="color: red">Please delete install/ directory.</span><br/><br/>
 Post bugs and suggestions at $LINK$, thanks!';
-?>

system/locale/pl/admin.php

@@ -6,4 +6,3 @@
  * @author Slawkens <slawkens@gmail.com>
  */
 $locale['title'] = 'MyAAC Admin';
-?>

system/locale/pl/main.php

@@ -12,4 +12,3 @@ $locale['direction']= 'ltr';
 
 $locale['error404'] = 'Strona nie została odnaleziona.';
 $locale['news'] = 'Ostatnie newsy';
-?>

system/locale/pt_br/install.php

@@ -121,4 +121,3 @@ $locale['step_finish'] = 'Finalizar';
 $locale['step_finish_title'] = 'Instalação terminada!';
 $locale['step_finish_desc'] = 'Parabéns! <b>MyAAC</b> está pronto para uso!<br/>Agora você pode fazer login em $ADMIN_PANEL$ ou visitar $HOMEPAGE$.<br/><br/>
 <span style = "color: red">Por favor remova a pasta install/.</span><br/><br/>Postar bugs e sugestões em $LINK$, obrigado!';
-?>

system/locale/sv/admin.php

@@ -6,4 +6,3 @@
  * @author Sizaro <sizaro@live.se>
  */
 $locale['title'] = 'MyAAC Admin';
-?>

system/locale/sv/main.php

@@ -12,4 +12,3 @@ $locale['direction']= 'ltr';
 
 $locale['error404'] = 'Sidan kunde inte hittas.';
 $locale['news'] = 'Senaste nyheterna';
-?>

system/login.php

@@ -10,6 +10,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $logged = false;
 $logged_flags = 0;
+$account_logged = new OTS_Account();
 
 $action = isset($_REQUEST['action']) ? strtolower($_REQUEST['action']) : '';
 if(!defined('ACTION')) {
@@ -20,7 +21,6 @@ if(!defined('ACTION')) {
 $current_session = getSession('account');
 if($current_session !== false)
 {
-	$account_logged = new OTS_Account();
 	$account_logged->load($current_session);
 	if($account_logged->isLoaded() && $account_logged->getPassword() == getSession('password')
 		//&& (!isset($_SESSION['admin']) || admin())
@@ -84,7 +84,6 @@ else
 				$t = isset($tmp[$ip]) ? $tmp[$ip] : NULL;
 			}
 
-			$account_logged = new OTS_Account();
 			if(USE_ACCOUNT_NAME)
 				$account_logged->find($login_account);
 			else

system/migrations/11.php

@@ -17,4 +17,3 @@
 			'thumb' => str_replace('/screenshots/', '/gallery/', $item['thumb']),
 		), array('id' => $item['id']));
 	}
-?>

system/migrations/13.php

@@ -1,4 +1,3 @@
 <?php
 	if($db->hasColumn(TABLE_PREFIX . 'spells', 'spell'))
 		$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP COLUMN `spell`;");
-?>

system/migrations/15.php

@@ -8,4 +8,3 @@ if(!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
 if(!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `access` TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`;");
 }
-?>

system/migrations/17.php

@@ -86,4 +86,3 @@ INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VA
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop History', 'gifts/history', 6, 2);
 	");
 }
-?>

system/migrations/19.php

@@ -1,3 +1,2 @@
 <?php
-// this migration has been removed, but file kept for compability
-?>
+// this migration has been removed, but file kept for compatibility

system/migrations/2.php

@@ -3,4 +3,3 @@
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
-?>

system/migrations/20.php

@@ -45,4 +45,3 @@ function databaseMigration20(&$content = '') {
 	file_put_contents($config_file, $content, FILE_APPEND);
 	return true;
 }
-?>

system/migrations/4.php

@@ -1,4 +1,3 @@
 <?php
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'id'))
 		$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `id` int(11) NOT NULL AUTO_INCREMENT primary key FIRST;");
-?>

system/migrations/6.php

@@ -1,4 +1,3 @@
 <?php
 	if(!$db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled'))
 		$db->query("ALTER TABLE `" . TABLE_PREFIX . "hooks` ADD `enabled` INT(1) NOT NULL DEFAULT 1;");
-?>

system/migrations/8.php

@@ -15,4 +15,3 @@
 		foreach($boards as $id => $board)
 			$db->query('UPDATE `' . TABLE_PREFIX . 'forum_boards` SET `ordering` = ' . $id . ' WHERE `name` = ' . $db->quote($board));
 	}
-?>

system/pages/account.php

@@ -1,7 +1,7 @@
 <?php
 /**
  * Account confirm mail
- * Keept for compability
+ * Keept for compatibility
  *
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
@@ -13,4 +13,3 @@ defined('MYAAC') or die('Direct access not allowed!');
 if($action == 'confirm_email') {
 	require_once PAGES . 'account/confirm_email.php';
 }
-?>

system/pages/account/change_comment.php

@@ -21,7 +21,13 @@ if($player_name != null) {
 		if ($player->isLoaded()) {
 			$player_account = $player->getAccount();
 			if ($account_logged->getId() == $player_account->getId()) {
+				if ($player->isDeleted()) {
+					$errors[] = 'This character is deleted.';
+					$player = null;
+				}
+
 				if (isset($_POST['changecommentsave']) && $_POST['changecommentsave'] == 1) {
+					if(empty($errors)) {
 						$player->setCustomField("hidden", $new_hideacc);
 						$player->setCustomField("comment", $new_comment);
 						$account_logged->logAction('Changed comment for character <b>' . $player->getName() . '</b>.');
@@ -31,6 +37,7 @@ if($player_name != null) {
 						));
 						$show_form = false;
 					}
+				}
 			} else {
 				$errors[] = 'Error. Character <b>' . $player_name . '</b> is not on your account.';
 			}
@@ -50,7 +57,7 @@ if($show_form) {
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 	}
 
-	if(isset($player)) {
+	if(isset($player) && $player->isLoaded()) {
 		$twig->display('account.change_comment.html.twig', array(
 			'player' => $player
 		));

system/pages/account/change_email.php

@@ -159,4 +159,3 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
 		'custom_buttons' => $custom_buttons
 	));
 }
-?>

system/pages/account/change_name.php

@@ -43,6 +43,10 @@ else
 			if($player->isLoaded()) {
 				$player_account = $player->getAccount();
 				if($account_logged->getId() == $player_account->getId()) {
+					if ($player->isDeleted()) {
+						$errors[] = 'This character is deleted.';
+					}
+
 					if($player->isOnline()) {
 						$errors[] = 'This character is online.';
 					}
@@ -61,7 +65,7 @@ else
 					}
 				}
 				else {
-					$errors[] = 'Character <b>' . $player_name . '</b> is not on your account.';
+					$errors[] = 'Character is not on your account.';
 				}
 			}
 			else {
@@ -82,5 +86,3 @@ else
 		));
 	}
 }
-
-?>

system/pages/account/change_password.php

@@ -23,7 +23,7 @@ else
 	}
 	$password_strlen = strlen($new_password);
 	if($new_password != $new_password2) {
-		$errors[] = "The new passwords do not match!";
+		$errors[] = 'The new passwords do not match!';
 	}
 
 	if(empty($errors)) {
@@ -31,6 +31,7 @@ else
 			$errors[] = Validator::getLastError();
 		}
 
+		/** @var OTS_Account $account_logged */
 		$old_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $old_password);
 		if($old_password != $account_logged->getPassword()) {
 			$errors[] = "Current password is incorrect!";
@@ -79,5 +80,3 @@ else
 		setSession('password', $new_password);
 	}
 }
-
-?>

system/pages/account/change_sex.php

@@ -34,6 +34,10 @@ else
 				$player_account = $player->getAccount();
 
 				if($account_logged->getId() == $player_account->getId()) {
+					if ($player->isDeleted()) {
+						$errors[] = 'This character is deleted.';
+					}
+
 					if($player->isOnline()) {
 						$errors[] = 'This character is online.';
 					}
@@ -64,7 +68,7 @@ else
 					}
 				}
 				else {
-					$errors[] = 'Character <b>'.$player_name.'</b> is not on your account.';
+					$errors[] = 'Character is not on your account.';
 				}
 			}
 			else {
@@ -78,11 +82,9 @@ else
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 		}
 		$twig->display('account.change_sex.html.twig', array(
-			'players' => $account_logged->getPlayersList(),
+			'players' => $account_logged->getPlayersList(false),
 			'player_sex' => isset($player) ? $player->getSex() : -1,
 			'points' => $points
 		));
 	}
 }
-
-?>

system/pages/account/delete_character.php

@@ -31,6 +31,14 @@ if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) {
 									}
 								}
 
+								$ownerid = 'ownerid';
+								if($db->hasColumn('guilds', 'owner_id'))
+									$ownerid = 'owner_id';
+								$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = '.$player->getId());
+								if($guild->rowCount() > 0) {
+									$errors[] = 'You cannot delete a character when they own a guild.';
+								}
+
 								if(empty($errors)) {
 									//dont show table "delete character" again
 									$show_form = false;
@@ -80,4 +88,3 @@ if($show_form) {
 	}
 	$twig->display('account.delete_character.html.twig');
 }
-?>

system/pages/bans.php

@@ -202,4 +202,3 @@ function getPlayerNameByAccount($id)
 
 	return '';
 }
-?>

system/pages/bugtracker.php

@@ -339,4 +339,3 @@ $showed = $post = $reply = false;
     {
         echo '<br><br><a href="?subtopic=bugtracker&control=true">[ADMIN PANEL]</a>';
     }
-?>

system/pages/characters.php

@@ -201,9 +201,7 @@ if($player->isLoaded() && !$player->isDeleted())
 		unset($storage);
 	}
 
-	if($config['characters']['equipment'])
-	{
-		global $db;
+	if($config['characters']['equipment'] && $db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
 		$eq_sql = $db->query('SELECT `pid`, `itemtype` FROM player_items WHERE player_id = '.$player->getId().' AND (`pid` >= 1 and `pid` <= 10)');
 		$equipment = array();
 		foreach($eq_sql as $eq)
@@ -287,7 +285,7 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 			}
 		}
 	}
-	else {
+	else if ($db->hasColumn('player_deaths', 'time') && $db->hasColumn('player_deaths', 'level') && $db->hasColumn('player_deaths', 'killed_by') && $db->hasColumn('player_deaths', 'is_player')) {
 		$mostdamage = '';
 		if($db->hasColumn('player_deaths', 'mostdamage_by'))
 			$mostdamage = ', `mostdamage_by`, `mostdamage_is_player`, `unjustified`, `mostdamage_unjustified`';

system/pages/createaccount.php

@@ -232,6 +232,7 @@ if($save)
 				$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $new_account, $errors);
 				if (!$character_created) {
 					error('There was an error creating your character. Please create your character later in account management page.');
+					error(implode(' ', $errors));
 				}
 			}
 

system/pages/experiencestages.php

@@ -66,4 +66,3 @@ echo '<div style="text-align:center"><h3>Experience stages</h3></div>
 		</tbody></table>
 	</td></tr>
 </tbody></table>';
-?>

system/pages/faq.php

@@ -185,4 +185,3 @@ class FAQ
 		return !count($errors);
 	}
 }
-?>

system/pages/forum/edit_post.php

@@ -112,5 +112,3 @@ if(Forum::canPost($account_logged))
 }
 else
 	echo "<br/>Your account is banned, deleted or you don't have any player with level " . $config['forum_level_required'] . " on your account. You can't post.";
-
-?>