Merge branch 'develop' into feature/docker

getAccountIdentityColumn() function

.dockerignore

@@ -0,0 +1,65 @@
+Thumbs.db
+.DS_Store
+.idea
+
+#
+/.htaccess
+
+# composer
+composer.phar
+vendor
+
+# npm
+node_modules
+tools/ext
+
+# cypress
+cypress.env.json
+cypress/e2e/2-advanced-examples
+cypress/screenshots
+
+# created by release.sh
+releases
+tmp
+
+config.local.php
+!docker/config.local.php
+
+# all custom templates
+templates/*
+!templates/tibiacom
+!templates/kathrine
+
+# guild images
+images/guilds/*
+!images/guilds/default.gif
+
+# editor images
+images/editor/*
+!images/editor/index.html
+
+# gallery images
+images/gallery/*
+!images/gallery/index.html
+!images/gallery/demon.jpg
+!images/gallery/demon_thumb.gif
+
+# cache
+system/cache/*
+!system/cache/index.html
+!system/cache/twig/index.html
+!system/cache/signatures/index.html
+!system/cache/plugins/index.html
+!system/cache/persistent/index.html
+
+# logs
+system/logs/*
+!system/logs/index.html
+
+# data
+system/data/*
+!system/data/index.html
+
+# php sessions
+system/php_sessions/*
+!system/php_sessions/index.html

.gitignore

@@ -23,6 +23,7 @@ releases
 tmp
 
 config.local.php
+!docker/config.local.php
 
 # all custom templates
 templates/*

CHANGELOG.md

@@ -1,6 +1,28 @@
 # Changelog
 
-## [1.0-RC -23.07.2024]
+## [1.0-RC.2 - 25.10.2024]
+
+Still waiting for your reports about bugs found in this release. We are very close to stable release.
+
+### Added
+* feat: rate limit settings for blocking accounts login attempts (@gpedro, #266)
+* search by email in accounts editor (https://github.com/slawkens/myaac/commit/c2ec46824621468f2a1cb4046805c485ed13fea5)
+* New hooks in account manage + create (https://github.com/slawkens/myaac/commit/93641fc68ac9a5f1479329e2bd41380c19534d5d)
+
+### Changed
+* chore: drop raw queries + accounts - search by email + accounts - required min size for search by account number (@gpedro, #266)
+* Use https for outfit & item images (https://github.com/slawkens/myaac/commit/71c00aa5e01fbdfd88802912e200dd1025976231)
+* Do not require players & guilds tables on install (https://github.com/slawkens/myaac/commit/779aa152fa940261c9b161533946f44e288597a2)
+* Do not create player if there is no players table in db (https://github.com/slawkens/myaac/commit/201f95caa8b70e88fa651eac8c3c3aa7cd765bd0)
+
+### Fixed
+* Highscore frags fixed for TFS 0.3 (@Scrollog, #263)
+* Missing groups variable #262. thanks, @Scrollog for reporting (https://github.com/slawkens/myaac/commit/8d8bdb6dac6df21672ac77288fff2f2f8d6eb665)
+* Verified email for login.php (@gpedro, #265)
+* Warning if core.account_country is disabled (https://github.com/slawkens/myaac/commit/ab73d60c61e14a1cacdb6cfbf7f89f4bf3be0833)
+
+
+## [1.0-RC.1 - 23.07.2024]
 
 Changes since 1.0-beta:
 

aac

@@ -9,14 +9,13 @@ if(!IS_CLI) {
 }
 
 require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
 
 define('SELF_NAME', basename(__FILE__));
 
 use MyAAC\Plugins;
 use Symfony\Component\Console\Application;
 
-$application = new Application();
+$application = new Application('MyAAC', MYAAC_VERSION);
 
 $commandsGlob = glob(SYSTEM . 'src/Commands/*.php');
 foreach ($commandsGlob as $item) {
@@ -34,7 +33,4 @@ foreach ($pluginCommands as $item) {
 	$application->add(require $item);
 }
 
-$application->setName('MyAAC');
-$application->setVersion(MYAAC_VERSION);
-
 $application->run();

admin/pages/accounts.php

@@ -8,6 +8,7 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\Models\Account as AccountModel;
 use MyAAC\Models\Player;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -22,10 +23,7 @@ $use_datatable = true;
 if (setting('core.account_country'))
 	require SYSTEM . 'countries.conf.php';
 
-$nameOrNumberColumn = 'name';
-if (USE_ACCOUNT_NUMBER) {
-	$nameOrNumberColumn = 'number';
-}
+$nameOrNumberColumn = getAccountIdentityColumn();
 
 $hasSecretColumn = $db->hasColumn('accounts', 'secret');
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
@@ -51,36 +49,51 @@ $acc_type = setting('core.account_types');
 
 <?php
 $id = 0;
-$search_account = '';
+$search_account = $search_account_email = '';
 if (isset($_REQUEST['id']))
 	$id = (int)$_REQUEST['id'];
+else if (isset($_REQUEST['search_email'])) {
+	$search_account_email = $_REQUEST['search_email'];
+	$accountModel = AccountModel::where('email', $search_account_email)->limit(11)->get(['email', 'id']);
+	if (count($accountModel) == 0) {
+		echo_error('No entries found.');
+	} else if (count($accountModel) == 1) {
+		$id = $accountModel->first()->getKey();
+	} else if (count($accountModel) > 10) {
+		echo_error('Specified e-mail resulted with too many accounts.');
+	}
+}
 else if (isset($_REQUEST['search'])) {
 	$search_account = $_REQUEST['search'];
-	if (strlen($search_account) < 3 && !Validator::number($search_account)) {
-		echo_error('Player name is too short.');
+	$min_size = 3;
+	if (in_array($nameOrNumberColumn, ['id', 'number'])) {
+		$min_size = 1;
+	}
+
+	if (strlen($search_account) < $min_size && !Validator::number($search_account)) {
+		echo_error('Account ' . $nameOrNumberColumn . ' is too short.');
 	} else {
-		$query = $db->query('SELECT `id` FROM `accounts` WHERE `' . $nameOrNumberColumn . '` = ' . $db->quote($search_account));
-		if ($query->rowCount() == 1) {
-			$query = $query->fetch();
-			$id = (int)$query['id'];
+		$query = AccountModel::where($nameOrNumberColumn, '=', $search_account)->limit(11)->get(['id', $nameOrNumberColumn]);
+		if (count($query) == 0) {
+			echo_error('No entries found.');
+		} else if (count($query) == 1) {
+			$id = $query->first()->getKey();
+		} else if (count($query) > 10) {
+			echo_error('Specified name resulted with too many accounts.');
 		} else {
-			$query = $db->query('SELECT `id`, `' . $nameOrNumberColumn . '` FROM `accounts` WHERE `' . $nameOrNumberColumn . '` LIKE ' . $db->quote('%' . $search_account . '%'));
-			if ($query->rowCount() > 0 && $query->rowCount() <= 10) {
 			$str_construct = 'Do you mean?<ul class="mb-0">';
-				foreach ($query as $row)
-					$str_construct .= '<li><a href="' . $admin_base . '&id=' . $row['id'] . '">' . $row[$nameOrNumberColumn] . '</a></li>';
+			foreach ($query as $row) {
+				$str_construct .= '<li><a href="' . $admin_base . '&id=' . $row->getKey() . '">' . $row->attributes[$nameOrNumberColumn] . '</a></li>';
+			}
 			$str_construct .= '</ul>';
 			echo_error($str_construct);
-			} else if ($query->rowCount() > 10)
-				echo_error('Specified name resulted with too many accounts.');
-			else
-				echo_error('No entries found.');
 		}
 	}
 }
 ?>
 <div class="row">
 	<?php
+	$groups = new OTS_Groups_List();
 	if ($id > 0) {
 		$account = new OTS_Account();
 		$account->load($id);
@@ -143,7 +156,9 @@ else if (isset($_REQUEST['search'])) {
 			$rl_loca = $_POST['rl_loca'];
 
 			//country
+			if(setting('core.account_country')) {
 				$rl_country = $_POST['rl_country'];
+			}
 
 			$web_flags = $_POST['web_flags'];
 			verify_number($web_flags, 'Web Flags', 1);
@@ -190,7 +205,11 @@ else if (isset($_REQUEST['search'])) {
 				}
 				$account->setRLName($rl_name);
 				$account->setLocation($rl_loca);
+
+				if(setting('core.account_country')) {
 					$account->setCountry($rl_country);
+				}
+
 				$account->setCustomField('created', $created);
 				$account->setWebFlags($web_flags);
 				$account->setCustomField('web_lastlogin', $web_lastlogin);
@@ -214,7 +233,7 @@ else if (isset($_REQUEST['search'])) {
 			}
 		}
 	} else if ($id == 0) {
-		$accounts_db = $db->query('SELECT `id`, `' . $nameOrNumberColumn . '`' . ($hasTypeColumn ? ',type' : ($hasGroupColumn ? ',group_id' : '')) . ' FROM `accounts` ORDER BY `id` ASC');
+		$accounts_db = $db->query('SELECT `id`, `' . $nameOrNumberColumn . '`' . ($hasTypeColumn ? ',type' : ($hasGroupColumn ? ',group_id' : '')) . ', email FROM `accounts` ORDER BY `id` ASC');
 		?>
 		<div class="col-12 col-sm-12 col-lg-10">
 			<div class="card card-info card-outline">
@@ -226,8 +245,9 @@ else if (isset($_REQUEST['search'])) {
 						<thead>
 						<tr>
 							<th>ID</th>
-							<th><?= ($nameOrNumberColumn == 'number' ? 'Number' : 'Name'); ?></th>
+							<th><?= ($nameOrNumberColumn == 'name' ? 'Name' : 'Number'); ?></th>
 							<?php if($hasTypeColumn || $hasGroupColumn): ?>
+							<th>E-Mail</th>
 							<th>Position</th>
 							<?php endif; ?>
 							<th style="width: 40px">Edit</th>
@@ -238,6 +258,7 @@ else if (isset($_REQUEST['search'])) {
 							<tr>
 								<th><?php echo $account_lst['id']; ?></th>
 								<td><?php echo $account_lst[$nameOrNumberColumn]; ?></a></td>
+								<td><?php echo $account_lst['email']; ?></td>
 								<?php if($hasTypeColumn || $hasGroupColumn): ?>
 								<td>
 									<?php if ($hasTypeColumn) {
@@ -585,6 +606,16 @@ else if (isset($_REQUEST['search'])) {
 			</div>
 			<div class="card-body">
 				<div class="row">
+					<div class="col-6 col-lg-12">
+						<form action="<?php echo $admin_base; ?>" method="post">
+							<?php csrf(); ?>
+							<label for="search">Account E-Mail:</label>
+							<div class="input-group input-group-sm">
+								<input type="email" class="form-control" id="search_email" name="search_email" value="<?= escapeHtml($search_account_email); ?>" maxlength="255" size="255">
+								<span class="input-group-append"><button type="submit" class="btn btn-info btn-flat">Search</button></span>
+							</div>
+						</form>
+					</div>
 					<div class="col-6 col-lg-12">
 						<form action="<?php echo $admin_base; ?>" method="post">
 							<?php csrf(); ?>

admin/pages/mailer.php

@@ -7,6 +7,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Models\Account;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Mailer';
 
@@ -61,15 +64,15 @@ if (!empty($mail_content) && !empty($mail_subject) && empty($mail_to)) {
 		$add = ' AND `email_verified` = 1';
 	}
 
-	$query = $db->query('SELECT `email` FROM `accounts` WHERE `email` != ""' . $add);
+	$query = Account::where('email', '!=', '')->get(['email']);
 	foreach ($query as $email) {
-		if (_mail($email['email'], $mail_subject, $mail_content)) {
+		if (_mail($email->email, $mail_subject, $mail_content)) {
 			$success++;
 		}
 		else {
 			$failed++;
 			echo '<br />';
-			error('An error occorred while sending email to <b>' . $email['email'] . '</b>. For Admin: More info can be found in system/logs/mailer-error.log');
+			error('An error occorred while sending email to <b>' . $email->email . '</b>. For Admin: More info can be found in system/logs/mailer-error.log');
 		}
 	}
 

admin/pages/mass_account.php

@@ -24,20 +24,13 @@ $freePremium = $config['lua']['freePremium'];
 
 function admin_give_points($points)
 {
-	global $db, $hasPointsColumn;
+	global $hasPointsColumn;
 
 	if (!$hasPointsColumn) {
 		displayMessage('Points not supported.');
 		return;
 	}
 
-
-	$statement = $db->prepare('UPDATE `accounts` SET `premium_points` = `premium_points` + :points');
-	if (!$statement) {
-		displayMessage('Failed to prepare query statement.');
-		return;
-	}
-
 	if (!Account::query()->increment('premium_points', $points)) {
 		displayMessage('Failed to add points.');
 		return;
@@ -47,7 +40,7 @@ function admin_give_points($points)
 
 function admin_give_coins($coins)
 {
-	global $db, $hasCoinsColumn;
+	global $hasCoinsColumn;
 
 	if (!$hasCoinsColumn) {
 		displayMessage('Coins not supported.');
@@ -62,24 +55,6 @@ function admin_give_coins($coins)
 	displayMessage($coins . ' coins added to all accounts.', true);
 }
 
-function query_add_premium($column, $value_query, $condition_query = '1=1', $params = [])
-{
-	global $db;
-
-	$statement = $db->prepare("UPDATE `accounts` SET `{$column}` = $value_query WHERE $condition_query");
-	if (!$statement) {
-		displayMessage('Failed to prepare query statement.');
-		return false;
-	}
-
-	if (!$statement->execute($params)) {
-		displayMessage('Failed to add premium days.');
-		return false;
-	}
-
-	return true;
-}
-
 function admin_give_premdays($days)
 {
 	global $db, $freePremium;
@@ -94,9 +69,9 @@ function admin_give_premdays($days)
 	// othire
 	if ($db->hasColumn('accounts', 'premend')) {
 		// append premend
-		if (query_add_premium('premend', '`premend` + :value', '`premend` > :now', ['value' => $value, 'now' => $now])) {
+		if (Account::where('premend', '>', $now)->increment('premend', $value)) {
 			// set premend
-			if (query_add_premium('premend', ':value', '`premend` <= :now', ['value' => $now + $value, 'now' => $now])) {
+			if (Account::where('premend', '<=', $now)->update(['premend' => $now + $value])) {
 				displayMessage($days . ' premium days added to all accounts.', true);
 				return;
 			} else {
@@ -114,11 +89,11 @@ function admin_give_premdays($days)
 	// tfs 0.x
 	if ($db->hasColumn('accounts', 'premdays')) {
 		// append premdays
-		if (query_add_premium('premdays', '`premdays` + :value', '1=1', ['value' => $days])) {
+		if (Account::query()->update(['premdays' => $days])) {
 			// append lastday
-			if (query_add_premium('lastday', '`lastday` + :value', '`lastday` > :now', ['value' => $value, 'now' => $now])) {
+			if (Account::where('lastday', '>', $now)->increment('lastday', $value)) {
 				// set lastday
-				if (query_add_premium('lastday', ':value', '`lastday` <= :now', ['value' => $now + $value, 'now' => $now])) {
+				if (Account::where('lastday', '<=', $now)->update(['lastday' => $now + $value])) {
 					displayMessage($days . ' premium days added to all accounts.', true);
 					return;
 				} else {
@@ -142,9 +117,9 @@ function admin_give_premdays($days)
 	// tfs 1.x
 	if ($db->hasColumn('accounts', 'premium_ends_at')) {
 		// append premium_ends_at
-		if (query_add_premium('premium_ends_at', '`premium_ends_at` + :value', '`premium_ends_at` > :now', ['value' => $value, 'now' => $now])) {
+		if (Account::where('premium_ends_at', '>', $now)->increment('premium_ends_at', $value)) {
 			// set premium_ends_at
-			if (query_add_premium('premium_ends_at', ':value', '`premium_ends_at` <= :now', ['value' => $now + $value, 'now' => $now])) {
+			if (Account::where('premium_ends_at', '<=', $now)->update(['premium_ends_at' => $now + $value])) {
 				displayMessage($days . ' premium days added to all accounts.', true);
 				return;
 			} else {

admin/pages/modules/created.php

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $accounts = 0;
 
 if ($db->hasColumn('accounts', 'created')) {
-	$accounts = Account::orderByDesc('created')->limit(10)->get(['created', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
+	$accounts = Account::orderByDesc('created')->limit(10)->get(['id', 'created'])->toArray();
 }
 
 $twig->display('created.html.twig', array(

admin/pages/modules/templates/created.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=accounts&id={{ result.id }}">{{ result.id }}</a></td>
 							<td>{{ result.created|date("M d Y, H:i:s") }}</td>
 						</tr>
 					{% endfor %}

admin/pages/news.php

@@ -26,7 +26,7 @@ if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
 
 header('X-XSS-Protection:0');
 
-// some constants, used mainly by database (cannot by modified without schema changes)
+// some constants, used mainly by database (cannot be modified without schema changes)
 const NEWS_TITLE_LIMIT = 100;
 const NEWS_BODY_LIMIT = 65535; // maximum news body length
 const ARTICLE_TEXT_LIMIT = 300;
@@ -136,9 +136,18 @@ if($action == 'edit' || $action == 'new') {
 
 $query = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news'));
 $newses = array();
+
+$cachePlayers = [];
 foreach ($query as $_news) {
+	$playerId = $_news['player_id'];
+	if (isset($cachePlayers[$playerId])) {
+		$_player = $cachePlayers[$playerId];
+	}
+	else {
 		$_player = new OTS_Player();
-	$_player->load($_news['player_id']);
+		$_player->load($playerId);
+		$cachePlayers[$playerId] = $_player;
+	}
 
 	$newses[$_news['type']][] = array(
 		'id' => $_news['id'],
@@ -147,7 +156,7 @@ foreach ($query as $_news) {
 		'title' => $_news['title'],
 		'date' => $_news['date'],
 		'player_name' => $_player->isLoaded() ? $_player->getName() : '',
-		'player_link' => $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
+		'player_link' => $_player->isLoaded() ? getPlayerLink($_player, false) : '',
 	);
 }
 

admin/pages/players.php

@@ -51,22 +51,20 @@ else if (isset($_REQUEST['search'])) {
 	if (strlen($search_player) < 3 && !Validator::number($search_player)) {
 		echo_error('Player name is too short.');
 	} else {
-		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($search_player));
-		if ($query->rowCount() == 1) {
-			$query = $query->fetch();
-			$id = (int)$query['id'];
+		$query = Player::where('name', 'like', '%' . $search_player . '%')->orderBy('name')->limit(11)->get(['id', 'name']);
+		if (count($query) == 0) {
+			echo_error('No entries found.');
+		} else if (count($query) == 1) {
+			$id = $query->first()->getKey();
+		} else if (count($query) > 10) {
+			echo_error('Specified name resulted with too many players.');
 		} else {
-			$query = $db->query('SELECT `id`, `name` FROM `players` WHERE `name` LIKE ' . $db->quote('%' . $search_player . '%'));
-			if ($query->rowCount() > 0 && $query->rowCount() <= 10) {
 			$str_construct = 'Do you mean?<ul>';
-				foreach ($query as $row)
-					$str_construct .= '<li><a href="' . $player_base . '&id=' . $row['id'] . '">' . $row['name'] . '</a></li>';
+			foreach ($query as $row) {
+				$str_construct .= '<li><a href="' . $player_base . '&id=' . $row->getKey() . '">' . $row->name . '</a></li>';
+			}
 			$str_construct .= '</ul>';
 			echo_error($str_construct);
-			} else if ($query->rowCount() > 10)
-				echo_error('Specified name resulted with too many players.');
-			else
-				echo_error('No entries found.');
 		}
 	}
 }
@@ -307,7 +305,7 @@ else if (isset($_REQUEST['search'])) {
 			}
 		}
 	} else if ($id == 0) {
-		$players_db = $db->query('SELECT `id`, `name`, `level` FROM `players` ORDER BY `id` asc');
+		$players_db = Player::orderBy('id')->get(['id','name', 'level']);
 		?>
 		<div class="col-12 col-sm-12 col-lg-10">
 			<div class="card card-info card-outline">
@@ -327,11 +325,11 @@ else if (isset($_REQUEST['search'])) {
 						<tbody>
 						<?php foreach ($players_db as $player_db): ?>
 							<tr>
-								<th><?php echo $player_db['id']; ?></th>
-								<td><?php echo $player_db['name']; ?></a></td>
-								<td><?php echo $player_db['level']; ?></a></td>
+								<th><?php echo $player_db->id; ?></th>
+								<td><?php echo $player_db->name; ?></a></td>
+								<td><?php echo $player_db->level; ?></a></td>
 
-								<td><a href="?p=players&id=<?php echo $player_db['id']; ?>" class="btn btn-success btn-sm" title="Edit">
+								<td><a href="?p=players&id=<?php echo $player_db->id; ?>" class="btn btn-success btn-sm" title="Edit">
 										<i class="fas fa-pencil-alt"></i>
 									</a>
 								</td>

admin/pages/plugins.php

@@ -21,7 +21,13 @@ if (!getBoolean(setting('core.admin_plugins_manage_enable'))) {
 	warning('Plugin installation and management is disabled in Settings.<br/>If you wish to enable, go to Settings and enable <strong>Enable Plugins Manage</strong>.');
 }
 else {
-	$twig->display('admin.plugins.form.html.twig');
+	$pluginUploadEnabled = true;
+	if(!\class_exists('\ZipArchive')) {
+		error('Please install PHP zip extension. Plugins upload disabled until then.');
+		$pluginUploadEnabled = false;
+	}
+
+	$twig->display('admin.plugins.form.html.twig', ['pluginUploadEnabled' => $pluginUploadEnabled]);
 
 	if (isset($_POST['uninstall'])) {
 		$uninstall = $_POST['uninstall'];

common.php

@@ -26,8 +26,8 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.0-RC';
-const DATABASE_VERSION = 40;
+const MYAAC_VERSION = '1.0-RC.2';
+const DATABASE_VERSION = 41;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));

composer.json

@@ -1,6 +1,6 @@
 {
     "require": {
-        "php": "^8.0",
+        "php": "^8.1",
         "ext-pdo": "*",
         "ext-pdo_mysql": "*",
         "ext-json": "*",
@@ -18,7 +18,7 @@
         "symfony/string": "^6.4",
         "symfony/var-dumper": "^6.4",
         "filp/whoops": "^2.15",
-        "maximebf/debugbar": "dev-master"
+        "maximebf/debugbar": "1.*"
     },
     "require-dev": {
         "phpstan/phpstan": "^1.10"

docker-compose.yml

@@ -0,0 +1,40 @@
+services:
+  web:
+    ports:
+      - 8001:80
+    build:
+      args:
+        user: www-data
+        uid: 33
+      context: ./
+      dockerfile: ./docker/Dockerfile
+    restart: unless-stopped
+    working_dir: /var/www/html
+    depends_on:
+      - db
+    #volumes:
+    #  - ./:/var/www/html
+
+  db:
+    image: mysql:8.0
+    restart: unless-stopped # always?
+    environment:
+      MYSQL_RANDOM_ROOT_PASSWORD: "yes"
+      MYSQL_DATABASE: myaac
+      #MYSQL_ROOT_PASSWORD: root
+      MYSQL_PASSWORD: myaac
+      MYSQL_USER: myaac
+    ports:
+      - 8003:3306
+    volumes:
+      - ./docker/tfs_schema.sql:/docker-entrypoint-initdb.d/tfs_schema.sql
+      - db:/var/lib/mysql
+
+  phpmyadmin:
+    image: phpmyadmin
+    restart: always
+    ports:
+      - 8002:80
+
+volumes:
+  db:

docker/Dockerfile

@@ -0,0 +1,56 @@
+FROM php:8.2-apache
+
+ARG APCU_VERSION=5.1.22
+
+# Arguments defined in docker-compose.yml
+ARG user
+ARG uid
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+    git \
+    curl \
+    libpng-dev \
+    libonig-dev \
+    libxml2-dev \
+    libzip-dev \
+    zip \
+    unzip \
+    nano \
+    vim
+
+RUN apt-get install -y nodejs npm
+
+# Clear cache
+RUN apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Install PHP extensions
+RUN docker-php-ext-install pdo pdo_mysql gd zip opcache
+RUN docker-php-ext-configure opcache --enable-opcache
+RUN pecl install apcu-${APCU_VERSION} && docker-php-ext-enable apcu
+
+# Get latest Composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+
+# Create system user to run Composer Commands
+#RUN useradd -G www-data,root -u $uid -d /home/$user $user
+RUN mkdir -p /home/$user/.composer && \
+    chown -R $user:$user /home/$user
+
+RUN chown -R www-data.www-data /var/www
+
+USER $user
+
+WORKDIR /home/$user
+RUN git clone https://github.com/otland/forgottenserver.git
+
+COPY --chown=www-data:www-data docker/config.lua /home/$user/forgottenserver
+COPY --chown=www-data:www-data docker/config.local.php /var/www/html
+
+#WORKDIR /home/$user/forgottenserver
+
+WORKDIR /var/www/html
+
+COPY --chown=www-data:www-data . .
+RUN composer install
+RUN npm install

docker/config.local.php

@@ -0,0 +1,4 @@
+<?php
+$config['installed'] = false;
+$config['server_path'] = '/home/www-data/forgottenserver';
+$config['install_ignore_ip_check'] = true;

docker/config.lua

@@ -0,0 +1,12 @@
+serverName = "Forgotten"
+mysqlHost = "db"
+mysqlUser = "myaac"
+mysqlPass = "myaac"
+mysqlDatabase = "myaac"
+mysqlPort = 3306
+mysqlSock = ""
+
+ip = "192.168.176.1"
+statusPort = 7171
+statusTimeout = 2000
+

docker/tfs_schema.sql

@@ -0,0 +1,384 @@
+CREATE TABLE IF NOT EXISTS `accounts` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(32) NOT NULL,
+  `password` char(40) NOT NULL,
+  `secret` char(16) DEFAULT NULL,
+  `type` int NOT NULL DEFAULT '1',
+  `premium_ends_at` int unsigned NOT NULL DEFAULT '0',
+  `email` varchar(255) NOT NULL DEFAULT '',
+  `creation` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `players` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `group_id` int NOT NULL DEFAULT '1',
+  `account_id` int NOT NULL DEFAULT '0',
+  `level` int NOT NULL DEFAULT '1',
+  `vocation` int NOT NULL DEFAULT '0',
+  `health` int NOT NULL DEFAULT '150',
+  `healthmax` int NOT NULL DEFAULT '150',
+  `experience` bigint unsigned NOT NULL DEFAULT '0',
+  `lookbody` int NOT NULL DEFAULT '0',
+  `lookfeet` int NOT NULL DEFAULT '0',
+  `lookhead` int NOT NULL DEFAULT '0',
+  `looklegs` int NOT NULL DEFAULT '0',
+  `looktype` int NOT NULL DEFAULT '136',
+  `lookaddons` int NOT NULL DEFAULT '0',
+  `lookmount` int NOT NULL DEFAULT '0',
+  `lookmounthead` int NOT NULL DEFAULT '0',
+  `lookmountbody` int NOT NULL DEFAULT '0',
+  `lookmountlegs` int NOT NULL DEFAULT '0',
+  `lookmountfeet` int NOT NULL DEFAULT '0',
+  `randomizemount` tinyint NOT NULL DEFAULT '0',
+  `direction` tinyint unsigned NOT NULL DEFAULT '2',
+  `maglevel` int NOT NULL DEFAULT '0',
+  `mana` int NOT NULL DEFAULT '0',
+  `manamax` int NOT NULL DEFAULT '0',
+  `manaspent` bigint unsigned NOT NULL DEFAULT '0',
+  `soul` int unsigned NOT NULL DEFAULT '0',
+  `town_id` int NOT NULL DEFAULT '1',
+  `posx` int NOT NULL DEFAULT '0',
+  `posy` int NOT NULL DEFAULT '0',
+  `posz` int NOT NULL DEFAULT '0',
+  `conditions` blob DEFAULT NULL,
+  `cap` int NOT NULL DEFAULT '400',
+  `sex` int NOT NULL DEFAULT '0',
+  `lastlogin` bigint unsigned NOT NULL DEFAULT '0',
+  `lastip` varbinary(16) NOT NULL DEFAULT '0',
+  `save` tinyint NOT NULL DEFAULT '1',
+  `skull` tinyint NOT NULL DEFAULT '0',
+  `skulltime` bigint NOT NULL DEFAULT '0',
+  `lastlogout` bigint unsigned NOT NULL DEFAULT '0',
+  `blessings` tinyint NOT NULL DEFAULT '0',
+  `onlinetime` bigint NOT NULL DEFAULT '0',
+  `deletion` bigint NOT NULL DEFAULT '0',
+  `balance` bigint unsigned NOT NULL DEFAULT '0',
+  `offlinetraining_time` smallint unsigned NOT NULL DEFAULT '43200',
+  `offlinetraining_skill` int NOT NULL DEFAULT '-1',
+  `stamina` smallint unsigned NOT NULL DEFAULT '2520',
+  `skill_fist` int unsigned NOT NULL DEFAULT 10,
+  `skill_fist_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_club` int unsigned NOT NULL DEFAULT 10,
+  `skill_club_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_sword` int unsigned NOT NULL DEFAULT 10,
+  `skill_sword_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_axe` int unsigned NOT NULL DEFAULT 10,
+  `skill_axe_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_dist` int unsigned NOT NULL DEFAULT 10,
+  `skill_dist_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_shielding` int unsigned NOT NULL DEFAULT 10,
+  `skill_shielding_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_fishing` int unsigned NOT NULL DEFAULT 10,
+  `skill_fishing_tries` bigint unsigned NOT NULL DEFAULT 0,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE,
+  KEY `vocation` (`vocation`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_bans` (
+  `account_id` int NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `banned_at` bigint NOT NULL,
+  `expires_at` bigint NOT NULL,
+  `banned_by` int NOT NULL,
+  PRIMARY KEY (`account_id`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`banned_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_ban_history` (
+  `id` int unsigned NOT NULL AUTO_INCREMENT,
+  `account_id` int NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `banned_at` bigint NOT NULL,
+  `expired_at` bigint NOT NULL,
+  `banned_by` int NOT NULL,
+  PRIMARY KEY (`id`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`banned_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_storage` (
+  `account_id` int NOT NULL,
+  `key` int unsigned NOT NULL,
+  `value` int NOT NULL,
+  PRIMARY KEY (`account_id`, `key`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `ip_bans` (
+  `ip` varbinary(16) NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `banned_at` bigint NOT NULL,
+  `expires_at` bigint NOT NULL,
+  `banned_by` int NOT NULL,
+  PRIMARY KEY (`ip`),
+  FOREIGN KEY (`banned_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_namelocks` (
+  `player_id` int NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `namelocked_at` bigint NOT NULL,
+  `namelocked_by` int NOT NULL,
+  PRIMARY KEY (`player_id`),
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`namelocked_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_viplist` (
+  `account_id` int NOT NULL COMMENT 'id of account whose viplist entry it is',
+  `player_id` int NOT NULL COMMENT 'id of target player of viplist entry',
+  `description` varchar(128) NOT NULL DEFAULT '',
+  `icon` tinyint unsigned NOT NULL DEFAULT '0',
+  `notify` tinyint NOT NULL DEFAULT '0',
+  UNIQUE KEY `account_player_index` (`account_id`,`player_id`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE,
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guilds` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `ownerid` int NOT NULL,
+  `creationdata` int NOT NULL,
+  `motd` varchar(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY (`name`),
+  UNIQUE KEY (`ownerid`),
+  FOREIGN KEY (`ownerid`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_invites` (
+  `player_id` int NOT NULL DEFAULT '0',
+  `guild_id` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`player_id`,`guild_id`),
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE,
+  FOREIGN KEY (`guild_id`) REFERENCES `guilds` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_ranks` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `guild_id` int NOT NULL COMMENT 'guild',
+  `name` varchar(255) NOT NULL COMMENT 'rank name',
+  `level` int NOT NULL COMMENT 'rank level - leader, vice, member, maybe something else',
+  PRIMARY KEY (`id`),
+  FOREIGN KEY (`guild_id`) REFERENCES `guilds` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_membership` (
+  `player_id` int NOT NULL,
+  `guild_id` int NOT NULL,
+  `rank_id` int NOT NULL,
+  `nick` varchar(15) NOT NULL DEFAULT '',
+  PRIMARY KEY (`player_id`),
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`guild_id`) REFERENCES `guilds` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`rank_id`) REFERENCES `guild_ranks` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_wars` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `guild1` int NOT NULL DEFAULT '0',
+  `guild2` int NOT NULL DEFAULT '0',
+  `name1` varchar(255) NOT NULL,
+  `name2` varchar(255) NOT NULL,
+  `status` tinyint NOT NULL DEFAULT '0',
+  `started` bigint NOT NULL DEFAULT '0',
+  `ended` bigint NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  KEY `guild1` (`guild1`),
+  KEY `guild2` (`guild2`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guildwar_kills` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `killer` varchar(50) NOT NULL,
+  `target` varchar(50) NOT NULL,
+  `killerguild` int NOT NULL DEFAULT '0',
+  `targetguild` int NOT NULL DEFAULT '0',
+  `warid` int NOT NULL DEFAULT '0',
+  `time` bigint NOT NULL,
+  PRIMARY KEY (`id`),
+  FOREIGN KEY (`warid`) REFERENCES `guild_wars` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `houses` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `owner` int NOT NULL,
+  `paid` int unsigned NOT NULL DEFAULT '0',
+  `warnings` int NOT NULL DEFAULT '0',
+  `name` varchar(255) NOT NULL,
+  `rent` int NOT NULL DEFAULT '0',
+  `town_id` int NOT NULL DEFAULT '0',
+  `bid` int NOT NULL DEFAULT '0',
+  `bid_end` int NOT NULL DEFAULT '0',
+  `last_bid` int NOT NULL DEFAULT '0',
+  `highest_bidder` int NOT NULL DEFAULT '0',
+  `size` int NOT NULL DEFAULT '0',
+  `beds` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  KEY `owner` (`owner`),
+  KEY `town_id` (`town_id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `house_lists` (
+  `house_id` int NOT NULL,
+  `listid` int NOT NULL,
+  `list` text NOT NULL,
+  FOREIGN KEY (`house_id`) REFERENCES `houses` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `market_history` (
+  `id` int unsigned NOT NULL AUTO_INCREMENT,
+  `player_id` int NOT NULL,
+  `sale` tinyint NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `amount` smallint unsigned NOT NULL,
+  `price` bigint unsigned NOT NULL DEFAULT '0',
+  `expires_at` bigint unsigned NOT NULL,
+  `inserted` bigint unsigned NOT NULL,
+  `state` tinyint unsigned NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `player_id` (`player_id`, `sale`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `market_offers` (
+  `id` int unsigned NOT NULL AUTO_INCREMENT,
+  `player_id` int NOT NULL,
+  `sale` tinyint NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `amount` smallint unsigned NOT NULL,
+  `created` bigint unsigned NOT NULL,
+  `anonymous` tinyint NOT NULL DEFAULT '0',
+  `price` bigint unsigned NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  KEY `sale` (`sale`,`itemtype`),
+  KEY `created` (`created`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `players_online` (
+  `player_id` int NOT NULL,
+  PRIMARY KEY (`player_id`)
+) ENGINE=MEMORY DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_deaths` (
+  `player_id` int NOT NULL,
+  `time` bigint unsigned NOT NULL DEFAULT '0',
+  `level` int NOT NULL DEFAULT '1',
+  `killed_by` varchar(255) NOT NULL,
+  `is_player` tinyint NOT NULL DEFAULT '1',
+  `mostdamage_by` varchar(100) NOT NULL,
+  `mostdamage_is_player` tinyint NOT NULL DEFAULT '0',
+  `unjustified` tinyint NOT NULL DEFAULT '0',
+  `mostdamage_unjustified` tinyint NOT NULL DEFAULT '0',
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE,
+  KEY `killed_by` (`killed_by`),
+  KEY `mostdamage_by` (`mostdamage_by`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_depotitems` (
+  `player_id` int NOT NULL,
+  `sid` int NOT NULL COMMENT 'any given range eg 0-100 will be reserved for depot lockers and all > 100 will be then normal items inside depots',
+  `pid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  UNIQUE KEY `player_id_2` (`player_id`, `sid`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_inboxitems` (
+  `player_id` int NOT NULL,
+  `sid` int NOT NULL,
+  `pid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  UNIQUE KEY `player_id_2` (`player_id`, `sid`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_storeinboxitems` (
+  `player_id` int NOT NULL,
+  `sid` int NOT NULL,
+  `pid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  UNIQUE KEY `player_id_2` (`player_id`, `sid`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_items` (
+  `player_id` int NOT NULL DEFAULT '0',
+  `pid` int NOT NULL DEFAULT '0',
+  `sid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL DEFAULT '0',
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE,
+  KEY `sid` (`sid`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_spells` (
+  `player_id` int NOT NULL,
+  `name` varchar(255) NOT NULL,
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_storage` (
+  `player_id` int NOT NULL DEFAULT '0',
+  `key` int unsigned NOT NULL DEFAULT '0',
+  `value` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`player_id`,`key`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `server_config` (
+  `config` varchar(50) NOT NULL,
+  `value` varchar(256) NOT NULL DEFAULT '',
+  PRIMARY KEY `config` (`config`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `tile_store` (
+  `house_id` int NOT NULL,
+  `data` longblob NOT NULL,
+  FOREIGN KEY (`house_id`) REFERENCES `houses` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `towns` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `posx` int NOT NULL DEFAULT '0',
+  `posy` int NOT NULL DEFAULT '0',
+  `posz` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+INSERT INTO `server_config` (`config`, `value`) VALUES ('db_version', '35'), ('players_record', '0');
+
+DROP TRIGGER IF EXISTS `ondelete_players`;
+DROP TRIGGER IF EXISTS `oncreate_guilds`;
+
+DELIMITER //
+CREATE TRIGGER `ondelete_players` BEFORE DELETE ON `players`
+ FOR EACH ROW BEGIN
+    UPDATE `houses` SET `owner` = 0 WHERE `owner` = OLD.`id`;
+END
+//
+CREATE TRIGGER `oncreate_guilds` AFTER INSERT ON `guilds`
+ FOR EACH ROW BEGIN
+    INSERT INTO `guild_ranks` (`name`, `level`, `guild_id`) VALUES ('the Leader', 3, NEW.`id`);
+    INSERT INTO `guild_ranks` (`name`, `level`, `guild_id`) VALUES ('a Vice-Leader', 2, NEW.`id`);
+    INSERT INTO `guild_ranks` (`name`, `level`, `guild_id`) VALUES ('a Member', 1, NEW.`id`);
+END
+//
+DELIMITER ;

install/includes/schema.sql

@@ -1,4 +1,4 @@
-SET @myaac_database_version = 40;
+SET @myaac_database_version = 41;
 
 CREATE TABLE `myaac_account_actions`
 (
@@ -8,7 +8,7 @@ CREATE TABLE `myaac_account_actions`
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`action` VARCHAR(255) NOT NULL DEFAULT '',
 	KEY (`account_id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_admin_menu`
 (
@@ -19,22 +19,7 @@ CREATE TABLE `myaac_admin_menu`
 	`flags` INT(11) NOT NULL DEFAULT 0,
 	`enabled` INT(1) NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-
-CREATE TABLE `myaac_bugtracker`
-(
-	`account` VARCHAR(255) NOT NULL,
-	`type` INT(11) NOT NULL DEFAULT 0,
-	`status` INT(11) NOT NULL DEFAULT 0,
-	`text` text NOT NULL,
-	`id` INT(11) NOT NULL DEFAULT 0,
-	`subject` VARCHAR(255) NOT NULL DEFAULT '',
-	`reply` INT(11) NOT NULL DEFAULT 0,
-	`who` INT(11) NOT NULL DEFAULT 0,
-	`uid` INT(11) NOT NULL AUTO_INCREMENT,
-	`tag` INT(11) NOT NULL DEFAULT 0,
-	PRIMARY KEY (`uid`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_changelog`
 (
@@ -46,7 +31,7 @@ CREATE TABLE `myaac_changelog`
 	`player_id` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
 
@@ -57,7 +42,7 @@ CREATE TABLE `myaac_config`
 	`value` VARCHAR(1000) NOT NULL,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_config` (`name`, `value`) VALUES ('database_version', @myaac_database_version);
 
@@ -69,7 +54,7 @@ CREATE TABLE `myaac_faq`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_forum_boards`
 (
@@ -82,7 +67,7 @@ CREATE TABLE `myaac_forum_boards`
 	`closed` TINYINT(1) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Trade', 'Trade offers.', 1);
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Quests', 'Quest making.', 2);
@@ -111,7 +96,7 @@ CREATE TABLE `myaac_forum`
 	`closed` tinyint(1) NOT NULL DEFAULT '0',
 	PRIMARY KEY (`id`),
 	KEY `section` (`section`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_menu`
 (
@@ -125,7 +110,7 @@ CREATE TABLE `myaac_menu`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`enabled` INT(1) NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_monsters` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
@@ -158,7 +143,7 @@ CREATE TABLE `myaac_monsters` (
 	`loot` text NOT NULL,
 	`summons` TEXT NOT NULL,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news`
 (
@@ -176,7 +161,7 @@ CREATE TABLE `myaac_news`
 	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news_categories`
 (
@@ -186,7 +171,7 @@ CREATE TABLE `myaac_news_categories`
 	`icon_id` INT(2) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 0);
 INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 1);
@@ -202,7 +187,7 @@ CREATE TABLE `myaac_notepad`
 	`content` TEXT NOT NULL,
 	/*`public` TINYINT(1) NOT NULL DEFAULT 0*/
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_pages`
 (
@@ -218,7 +203,7 @@ CREATE TABLE `myaac_pages`
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_gallery`
 (
@@ -230,7 +215,7 @@ CREATE TABLE `myaac_gallery`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_gallery` (`id`, `ordering`, `comment`, `image`, `thumb`, `author`) VALUES (NULL, 1, 'Demon', 'images/gallery/demon.jpg', 'images/gallery/demon_thumb.gif', 'MyAAC');
 
@@ -242,7 +227,7 @@ CREATE TABLE `myaac_settings`
 	`value` TEXT NOT NULL,
 	PRIMARY KEY (`id`),
 	KEY `key` (`key`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_spells`
 (
@@ -265,7 +250,7 @@ CREATE TABLE `myaac_spells`
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_visitors`
 (
@@ -274,7 +259,7 @@ CREATE TABLE `myaac_visitors`
 	`page` VARCHAR(2048) NOT NULL,
 	`user_agent` VARCHAR(255) NOT NULL DEFAULT '',
 	UNIQUE (`ip`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_weapons`
 (
@@ -283,4 +268,4 @@ CREATE TABLE `myaac_weapons`
 	`maglevel` INT(11) NOT NULL DEFAULT 0,
 	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

install/index.php

@@ -114,7 +114,7 @@ else if($step == 'finish') {
 	$email = $_SESSION['var_email'];
 	$password = $_SESSION['var_password'];
 	$password_confirm = $_SESSION['var_password_confirm'];
-	$player_name = $_SESSION['var_player_name'];
+	$player_name = $_SESSION['var_player_name'] ?? null;
 
 	// email check
 	if(empty($email)) {
@@ -125,18 +125,7 @@ else if($step == 'finish') {
 	}
 
 	// account check
-	if(isset($_SESSION['var_account'])) {
-		if(empty($_SESSION['var_account'])) {
-			$errors[] = $locale['step_admin_account_error_empty'];
-		}
-		else if(!Validator::accountName($_SESSION['var_account'])) {
-			$errors[] = $locale['step_admin_account_error_format'];
-		}
-		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
-			$errors[] = $locale['step_admin_account_error_same'];
-		}
-	}
-	else if(isset($_SESSION['var_account_id'])) {
+	if(isset($_SESSION['var_account_id'])) {
 		if(empty($_SESSION['var_account_id'])) {
 			$errors[] = $locale['step_admin_account_id_error_empty'];
 		}
@@ -147,6 +136,17 @@ else if($step == 'finish') {
 			$errors[] = $locale['step_admin_account_id_error_same'];
 		}
 	}
+	else if(isset($_SESSION['var_account'])) {
+		if(empty($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_empty'];
+		}
+		else if(!Validator::accountName($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_format'];
+		}
+		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
+			$errors[] = $locale['step_admin_account_error_same'];
+		}
+	}
 
 	// password check
 	if(empty($password)) {
@@ -159,13 +159,14 @@ else if($step == 'finish') {
 		$errors[] = $locale['step_admin_password_confirm_error_not_same'];
 	}
 
+	if (isset($player_name)) {
 		// player name check
 		if (empty($player_name)) {
 			$errors[] = $locale['step_admin_player_name_error_empty'];
-	}
-	else if(!Validator::characterName($player_name)) {
+		} else if (!Validator::characterName($player_name)) {
 			$errors[] = $locale['step_admin_player_name_error_format'];
 		}
+	}
 
 	if(!empty($errors)) {
 		$step = 'admin';
@@ -182,23 +183,23 @@ clearstatcache();
 if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
 	if(!file_exists(BASE . 'install/ip.txt')) {
 		$content = warning('AAC installation is disabled. To enable it make file <b>ip.txt</b> in install/ directory and put there your IP.<br/>
-		Your IP is:<br /><b>' . $_SERVER['REMOTE_ADDR'] . '</b>', true);
+		Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 	}
 	else {
 		$file_content = trim(file_get_contents(BASE . 'install/ip.txt'));
 		$allow = false;
 		$listIP = preg_split('/\s+/', $file_content);
 		foreach($listIP as $ip) {
-			if($_SERVER['REMOTE_ADDR'] == $ip) {
+			if(get_browser_real_ip() == $ip) {
 				$allow = true;
 			}
 		}
 
-		if(!$allow)
+		if(!$allow && !config('install_ignore_ip_check'))
 		{
 			$content = warning('In file <b>install/ip.txt</b> must be your IP!<br/>
 			In file is:<br /><b>' . nl2br($file_content) . '</b><br/>
-			Your IP is:<br /><b>' . $_SERVER['REMOTE_ADDR'] . '</b>', true);
+			Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 		}
 		else {
 			ob_start();

install/steps/4-config.php

@@ -11,6 +11,7 @@ foreach($config['clients'] as $client) {
 }
 
 $twig->display('install.config.html.twig', array(
+	'config' => $config,
 	'clients' => $clients,
 	'timezones' => DateTimeZone::listIdentifiers(),
 	'locale' => $locale,

install/steps/5-database.php

@@ -40,6 +40,10 @@ if(!$error) {
 	$configToSave['gzip_output'] = false;
 	$configToSave['cache_engine'] = 'auto';
 	$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
+	$configToSave['database_auto_migrate'] = true;
+	if (isset($config['install_ignore_ip_check'])) {
+		$configToSave['install_ignore_ip_check'] = $config['install_ignore_ip_check'];
+	}
 
 	if(!$error) {
 		$content = '';
@@ -64,18 +68,6 @@ if(!$error) {
 						$error = true;
 					}
 
-					if (!$db->hasTable('players')) {
-						$tmp = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
-						error($tmp);
-						$error = true;
-					}
-
-					if (!$db->hasTable('guilds')) {
-						$tmp = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
-						error($tmp);
-						$error = true;
-					}
-
 					if (!$error) {
 						$twig->display('install.installer.html.twig', array(
 							'url' => 'tools/5-database.php',
@@ -88,7 +80,7 @@ if(!$error) {
 			$_SESSION['config_content'] = $content;
 			unset($_SESSION['saved']);
 
-			$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.php</b>', $locale['step_database_error_file']);
+					$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.local.php</b>', $locale['step_database_error_file']);
 			error($locale['step_database_error_file'] . '<br/>
 				<textarea cols="70" rows="10">' . $content . '</textarea>');
 		}

install/steps/6-admin.php

@@ -18,6 +18,7 @@ if(!$error) {
 		'locale' => $locale,
 		'session' => $_SESSION,
 		'account' => $account,
+		'hasTablePlayers' => $db->hasTable('players'),
 		'errors' => isset($errors) ? $errors : null,
 		'buttons' => next_buttons(true, $error ? false : true)
 	));

install/steps/7-finish.php

@@ -42,6 +42,7 @@ if(isset($account))
 else
 	$account_db->load($account_id);
 
+if ($db->hasTable('players')) {
 	$player_name = $_SESSION['var_player_name'];
 	$player_db = new OTS_Player();
 	$player_db->find($player_name);
@@ -59,6 +60,7 @@ else {
 
 	$groups = new OTS_Groups_List();
 	$player_used->setGroupId($groups->getHighestId());
+}
 
 $email = $_SESSION['var_email'];
 if($account_db->isLoaded()) {
@@ -100,10 +102,16 @@ if($db->hasColumn('accounts', 'group_id'))
 if($db->hasColumn('accounts', 'type'))
 	$account_used->setCustomField('type', 6);
 
-if(!$player_db->isLoaded())
+if ($db->hasTable('players')) {
+	if(!$player_db->isLoaded()) {
 		$player->setAccountId($account_used->getId());
-else
+		$player->save();
+	}
+	else {
 		$player_db->setAccountId($account_used->getId());
+		$player_db->save();
+	}
+}
 
 success($locale['step_database_created_account']);
 
@@ -111,19 +119,15 @@ setSession('account', $account_used->getId());
 setSession('password', encrypt($password));
 setSession('remember_me', true);
 
-if($player_db->isLoaded()) {
-	$player_db->save();
-}
-else {
-	$player->save();
-}
-
 if(!News::all()->count()) {
 	$player_id = 0;
+
+	if ($db->hasTable('players')) {
 		$tmpNewsPlayer = \MyAAC\Models\Player::where('name', $player_name)->first();
 		if($tmpNewsPlayer) {
 			$player_id = $tmpNewsPlayer->id;
 		}
+	}
 
 	News::create([
 		'type' => 1,

install/tools/7-finish.php

@@ -25,12 +25,14 @@ if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['save
 
 require SYSTEM . 'init.php';
 
+if ($db->hasTable('players')) {
 	$deleted = 'deleted';
 	if ($db->hasColumn('players', 'deletion'))
 		$deleted = 'deletion';
 
 	$time = time();
-function insert_sample_if_not_exist($p) {
+	function insert_sample_if_not_exist($p)
+	{
 		global $db, $success, $deleted, $time;
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($p['name']));
@@ -50,6 +52,7 @@ insert_sample_if_not_exist(array('name' => 'Knight Sample', 'level' => 8, 'vocat
 	if ($success) {
 		success($locale['step_database_imported_players']);
 	}
+}
 
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
@@ -59,16 +62,21 @@ DataLoader::load();
 
 // update config.highscores_ids_hidden
 require_once SYSTEM . 'migrations/20.php';
+$up();
 
 // add z_polls tables
 require_once SYSTEM . 'migrations/22.php';
+$up();
 
 // add myaac_pages pages
 require_once SYSTEM . 'migrations/27.php';
+$up();
 require_once SYSTEM . 'migrations/30.php';
+$up();
 
 // new monster columns
 require_once SYSTEM . 'migrations/31.php';
+$up();
 
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([

login.php

@@ -4,6 +4,7 @@ use MyAAC\Models\BoostedCreature;
 use MyAAC\Models\PlayerOnline;
 use MyAAC\Models\Account;
 use MyAAC\Models\Player;
+use MyAAC\RateLimit;
 
 require_once 'common.php';
 require_once SYSTEM . 'functions.php';
@@ -130,12 +131,29 @@ switch ($action) {
 		}
 
 		$account = $account->first();
+
+		$ip = get_browser_real_ip();
+		$limiter = new RateLimit('failed_logins', setting('core.account_login_attempts_limit'), setting('core.account_login_ban_time'));
+		$limiter->enabled = setting('core.account_login_ipban_protection');
+		$limiter->load();
+
+		$ban_msg = 'A wrong account, password or secret has been entered ' . setting('core.account_login_attempts_limit') . ' times in a row. You are unable to log into your account for the next ' . setting('core.account_login_ban_time') . ' minutes. Please wait.';
 		if (!$account) {
+			$limiter->increment($ip);
+			if ($limiter->exceeded($ip)) {
+				sendError($ban_msg);
+			}
+			
 			sendError(($inputEmail != false ? 'Email' : 'Account name') . ' or password is not correct.');
 		}
 
 		$current_password = encrypt((USE_ACCOUNT_SALT ? $account->salt : '') . $request->password);
 		if (!$account || $account->password != $current_password) {
+			$limiter->increment($ip);
+			if ($limiter->exceeded($ip)) {
+				sendError($ban_msg);
+			}
+
 			sendError(($inputEmail != false ? 'Email' : 'Account name') . ' or password is not correct.');
 		}
 
@@ -145,16 +163,30 @@ switch ($action) {
 			if ($accountSecret != null && $accountSecret != '') {
 				$accountHasSecret = true;
 				if ($inputToken === false) {
+					$limiter->increment($ip);
+					if ($limiter->exceeded($ip)) {
+						sendError($ban_msg);
+					}
 					sendError('Submit a valid two-factor authentication token.', 6);
 				} else {
 					require_once LIBS . 'rfc6238.php';
 					if (TokenAuth6238::verify($accountSecret, $inputToken) !== true) {
+						$limiter->increment($ip);
+						if ($limiter->exceeded($ip)) {
+							sendError($ban_msg);
+						}
+
 						sendError('Two-factor authentication failed, token is wrong.', 6);
 					}
 				}
 			}
 		}
 
+		$limiter->reset($ip);
+		if (setting('core.account_mail_verify') && $account->email_verified !== 1) {
+			sendError('You need to verify your account, enter in our site and resend verify e-mail!');
+		}
+
 		// common columns
 		$columns = 'id, name, level, sex, vocation, looktype, lookhead, lookbody, looklegs, lookfeet, lookaddons';
 

system/clients.conf.php

@@ -105,4 +105,8 @@ $config['clients'] = [
 	1316,
 	1320,
 	1321,
+	1322,
+	1330,
+	1332,
+	1340,
 ];

system/compat/classes.php

@@ -36,3 +36,5 @@ class Guild extends OTS_Guild {
 }
 class GuildRank extends OTS_GuildRank {}
 class House extends OTS_House {}
+
+class Cache extends \MyAAC\Cache\Cache {}

system/database.php

@@ -106,6 +106,7 @@ try {
 		'persistent' => @$config['database_persistent']
 	));
 
+	global $db;
 	$db = POT::getInstance()->getDBHandle();
 	$capsule = new Capsule;
 	$capsule->addConnection([

system/functions.php

@@ -89,6 +89,10 @@ function getForumBoardLink($board_id, $page = NULL): string {
 
 function getPlayerLink($name, $generate = true, bool $colored = false): string
 {
+	if (is_object($name) and $name instanceof OTS_Player) {
+		$player = $name;
+	}
+	else {
 		$player = new OTS_Player();
 
 		if(is_numeric($name)) {
@@ -97,6 +101,7 @@ function getPlayerLink($name, $generate = true, bool $colored = false): string
 		else {
 			$player->find($name);
 		}
+	}
 
 	if (!$player->isLoaded()) {
 		return '(error)';
@@ -1679,6 +1684,18 @@ function isRequestMethod(string $method): bool {
 	return strtolower($_SERVER['REQUEST_METHOD']) == strtolower($method);
 }
 
+function getAccountIdentityColumn(): string
+{
+	if (USE_ACCOUNT_NAME) {
+		return 'name';
+	}
+	elseif (USE_ACCOUNT_NUMBER) {
+		return 'number';
+	}
+
+	return 'id';
+}
+
 // validator functions
 require_once SYSTEM . 'compat/base.php';
 

system/init.php

@@ -12,11 +12,12 @@ use DebugBar\StandardDebugBar;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Hooks;
+use MyAAC\Models\Town;
 use MyAAC\Settings;
-use MyAAC\Towns;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
+global $config;
 if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
@@ -38,13 +39,15 @@ if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
 	$config['server_path'] .= '/';
 
 // enable gzip compression if supported by the browser
-if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false && function_exists('ob_gzhandler'))
+if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && str_contains($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('ob_gzhandler'))
 	ob_start('ob_gzhandler');
 
 // cache
+global $cache;
 $cache = Cache::getInstance();
 
 // event system
+global $hooks;
 $hooks = new Hooks();
 $hooks->load();
 
@@ -140,7 +143,10 @@ if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
 }
 
 // execute migrations
+$configDatabaseAutoMigrate = config('database_auto_migrate');
+if (!isset($configDatabaseAutoMigrate) || $configDatabaseAutoMigrate) {
 	require SYSTEM . 'migrate.php';
+}
 
 // settings
 $settings = Settings::getInstance();
@@ -155,6 +161,9 @@ if (!isset($token) || !$token) {
 // deprecated config values
 require_once SYSTEM . 'compat/config.php';
 
+// deprecated classes
+require_once SYSTEM . 'compat/classes.php';
+
 date_default_timezone_set(setting('core.date_timezone'));
 
 setting(
@@ -173,4 +182,17 @@ define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
 define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
 define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
 
-Towns::load();
+$towns = Cache::remember('towns', 10 * 60, function () use ($db) {
+	if ($db->hasTable('towns') && Town::count() > 0) {
+		return Town::orderBy('id', 'ASC')->pluck('name', 'id')->toArray();
+	}
+
+	return [];
+});
+
+if (count($towns) <= 0) {
+	$towns = setting('core.towns');
+}
+
+config(['towns', $towns]);
+unset($towns);

system/libs/pot/OTS_Base_DB.php

@@ -184,8 +184,14 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
 		$query = 'UPDATE '.$this->tableName($table).' SET ';
 
 		$count = count($fields);
-		for ($i = 0; $i < $count; $i++)
-			$query.= $this->fieldName($fields[$i]).' = '.$this->quote($values[$i]).', ';
+		for ($i = 0; $i < $count; $i++) {
+			$value = 'NULL';
+			if ($values[$i] !== null) {
+				$value = $this->quote($values[$i]);
+			}
+
+			$query.= $this->fieldName($fields[$i]).' = '.$value.', ';
+		}
 
 		$query = substr($query, 0, -2);
 		$query.=' WHERE (';
@@ -229,6 +235,30 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
 		$this->exec($query);
 		return true;
 	}
+
+	public function addColumn($table, $column, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' ADD ' . $this->fieldName($column) . ' ' . $definition . ';');
+	}
+
+	public function modifyColumn($table, $column, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' MODIFY ' . $this->fieldName($column) . ' ' . $definition . ';');
+	}
+
+	public function changeColumn($table, $from, $to, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' CHANGE ' . $this->fieldName($from) . ' ' . $this->fieldName($to) . ' ' . $definition . ';');
+	}
+
+	public function dropColumn($table, $column): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' DROP COLUMN ' . $this->fieldName($column) . ';');
+	}
+
+	public function renameTable($from, $to): void {
+		$this->exec('RENAME TABLE ' . $this->tableName($from) . ' TO ' . $this->tableName($to) . ';');
+	}
+
+	public function dropTable($table, $ifExists = true): void {
+		$this->exec('DROP TABLE ' . ($ifExists ? 'IF EXISTS' : '') . ' ' . $this->tableName($table) . ';');
+	}
 /**
  * LIMIT/OFFSET clause for queries.
  *

system/libs/pot/OTS_DB_MySQL.php

@@ -165,7 +165,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		}
 
 		if($this->logged) {
-			log_append('database.log', $_SERVER['REQUEST_URI'] . PHP_EOL . $this->getLog());
+			$currentScript = $_SERVER['REQUEST_URI'] ?? $_SERVER['SCRIPT_FILENAME'];
+			log_append('database.log', $currentScript . PHP_EOL . $this->getLog());
 		}
 	}
 

system/libs/pot/OTS_House.php

@@ -60,12 +60,7 @@ class OTS_House extends OTS_Row_DAO
     private $tiles = array();
 
 	public function load($id) {
-		$this->data = $this->db->query('SELECT * FROM `houses` WHERE `id` = ' . $id )->fetch();
-		foreach($this->data as $key => $value) {
-			if(is_numeric($key)) {
-				unset($this->data[$key]);
-			}
-		}
+		$this->data = $this->db->query('SELECT * FROM `houses` WHERE `id` = ' . $id )->fetch(PDO::FETCH_ASSOC);
 	}
 
     public function find($name)

system/locale/en/install.php

@@ -94,7 +94,7 @@ $locale['step_database_loaded_npcs'] = 'NPCs has been loaded...';
 $locale['step_database_error_npcs'] = 'There were some problems loading your NPCs';
 $locale['step_database_loaded_spells'] = 'Spells has been loaded...';
 $locale['step_database_loaded_towns'] = 'Towns has been loaded...';
-$locale['step_database_error_towns'] = 'There were some problems loading your towns. You will need to configure them manually in config.';
+$locale['step_database_error_towns'] = 'There were some problems loading your towns. You will need to configure them manually in Settings.';
 $locale['step_database_created_account'] = 'Created admin account...';
 $locale['step_database_created_news'] = 'Newses has been created...';
 

system/locale/pl/install.php

@@ -93,7 +93,7 @@ $locale['step_database_loaded_npcs'] = 'Załadowano NPCs...';
 $locale['step_database_error_npcs'] = 'Wystąpił problem podczas ładowania NPCs';
 $locale['step_database_loaded_spells'] = 'Załadowano czary (spells)...';
 $locale['step_database_loaded_towns'] = 'Załadowano miasta (towns)...';
-$locale['step_database_error_towns'] = 'Wystąpił problem podczas ładowania miast. Trzeba będzie je skonfigurować manualnie.';
+$locale['step_database_error_towns'] = 'Wystąpił problem podczas ładowania miast. Trzeba będzie je skonfigurować manualnie w ustawieniach.';
 $locale['step_database_created_account'] = 'Utworzono konto admina...';
 $locale['step_database_created_news'] = 'Utworzono newsy...';
 

system/migrate.php

@@ -17,6 +17,12 @@ if(fetchDatabaseConfig('database_version', $tmp)) { // we got version
 		$db->revalidateCache();
 		for($i = $tmp + 1; $i <= DATABASE_VERSION; $i++) {
 			require SYSTEM . 'migrations/' . $i . '.php';
+
+			if (isset($up)) {
+				$up();
+				unset($up);
+			}
+
 			updateDatabaseConfig('database_version', $i);
 		}
 	}
@@ -26,6 +32,12 @@ else { // register first version
 	$db->revalidateCache();
 	for($i = 1; $i <= DATABASE_VERSION; $i++) {
 		require SYSTEM . 'migrations/' . $i . '.php';
+
+		if (isset($up)) {
+			$up();
+			unset($up);
+		}
+
 		updateDatabaseConfig('database_version', $i);
 	}
 }

system/migrations/1-hooks.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/1.php

@@ -1,16 +1,16 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';");
-	$db->query("
-	CREATE TABLE `myaac_hooks`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(30) NOT NULL DEFAULT '',
-	`type` INT(2) NOT NULL DEFAULT 0,
-	`file` VARCHAR(100) NOT NULL,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-?>
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'date', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'action', "VARCHAR(255) NOT NULL DEFAULT ''");
+
+	$db->query(file_get_contents(__DIR__ . '/1-hooks.sql'));
+};
+
+$down = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'hooks');
+};

system/migrations/10-admin_menu.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `myaac_admin_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(255) NOT NULL DEFAULT '',
+	`page` VARCHAR(255) NOT NULL DEFAULT '',
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`flags` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/10.php

@@ -1,17 +1,24 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "hooks` ADD `ordering` INT(11) NOT NULL DEFAULT 0 AFTER `file`;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-	if(!$db->hasTable(TABLE_PREFIX . 'admin_menu'))
-		$db->query("
-CREATE TABLE `myaac_admin_menu`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(255) NOT NULL DEFAULT '',
-	`page` VARCHAR(255) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`flags` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering')) {
+		$db->addColumn(TABLE_PREFIX . 'hooks', 'ordering', "INT(11) NOT NULL DEFAULT 0 AFTER `file`");
+	}
+
+	if (!$db->hasTable(TABLE_PREFIX . 'admin_menu')) {
+		$db->query(file_get_contents(__DIR__ . '/10-admin_menu.sql'));
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering')) {
+		$db->dropColumn(TABLE_PREFIX . 'hooks', 'ordering');
+	}
+
+	if ($db->hasTable(TABLE_PREFIX . 'admin_menu')) {
+		$db->dropTable(TABLE_PREFIX . 'admin_menu');
+	}
+};

system/migrations/11.php

@@ -1,8 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
 	// rename database tables
-	$db->query("RENAME TABLE
-		" . TABLE_PREFIX . "screenshots TO " . TABLE_PREFIX . "gallery,
-		" . TABLE_PREFIX . "movies TO " . TABLE_PREFIX . "videos;");
+	$db->renameTable(TABLE_PREFIX . 'screenshots', TABLE_PREFIX . 'gallery');
+	$db->renameTable(TABLE_PREFIX . 'movies', TABLE_PREFIX . 'videos');
 
 	// rename images dir
 	if (file_exists(BASE . 'images/screenshots') && !file_exists(BASE . GALLERY_DIR)) {
@@ -17,3 +21,24 @@
 			'thumb' => str_replace('/screenshots/', '/gallery/', $item['thumb']),
 		), array('id' => $item['id']));
 	}
+};
+
+$down = function () use ($db) {
+	// rename database tables
+	$db->renameTable(TABLE_PREFIX . 'gallery', TABLE_PREFIX . 'screenshots');
+	$db->renameTable(TABLE_PREFIX . 'videos', TABLE_PREFIX . 'movies');
+
+	// rename images dir
+	if (file_exists(BASE . GALLERY_DIR) && !file_exists(BASE . 'images/screenshots')) {
+		rename(BASE . GALLERY_DIR, BASE . 'images/screenshots');
+	}
+
+	// convert new database gallery images to screenshots
+	$query = $db->query('SELECT `id`, `image`, `thumb` FROM `' . TABLE_PREFIX . 'screenshots`;');
+	foreach ($query->fetchAll() as $item) {
+		$db->update(TABLE_PREFIX . 'screenshots', [
+			'image' => str_replace('/gallery/', '/screenshots/', $item['image']),
+			'thumb' => str_replace('/gallery/', '/screenshots/', $item['thumb']),
+		], ['id' => $item['id']]);
+	}
+};

system/migrations/12-items.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_items`
+(
+	`id` INT(11) NOT NULL,
+	`article` VARCHAR(5) NOT NULL DEFAULT '',
+	`name` VARCHAR(50) NOT NULL DEFAULT '',
+	`plural` VARCHAR(50) NOT NULL DEFAULT '',
+	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/12-weapons.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_weapons`
+(
+	`id` INT(11) NOT NULL,
+	`level` INT(11) NOT NULL DEFAULT 0,
+	`maglevel` INT(11) NOT NULL DEFAULT 0,
+	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/12.php

@@ -1,51 +1,65 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+use MyAAC\Models\Spell;
+
+$up = function () use ($db) {
 	// add new item_id field for runes
-if(!$db->hasColumn(TABLE_PREFIX . 'spells', 'item_id'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD `item_id` INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`;");
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'item_id')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'item_id', 'INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`');
+	}
 
 	// change unique index from spell to name
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `spell`;");
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD UNIQUE INDEX (`name`);");
 
 	// change comment of spells.type
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune';");
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'type', "TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune'");
 
 	// new items table
-if(!$db->hasTable(TABLE_PREFIX . 'items'))
-$db->query("
-CREATE TABLE `" . TABLE_PREFIX . "items`
-(
-	`id` INT(11) NOT NULL,
-	`article` VARCHAR(5) NOT NULL DEFAULT '',
-	`name` VARCHAR(50) NOT NULL DEFAULT '',
-	`plural` VARCHAR(50) NOT NULL DEFAULT '',
-	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+	if (!$db->hasTable(TABLE_PREFIX . 'items')) {
+		$db->query(file_get_contents(__DIR__ . '/12-items.sql'));
+	}
 
 	// new weapons table
-if(!$db->hasTable(TABLE_PREFIX . 'weapons'))
-$db->query("
-CREATE TABLE `" . TABLE_PREFIX . "weapons`
-(
-	`id` INT(11) NOT NULL,
-	`level` INT(11) NOT NULL DEFAULT 0,
-	`maglevel` INT(11) NOT NULL DEFAULT 0,
-	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+	if (!$db->hasTable(TABLE_PREFIX . 'weapons')) {
+		$db->query(file_get_contents(__DIR__ . '/12-weapons.sql'));
+	}
 
 	// modify vocations to support json data
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(100) NOT NULL DEFAULT '';");
-$query = $db->query('SELECT `id`, `vocations` FROM `' . TABLE_PREFIX . 'spells`');
-foreach($query->fetchAll() as $spell) {
-	$tmp = explode(',', $spell['vocations']);
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'vocations', "VARCHAR(100) NOT NULL DEFAULT ''");
+
+	$spells = Spell::select('id', 'vocations')->get();
+	foreach ($spells as $spell) {
+		$tmp = explode(',', $spell->vocations);
 		foreach ($tmp as &$v) {
 			$v = (int)$v;
 		}
-	$db->update(TABLE_PREFIX . 'spells', array('vocations' => json_encode($tmp)), array('id' => $spell['id']));
+
+		Spell::where('id', $spell->id)->update(['vocations' => json_encode($tmp)]);
 	}
-?>
+};
+
+$down = function () use ($db) {
+	// remove item_id field for runes
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'item_id')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'item_id');
+	}
+
+	// change unique index from spell to name
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `name`;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD INDEX (`spell`);");
+
+	$db->dropTable(TABLE_PREFIX . 'items');
+	$db->dropTable(TABLE_PREFIX . 'weapons');
+
+	$spells = Spell::select('id', 'vocations')->get();
+	// modify vocations to use vocation separated by comma
+	foreach ($spells as $spell) {
+		$vocations = empty($spell->vocations) ? [] : json_decode($spell->vocations);
+
+		Spell::where('id', $spell->id)->update(['vocations' => implode(',', $vocations)]);
+	}
+};

system/migrations/13.php

@@ -1,3 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'spells', 'spell'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP COLUMN `spell`;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'spell');
+	}
+};
+
+$down = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'spell', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
+};

system/migrations/14.php

@@ -1,18 +1,39 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	// change monsters.file_path field to loot
 	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'file_path')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `file_path` `loot` VARCHAR(5000);");
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'file_path', 'loot', 'VARCHAR(5000)');
 	}
 
 	// update loot to empty string
 	$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `loot` = '';");
 
 	// drop monsters.gfx_name field
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` DROP COLUMN `gfx_name`;");
+	$db->dropColumn(TABLE_PREFIX . 'monsters', 'gfx_name');
 
 	// rename hide_creature to hidden
 	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'hide_creature')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hide_creature` `hidden` TINYINT(1) NOT NULL DEFAULT 0;");
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'hide_creature', 'hidden', "TINYINT(1) NOT NULL DEFAULT 0");
 	}
-?>
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'loot')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'loot', 'file_path', 'VARCHAR(5000)');
+	}
+
+	// update file_path to empty string
+	$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `file_path` = '';");
+
+	// add monsters.gfx_name field
+	$db->addColumn(TABLE_PREFIX . 'monsters', 'gfx_name', 'varchar(255) NOT NULL AFTER `race`');
+
+	// rename hidden to hide_creature
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'hidden')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'hidden', 'hide_creature', 'TINYINT(1) NOT NULL DEFAULT 0');
+	}
+};

system/migrations/15.php

@@ -1,10 +1,26 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // add new forum.guild and forum.access fields
+
+$up = function () use ($db) {
 	if (!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `guild` TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`;");
+		$db->addColumn(TABLE_PREFIX . 'forum_boards', 'guild', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`');
 	}
 
 	if (!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `access` TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`;");
+		$db->addColumn(TABLE_PREFIX . 'forum_boards', 'access', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`');
 	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
+		$db->dropColumn(TABLE_PREFIX . 'forum_boards', 'guild');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
+		$db->dropColumn(TABLE_PREFIX . 'forum_boards', 'access');
+	}
+};

system/migrations/16.php

@@ -1,5 +1,14 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // change size of spells.vocations
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(300) NOT NULL DEFAULT '';");
-?>
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'vocations', "VARCHAR(300) NOT NULL DEFAULT ''");
+};
+
+$down = function () {
+	// nothing to do here
+};

system/migrations/17-menu.sql

@@ -0,0 +1,11 @@
+CREATE TABLE `myaac_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`template` VARCHAR(255) NOT NULL,
+	`name` VARCHAR(255) NOT NULL,
+	`link` VARCHAR(255) NOT NULL,
+	`category` INT(11) NOT NULL DEFAULT 1,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/17.php

@@ -1,23 +1,20 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 use MyAAC\Plugins;
 
-if(!$db->hasTable('myaac_menu')) {
-	$db->query("
-CREATE TABLE `myaac_menu`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`template` VARCHAR(255) NOT NULL,
-	`name` VARCHAR(255) NOT NULL,
-	`link` VARCHAR(255) NOT NULL,
-	`category` INT(11) NOT NULL DEFAULT 1,
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+$up = function () use ($db) {
+	if (!$db->hasTable(TABLE_PREFIX . 'menu')) {
+		$db->exec(file_get_contents(__DIR__ . '/17-menu.sql'));
 	}
 
 	Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 	Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
+};
+
+$down = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'menu');
+};
 

system/migrations/18.php

@@ -1,6 +1,24 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_text` VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`;");
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_image` VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'news', 'article_text')) {
+		$db->addColumn(TABLE_PREFIX . 'news', 'article_text', "VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`");
+	}
 
-?>
+	if (!$db->hasColumn(TABLE_PREFIX . 'news', 'article_image')) {
+		$db->addColumn(TABLE_PREFIX . 'news', 'article_image', "VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'news', 'article_text')) {
+		$db->dropColumn(TABLE_PREFIX . 'news', 'article_text');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'news', 'article_image')) {
+		$db->dropColumn(TABLE_PREFIX . 'news', 'article_image');
+	}
+};

system/migrations/2.php

@@ -1,5 +1,11 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "faq` MODIFY `answer` VARCHAR(1020) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'faq', 'answer', "VARCHAR(1020) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'movies', 'title', "VARCHAR(100) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'news', 'title', "VARCHAR(100) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'news', 'body', "TEXT NOT NULL");
+};

system/migrations/20.php

@@ -2,16 +2,33 @@
 
 use MyAAC\Settings;
 
+function updateHighscoresIdsHidden(): void
+{
+	global $db;
+
+	if (!$db->hasTable('players')) {
+		return;
+	}
+
 	$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
 
 	$highscores_ignored_ids = array();
 	if ($query->rowCount() > 0) {
 		foreach ($query->fetchAll() as $result)
 			$highscores_ignored_ids[] = $result['id'];
-}
-else {
+	} else {
 		$highscores_ignored_ids[] = 0;
 	}
 
 	$settings = Settings::getInstance();
 	$settings->updateInDatabase('core', 'highscores_ids_hidden', implode(', ', $highscores_ignored_ids));
+}
+
+$up = function () {
+	updateHighscoresIdsHidden();
+};
+
+$down = function () {
+	$settings = Settings::getInstance();
+	$settings->updateInDatabase('core', 'highscores_ids_hidden', '0');
+};

system/migrations/21.php

@@ -1,6 +1,10 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum` ADD `post_html` TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`;");
+$up = function () use ($db) {
+	$db->addColumn(TABLE_PREFIX . 'forum', 'post_html', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`');
 
 	$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "forum_boards` WHERE `name` LIKE " . $db->quote('News') . " LIMIT 1;");
 	if ($query->rowCount() == 0) {
@@ -12,3 +16,8 @@ $id = $query['id'];
 
 	// update all forum threads with is_html = 1
 	$db->exec("UPDATE `" . TABLE_PREFIX . "forum` SET `post_html` = 1 WHERE `section` = " . $id . " AND `id` = `first_post`;");
+};
+
+$down = function () use ($db) {
+	$db->dropColumn(TABLE_PREFIX . 'forum', 'post_html');
+};

system/migrations/22-z_polls.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `z_polls` (
+	`id` int(11) NOT NULL auto_increment,
+	`question` varchar(255) NOT NULL,
+	`description` varchar(255) NOT NULL,
+	`end` int(11) NOT NULL DEFAULT 0,
+	`start` int(11) NOT NULL DEFAULT 0,
+	`answers` int(11) NOT NULL DEFAULT 0,
+	`votes_all` int(11) NOT NULL DEFAULT 0,
+	PRIMARY KEY  (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/22-z_polls_answers.sql

@@ -0,0 +1,6 @@
+CREATE TABLE `z_polls_answers` (
+	`poll_id` int(11) NOT NULL,
+	`answer_id` int(11) NOT NULL,
+	`answer` varchar(255) NOT NULL,
+	`votes` int(11) NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/22.php

@@ -1,31 +1,35 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasTable('z_polls'))
-	$db->query('
-CREATE TABLE `z_polls` (
-  `id` int(11) NOT NULL auto_increment,
-  `question` varchar(255) NOT NULL,
-  `description` varchar(255) NOT NULL,
-  `end` int(11) NOT NULL DEFAULT 0,
-  `start` int(11) NOT NULL DEFAULT 0,
-  `answers` int(11) NOT NULL DEFAULT 0,
-  `votes_all` int(11) NOT NULL DEFAULT 0,
-  PRIMARY KEY  (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-');
-
-if(!$db->hasTable('z_polls_answers'))
-$db->query('
-	CREATE TABLE `z_polls_answers` (
-  `poll_id` int(11) NOT NULL,
-  `answer_id` int(11) NOT NULL,
-  `answer` varchar(255) NOT NULL,
-  `votes` int(11) NOT NULL DEFAULT 0
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-');
-
-if(!$db->hasColumn('accounts', 'vote'))
-	$db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) DEFAULT 0 NOT NULL ;');
-else {
-	$db->query('ALTER TABLE `accounts` MODIFY `vote` INT( 11 ) DEFAULT 0 NOT NULL ;');
+$up = function () use ($db) {
+	if (!$db->hasTable('z_polls')) {
+		$db->exec(file_get_contents(__DIR__ . '/22-z_polls.sql'));
 	}
+
+	if (!$db->hasTable('z_polls_answers')) {
+		$db->exec(file_get_contents(__DIR__ . '/22-z_polls_answers.sql'));
+	}
+
+	if (!$db->hasColumn('accounts', 'vote')) {
+		$db->addColumn('accounts', 'vote', 'int(11) NOT NULL DEFAULT 0');
+	}
+	else {
+		$db->modifyColumn('accounts', 'vote', 'int(11) NOT NULL DEFAULT 0');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasTable('z_polls')) {
+		$db->dropTable('z_polls;');
+	}
+
+	if ($db->hasTable('z_polls_answers')) {
+		$db->dropTable('z_polls_answers');
+	}
+
+	if ($db->hasColumn('accounts', 'vote')) {
+		$db->dropColumn('accounts', 'vote');
+	}
+};

system/migrations/23.php

@@ -1,7 +1,24 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasColumn(TABLE_PREFIX . 'menu', 'blank'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "menu` ADD `blank` TINYINT(1) NOT NULL DEFAULT 0 AFTER `link`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'blank')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'blank', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `link`');
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'menu', 'color'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "menu` ADD `color` CHAR(6) NOT NULL DEFAULT '' AFTER `blank`;");
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'color')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'color', "CHAR(6) NOT NULL DEFAULT '' AFTER `blank`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'blank')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'blank');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'color')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'color');
+	}
+};

system/migrations/24-items.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_items`
+(
+	`id` INT(11) NOT NULL,
+	`article` VARCHAR(5) NOT NULL DEFAULT '',
+	`name` VARCHAR(50) NOT NULL DEFAULT '',
+	`plural` VARCHAR(50) NOT NULL DEFAULT '',
+	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/24.php

@@ -1,3 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'items`;');
+$up = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'items');
+};
+
+$down = function () use ($db) {
+	$db->exec(file_get_contents(__DIR__ . '/24-items.sql'));
+};

system/migrations/25.php

@@ -1,3 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'monsters` MODIFY `loot` text NOT NULL;');
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'monsters', 'loot', 'text NOT NULL');
+};
+
+$down = function () {
+	// nothing to do
+};

system/migrations/26.php

@@ -1,17 +1,32 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . "spells` MODIFY `spell` VARCHAR(255) NOT NULL DEFAULT '';");
+		$db->modifyColumn(TABLE_PREFIX . 'spells', 'spell', "VARCHAR(255) NOT NULL DEFAULT ''");
 	}
 
 	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'words')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . "spells` MODIFY `words` VARCHAR(255) NOT NULL DEFAULT '';");
+		$db->modifyColumn(TABLE_PREFIX . 'spells', 'words', "VARCHAR(255) NOT NULL DEFAULT ''");
 	}
 
 	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'spells` ADD `conjure_id` INT(11) NOT NULL DEFAULT 0 AFTER `soul`;');
+		$db->addColumn(TABLE_PREFIX . 'spells', 'conjure_id', 'INT(11) NOT NULL DEFAULT 0 AFTER `soul`');
 	}
 
 	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'spells` ADD `reagent` INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`;');
+		$db->addColumn(TABLE_PREFIX . 'spells', 'reagent', 'INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`');
 	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'conjure_id');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'reagent');
+	}
+};

system/migrations/27-commands.html

@@ -0,0 +1,22 @@
+<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
+	<thead>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
+		<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
+	</tr>
+	</thead>
+	<tbody>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;">!example</td>
+		<td style="height: 18px; border-width: 1px;">This is just an example</td>
+	</tr>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;">!buyhouse</td>
+		<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
+	</tr>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
+		<td style="height: 18px; border-width: 1px;">Buy AoL</td>
+	</tr>
+	</tbody>
+</table>

system/migrations/27-downloads.html

@@ -0,0 +1,6 @@
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
+	<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
+	<h2>IP Changer:</h2>
+	<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>

system/migrations/27.php

@@ -1,47 +1,48 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$downloadsPage = <<<HTML
-<p>&nbsp;</p>
-<p>&nbsp;</p>
-<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
-<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
-<h2>IP Changer:</h2>
-<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>
-HTML;
+use MyAAC\Models\Pages;
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('downloads') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-	(null, 'downloads', 'Downloads', {$db->quote($downloadsPage)}, 0, 1, 0, 0, 0);");
+$up = function () use ($db) {
+	$downloadsModel = Pages::where('name', 'downloads')->first();
+	if (!$downloadsModel) {
+		$db->insert(TABLE_PREFIX . 'pages', [
+			'name' => 'downloads',
+			'title' => 'Downloads',
+			'body' => file_get_contents(__DIR__ . '/27-downloads.html'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'access' => 0,
+			($db->hasColumn(TABLE_PREFIX . 'pages', 'hide') ? 'hide' : 'hidden') => 0,
+		]);
 	}
 
-$commandsPage = <<<HTML
-<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
-<thead>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
-<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
-</tr>
-</thead>
-<tbody>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;">!example</td>
-<td style="height: 18px; border-width: 1px;">This is just an example</td>
-</tr>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;">!buyhouse</td>
-<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
-</tr>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
-<td style="height: 18px; border-width: 1px;">Buy AoL</td>
-</tr>
-</tbody>
-</table>
-HTML;
-
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('commands') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-(null, 'commands', 'Commands', {$db->quote($commandsPage)}, 0, 1, 0, 0, 0);");
+	$commandsModel = Pages::where('name', 'commands')->first();
+	if (!$commandsModel) {
+		$db->insert(TABLE_PREFIX . 'pages', [
+			'name' => 'commands',
+			'title' => 'Commands',
+			'body' => file_get_contents(__DIR__ . '/27-commands.html'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'access' => 0,
+			($db->hasColumn(TABLE_PREFIX . 'pages', 'hide') ? 'hide' : 'hidden') => 0,
+		]);
 	}
+};
+
+$down = function () {
+	$downloadsModel = Pages::where('name', 'downloads')->first();
+	if ($downloadsModel) {
+		$downloadsModel->delete();
+	}
+
+	$commandsModel = Pages::where('name', 'commands')->first();
+	if ($commandsModel) {
+		$commandsModel->delete();
+	}
+};

system/migrations/28-hooks.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/28.php

@@ -1,10 +1,25 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 use MyAAC\Cache\Cache;
 
-$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'hooks`;');
+$up = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'hooks');
 
 	$cache = Cache::getInstance();
 	if($cache->enabled()) {
 		$cache->delete('hooks');
 	}
+};
+
+$down = function () use ($db) {
+	$db->exec(file_get_contents(__DIR__ . '/28-hooks.sql'));
+
+	$cache = Cache::getInstance();
+	if($cache->enabled()) {
+		$cache->delete('hooks');
+	}
+};
+

system/migrations/29.php

@@ -1,5 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	if (!$db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'pages` ADD `enable_tinymce` TINYINT(1) NOT NULL DEFAULT 1 COMMENT \'1 - enabled, 0 - disabled\' AFTER `php`;');
+		$db->addColumn(TABLE_PREFIX . 'pages', 'enable_tinymce', "TINYINT(1) NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled' AFTER `php`");
 	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
+		$db->dropColumn(TABLE_PREFIX . 'pages', 'enable_tinymce');
+	}
+};

system/migrations/3.php

@@ -1,3 +1,15 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` ADD `ipv6` BINARY(16) NOT NULL DEFAULT 0;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0");
+	}
+};
+
+$down = function () {
+	// we don't want data loss
+	//$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
+};

system/migrations/30-rules.txt

@@ -0,0 +1,25 @@
+1. Names
+a) Names which contain insulting (e.g. "Bastard"), racist (e.g. "Nigger"), extremely right-wing (e.g. "Hitler"), sexist (e.g. "Bitch") or offensive (e.g. "Copkiller") language.
+b) Names containing parts of sentences (e.g. "Mike returns"), nonsensical combinations of letters (e.g. "Fgfshdsfg") or invalid formattings (e.g. "Thegreatknight").
+c) Names that obviously do not describe a person (e.g. "Christmastree", "Matrix"), names of real life celebrities (e.g. "Britney Spears"), names that refer to real countries (e.g. "Swedish Druid"), names which were created to fake other players' identities (e.g. "Arieswer" instead of "Arieswar") or official positions (e.g. "System Admin").
+
+2. Cheating
+a) Exploiting obvious errors of the game ("bugs"), for instance to duplicate items. If you find an error you must report it to CipSoft immediately.
+b) Intentional abuse of weaknesses in the gameplay, for example arranging objects or players in a way that other players cannot move them.
+c) Using tools to automatically perform or repeat certain actions without any interaction by the player ("macros").
+d) Manipulating the client program or using additional software to play the game.
+e) Trying to steal other players\' account data ("hacking").
+f) Playing on more than one account at the same time ("multi-clienting").
+g) Offering account data to other players or accepting other players' account data ("account-trading/sharing").
+
+3. Gamemasters
+a) Threatening a gamemaster because of his or her actions or position as a gamemaster.
+b) Pretending to be a gamemaster or to have influence on the decisions of a gamemaster.
+c) Intentionally giving wrong or misleading information to a gamemaster concerning his or her investigations or making false reports about rule violations.
+
+4. Player Killing
+a) Excessive killing of characters who are not marked with a "skull" on worlds which are not PvP-enforced. Please note that killing marked characters is not a reason for a banishment.
+
+A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
+
+These rules may be changed at any time. All changes will be announced on the official website.

system/migrations/30.php

@@ -1,31 +1,27 @@
 <?php
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('rules_on_the_page') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hide`) VALUES
-	(null, 'rules_on_the_page', 'Rules', '1. Names
-a) Names which contain insulting (e.g. \"Bastard\"), racist (e.g. \"Nigger\"), extremely right-wing (e.g. \"Hitler\"), sexist (e.g. \"Bitch\") or offensive (e.g. \"Copkiller\") language.
-b) Names containing parts of sentences (e.g. \"Mike returns\"), nonsensical combinations of letters (e.g. \"Fgfshdsfg\") or invalid formattings (e.g. \"Thegreatknight\").
-c) Names that obviously do not describe a person (e.g. \"Christmastree\", \"Matrix\"), names of real life celebrities (e.g. \"Britney Spears\"), names that refer to real countries (e.g. \"Swedish Druid\"), names which were created to fake other players\' identities (e.g. \"Arieswer\" instead of \"Arieswar\") or official positions (e.g. \"System Admin\").
+use MyAAC\Models\Pages;
 
-2. Cheating
-a) Exploiting obvious errors of the game (\"bugs\"), for instance to duplicate items. If you find an error you must report it to CipSoft immediately.
-b) Intentional abuse of weaknesses in the gameplay, for example arranging objects or players in a way that other players cannot move them.
-c) Using tools to automatically perform or repeat certain actions without any interaction by the player (\"macros\").
-d) Manipulating the client program or using additional software to play the game.
-e) Trying to steal other players\' account data (\"hacking\").
-f) Playing on more than one account at the same time (\"multi-clienting\").
-g) Offering account data to other players or accepting other players\' account data (\"account-trading/sharing\").
-
-3. Gamemasters
-a) Threatening a gamemaster because of his or her actions or position as a gamemaster.
-b) Pretending to be a gamemaster or to have influence on the decisions of a gamemaster.
-c) Intentionally giving wrong or misleading information to a gamemaster concerning his or her investigations or making false reports about rule violations.
-
-4. Player Killing
-a) Excessive killing of characters who are not marked with a \"skull\" on worlds which are not PvP-enforced. Please note that killing marked characters is not a reason for a banishment.
-
-A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
-
-These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 0, 0);");
+$up = function () {
+	$rulesOnPage = Pages::where('name', 'rules_on_the_page')->first();
+	if (!$rulesOnPage) {
+		Pages::create([
+			'name' => 'rules_on_the_page',
+			'title' => 'Rules',
+			'body' => file_get_contents(__DIR__ . '/30-rules.txt'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'enable_tinymce' => 0,
+			'access' => 0,
+			'hidden' => 0,
+		]);
 	}
+};
+
+$down = function () {
+	$rulesOnPage = Pages::where('name', 'rules_on_the_page')->first();
+	if ($rulesOnPage) {
+		Pages::where('name', 'rules_on_the_page')->delete();
+	}
+};

system/migrations/31.php

@@ -1,57 +1,121 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `elements` TEXT NOT NULL AFTER `immunities`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'elements', "TEXT NOT NULL AFTER `immunities`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `pushable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'pushable', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushitems` TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canpushitems', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `runonhealth` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'runonhealth', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `hostile` TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'hostile', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `attackable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'attackable', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `rewardboss` TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'rewardboss', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `defense` INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'defense', "INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `armor` INT(11) NOT NULL DEFAULT '0' AFTER `defense`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'armor', "INT(11) NOT NULL DEFAULT '0' AFTER `defense`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `summons` TEXT NOT NULL AFTER `loot`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'summons', "TEXT NOT NULL AFTER `loot`");
 	}
+};
+
+$down = function () use ($db) {
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'elements');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'pushable');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canpushitems');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'runonhealth');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'hostile');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'attackable');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'rewardboss');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'defense');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'armor');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'summons');
+	}
+};
+

system/migrations/32.php

@@ -1,4 +1,14 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // Increase size of page in myaac_visitors table
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `page` VARCHAR(2048) NOT NULL;");
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'visitors', 'page', 'VARCHAR(2048) NOT NULL');
+};
+
+$down = function () {
+	// nothing to be done, as we have just extended the size of a column
+};

system/migrations/33.php

@@ -1,6 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // Increase size of ip in myaac_visitors table
 // according to this answer: https://stackoverflow.com/questions/166132/maximum-length-of-the-textual-representation-of-an-ipv6-address
 // the size of ipv6 can be maximal 45 chars
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `ip` VARCHAR(45) NOT NULL;");
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'visitors', 'ip', 'VARCHAR(15) NOT NULL');
+};
+
+$down = function () {
+	// nothing to be done, as we have just extended the size of a column
+};

system/migrations/34.php

@@ -1,4 +1,18 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // add user_agent column into visitors
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` ADD `user_agent` VARCHAR(255) NOT NULL DEFAULT '';");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'visitors', 'user_agent')) {
+		$db->addColumn(TABLE_PREFIX . 'visitors', 'user_agent', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'visitors', 'user_agent')) {
+		$db->dropColumn(TABLE_PREFIX . 'visitors', 'user_agent');
+	}
+};

system/migrations/35.php

@@ -1,3 +1,17 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // add look column
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "monsters` ADD `look` VARCHAR(255) NOT NULL DEFAULT '' AFTER `health`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'monsters', 'look')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'look', "VARCHAR(255) NOT NULL DEFAULT '' AFTER `health`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'look')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'look');
+	}
+};

system/migrations/36-settings.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_settings`
+(
+	`id` int(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(255) NOT NULL DEFAULT '',
+	`key` VARCHAR(255) NOT NULL DEFAULT '',
+	`value` TEXT NOT NULL,
+	PRIMARY KEY (`id`),
+	KEY `key` (`key`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/36.php

@@ -1,14 +1,18 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	// add settings table
 	if (!$db->hasTable(TABLE_PREFIX . 'settings')) {
-	$db->exec("CREATE TABLE `" . TABLE_PREFIX . "settings`
-	(
-		`id` int(11) NOT NULL AUTO_INCREMENT,
-		`name` VARCHAR(255) NOT NULL DEFAULT '',
-		`key` VARCHAR(255) NOT NULL DEFAULT '',
-		`value` TEXT NOT NULL,
-		PRIMARY KEY (`id`),
-		KEY `key` (`key`)
-	) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;");
+		$db->exec(file_get_contents(__DIR__ . '/36-settings.sql'));
 	}
+};
+
+$down = function () {
+	// will break the aac
+	//if ($db->hasTable(TABLE_PREFIX . 'settings')) {
+	//	$db->dropTable(TABLE_PREFIX . 'settings');
+	//}
+};

system/migrations/37.php

@@ -5,4 +5,10 @@
 
 use MyAAC\Models\Pages;
 
+$up = function () {
 	Pages::query()->where('access', 1)->update(['access' => 0]);
+};
+
+$down = function () {
+	Pages::query()->where('access', 0)->update(['access' => 1]);
+};

system/migrations/38.php

@@ -1,5 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // 2023-11-11
 // execute highscores_ids_hidden once again, cause of settings
-require __DIR__ . '/20.php';
+$up = function () {
+	require_once __DIR__ . '/20.php';
+	updateHighscoresIdsHidden();
+};
+
+$down = function () {
+	// there is no downgrade for this
+};
+

system/migrations/39.php

@@ -1,18 +1,41 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // 2024-01-27
 // change hidden to hide (Eloquent model reserved keyword)
 
+$definition = 'TINYINT(1) NOT NULL DEFAULT 0';
+
+$up = function () use ($db, $definition) {
 	if (!$db->hasColumn('players', 'hide')) {
-	$db->exec("ALTER TABLE `players` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+		$db->changeColumn('players', 'hidden', 'hide', $definition);
 	}
 
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "changelog` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "faq` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news_categories` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "pages` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "gallery` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "spells` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+	$db->changeColumn(TABLE_PREFIX . 'changelog', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'faq', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'forum_boards', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'monsters', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news_categories', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'pages', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'gallery', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'spells', 'hidden', 'hide', $definition);
+};
+
+$down = function () use ($db, $definition) {
+	if (!$db->hasColumn('players', 'hidden')) {
+		$db->changeColumn('players', 'hide', 'hidden', $definition);
+	}
+
+	$db->changeColumn(TABLE_PREFIX . 'changelog', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'faq', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'forum_boards', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'monsters', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news_categories', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'pages', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'gallery', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'spells', 'hide', 'hidden', $definition);
+};

system/migrations/4.php

@@ -1,3 +1,16 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'id'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `id` int(11) NOT NULL AUTO_INCREMENT primary key FIRST;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'monsters', 'id')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'id', "int(11) NOT NULL AUTO_INCREMENT primary key FIRST");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'id')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'id');
+	}
+};

system/migrations/40.php

@@ -5,8 +5,19 @@
 
 use MyAAC\Models\Menu;
 
+$up = function() {
 	Menu::where('link', 'lastkills')->update(['link' => 'last-kills']);
 	Menu::where('link', 'serverInfo')->update(['link' => 'server-info']);
 	Menu::where('link', 'experienceStages')->update(['link' => 'exp-stages']);
 	Menu::where('link', 'experienceTable')->update(['link' => 'exp-table']);
 	Menu::where('link', 'creatures')->update(['link' => 'monsters']);
+};
+
+$down = function() {
+	Menu::where('link', 'last-kills')->update(['link' => 'lastkills']);
+	Menu::where('link', 'server-info')->update(['link' => 'serverInfo']);
+	Menu::where('link', 'exp-stages')->update(['link' => 'experienceStages']);
+	Menu::where('link', 'exp-table')->update(['link' => 'experienceTable']);
+	Menu::where('link', 'monsters')->update(['link' => 'creatures']);
+};
+

system/migrations/41.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ * Change database tables character set to utf8mb4
+ * Previously it was utf8 (utf8mb3)
+ * utf8 will become utf8mb4 in future releases of mysql
+ */
+$tables = [
+	'account_actions', 'admin_menu',
+	'changelog', 'config',
+	'faq', 'forum_boards', 'forum',
+	'gallery',
+	'menu', 'monsters',
+	'news', 'news_categories', 'notepad',
+	'pages',
+	'settings', 'spells',
+	'visitors', 'weapons',
+];
+
+$up = function () use ($db, $tables)
+{
+	foreach ($tables as $table) {
+		if ($db->hasTable(TABLE_PREFIX . $table)) {
+			$db->exec('ALTER TABLE ' . TABLE_PREFIX . $table . ' CONVERT TO CHARACTER SET utf8mb4');
+		}
+	}
+};
+
+$down = function () use ($db, $tables)
+{
+	foreach ($tables as $table) {
+		if ($db->hasTable(TABLE_PREFIX . $table)) {
+			$db->exec('ALTER TABLE ' . TABLE_PREFIX . $table . ' CONVERT TO CHARACTER SET utf8');
+		}
+	}
+};

system/migrations/5.php

@@ -1,4 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'spells', 'cities'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP COLUMN cities;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'cities')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'cities');
+	}
+};
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'cities')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'cities', 'VARCHAR(32) NOT NULL');
+	}
+};

system/migrations/6.php

@@ -1,3 +1,16 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "hooks` ADD `enabled` INT(1) NOT NULL DEFAULT 1;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled')) {
+		$db->addColumn(TABLE_PREFIX . 'hooks', 'enabled', 'INT(1) NOT NULL DEFAULT 1');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled')) {
+		$db->dropColumn(TABLE_PREFIX . 'hooks', 'enabled');
+	}
+};

system/migrations/7.php

@@ -1,4 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'screenshots', 'name'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "screenshots` DROP `name`;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'screenshots', 'name')) {
+		$db->dropColumn(TABLE_PREFIX . 'screenshots', 'name');
+	}
+};
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'screenshots', 'name')) {
+		$db->addColumn(TABLE_PREFIX . 'screenshots', 'name', 'VARCHAR(30) NOT NULL');
+	}
+};

system/migrations/8.php

@@ -1,17 +1,31 @@
 <?php
-	if($db->hasTable(TABLE_PREFIX . 'forum_sections'))
-		$db->query('RENAME TABLE `' . TABLE_PREFIX . 'forum_sections` TO `' . TABLE_PREFIX . 'forum_boards`;');
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasTable(TABLE_PREFIX . 'forum_sections')) {
+		$db->renameTable(TABLE_PREFIX . 'forum_sections', TABLE_PREFIX . 'forum_boards');
+	}
 
 	$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'forum_boards` WHERE `ordering` > 0;');
 	if ($query->rowCount() == 0) {
-		$boards = array(
+		$boards = [
 			'News',
 			'Trade',
 			'Quests',
 			'Pictures',
 			'Bug Report'
-		);
+		];
 
-		foreach($boards as $id => $board)
+		foreach ($boards as $id => $board) {
 			$db->query('UPDATE `' . TABLE_PREFIX . 'forum_boards` SET `ordering` = ' . $id . ' WHERE `name` = ' . $db->quote($board));
 		}
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasTable(TABLE_PREFIX . 'forum_boards')) {
+		$db->renameTable(TABLE_PREFIX . 'forum_boards', TABLE_PREFIX . 'forum_sections');
+	}
+};

system/migrations/9.php

@@ -1,9 +1,18 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `type` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `status` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `id` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `subject` VARCHAR(255) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `reply` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `who` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `tag` INT(11) NOT NULL DEFAULT 0;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'type', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'status', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'id', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'subject', "VARCHAR(255) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'reply', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'who', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'tag', "INT(11) NOT NULL DEFAULT 0");
+};
+
+$down = function () {
+	// nothing to do here
+};

system/pages/account/characters/change-name.php

@@ -40,10 +40,15 @@ else
 
 		if(empty($errors))
 		{
-			if(!admin() && !Validator::newCharacterName($name))
+			if(!Validator::characterName($name)) {
 				$errors[] = Validator::getLastError();
 			}
 
+			if(!admin() && !Validator::newCharacterName($name)) {
+				$errors[] = Validator::getLastError();
+			}
+		}
+
 		if(empty($errors)) {
 			$player = new OTS_Player();
 			$player->load($player_id);

system/pages/account/create.php

@@ -148,6 +148,10 @@ if($save)
 		}
 	}
 
+	/**
+	 * two hooks for compatibility
+	 */
+	$hooks->trigger(HOOK_ACCOUNT_CREATE_AFTER_SUBMIT, $params);
 	if (!$hooks->trigger(HOOK_ACCOUNT_CREATE_POST, $params)) {
 		return;
 	}
@@ -187,6 +191,8 @@ if($save)
 		$new_account->setEMail($email);
 		$new_account->save();
 
+		$hooks->trigger(HOOK_ACCOUNT_CREATE_AFTER_SAVED, ['account' => $new_account]);
+
 		if(USE_ACCOUNT_SALT)
 			$new_account->setCustomField('salt', $salt);
 
@@ -325,7 +331,9 @@ if(setting('core.account_country_recognize')) {
 		$country_recognized = $country_session;
 	}
 	else {
-		$info = json_decode(@file_get_contents('http://ipinfo.io/' . $_SERVER['REMOTE_ADDR'] . '/geo'), true);
+		ini_set('default_socket_timeout', 5);
+
+		$info = json_decode(@file_get_contents('https://ipinfo.io/' . get_browser_real_ip() . '/geo'), true);
 		if(isset($info['country'])) {
 			$country_recognized = strtolower($info['country']);
 			setSession('country', $country_recognized);

system/pages/account/login.php

@@ -8,6 +8,9 @@
  * @copyright 2023 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\RateLimit;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 // new login with data from form
@@ -18,30 +21,13 @@ if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login']
 $login_account = $_POST['account_login'];
 $login_password = $_POST['password_login'];
 $remember_me = isset($_POST['remember_me']);
+$ip = get_browser_real_ip();
 if(!empty($login_account) && !empty($login_password))
 {
-	if($cache->enabled())
-	{
-		$tmp = '';
-		if($cache->fetch('failed_logins', $tmp))
-		{
-			$tmp = unserialize($tmp);
-			$to_remove = array();
-			foreach($tmp as $ip => $t)
-			{
-				if(time() - $t['last'] >= 5 * 60)
-					$to_remove[] = $ip;
-			}
 
-			foreach($to_remove as $ip)
-				unset($tmp[$ip]);
-		}
-		else
-			$tmp = array();
-
-		$ip = $_SERVER['REMOTE_ADDR'];
-		$t = $tmp[$ip] ?? null;
-	}
+	$limiter = new RateLimit('failed_logins', setting('core.account_login_attempts_limit'), setting('core.account_login_ban_time'));
+	$limiter->enabled = setting('core.account_login_ipban_protection');
+	$limiter->load();
 
 	$account_logged = new OTS_Account();
 	if (config('account_login_by_email')) {
@@ -56,14 +42,12 @@ if(!empty($login_account) && !empty($login_password))
 		}
 	}
 
-	if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword()
-		&& (!isset($t) || $t['attempts'] < 5)
+	if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword() && (!$limiter->enabled || !$limiter->exceeded($ip))
 	)
 	{
 		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
 			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
-		}
-		else {
+		} else {
 			session_regenerate_id();
 			setSession('account', $account_logged->getId());
 			setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
@@ -87,38 +71,21 @@ if(!empty($login_account) && !empty($login_password))
 
 			$hooks->trigger(HOOK_LOGIN, array('account' => $account_logged, 'password' => $login_password, 'remember_me' => $remember_me));
 		}
+
+		$limiter->reset($ip);
 	}
 	else
 	{
 		$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
 
 		$errorMessage = getAccountLoginByLabel() . ' or password is not correct.';
-
-		// temporary solution for blocking failed login attempts
-		if($cache->enabled())
-		{
-			if(isset($t))
-			{
-				$t['attempts']++;
-				$t['last'] = time();
-
-				if($t['attempts'] >= 5)
-					$errors[] = 'A wrong password has been entered 5 times in a row. You are unable to log into your account for the next 5 minutes. Please wait.';
-				else
-					$errors[] = $errorMessage;
-			}
-			else
-			{
-				$t = array('attempts' => 1, 'last' => time());
-				$errors[] = $errorMessage;
+		$limiter->increment($ip);
+		if ($limiter->exceeded($ip)) {
+			$errorMessage = 'A wrong password has been entered ' . $limiter->max_attempts . ' times in a row. You are unable to log into your account for the next ' . $limiter->ttl . ' minutes. Please wait.';
 		}
 
-			$tmp[$ip] = $t;
-			$cache->set('failed_logins', serialize($tmp), 60 * 60); // save for 1 hour
-		}
-		else {
 		$errors[] = $errorMessage;
-		}
+
 	}
 }
 else {

system/pages/forum/new_thread.php

@@ -95,7 +95,7 @@ if(Forum::canPost($account_logged)) {
 				if (count($errors) == 0) {
 					$saved = true;
 
-					$db->query("INSERT INTO `" . FORUM_TABLE_PREFIX . "forum` (`first_post` ,`last_post` ,`section` ,`replies` ,`views` ,`author_aid` ,`author_guid` ,`post_text` ,`post_topic` ,`post_smile`, `post_html` ,`post_date` ,`last_edit_aid` ,`edit_date`, `post_ip`) VALUES ('0', '" . time() . "', '" . (int)$section_id . "', '0', '0', '" . $account_logged->getId() . "', '" . $char_id . "', " . $db->quote($text) . ", " . $db->quote($post_topic) . ", '" . $smile . "', '" . $html . "', '" . time() . "', '0', '0', '" . $_SERVER['REMOTE_ADDR'] . "')");
+					$db->query("INSERT INTO `" . FORUM_TABLE_PREFIX . "forum` (`first_post` ,`last_post` ,`section` ,`replies` ,`views` ,`author_aid` ,`author_guid` ,`post_text` ,`post_topic` ,`post_smile`, `post_html` ,`post_date` ,`last_edit_aid` ,`edit_date`, `post_ip`) VALUES ('0', '" . time() . "', '" . (int)$section_id . "', '0', '0', '" . $account_logged->getId() . "', '" . $char_id . "', " . $db->quote($text) . ", " . $db->quote($post_topic) . ", '" . $smile . "', '" . $html . "', '" . time() . "', '0', '0', '" . get_browser_real_ip() . "')");
 
 					$thread_id = $db->lastInsertId();
 

system/pages/forum/show_board.php

@@ -44,7 +44,7 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 
 echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_id]['name'].'</b>';
 
-if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
+if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />
 		<a href="' . getLink('forum') . '?action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
 }
@@ -94,7 +94,7 @@ if(isset($last_threads[0])) {
 	}
 
 	echo '</table>';
-	if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
+	if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 		echo '<br /><a href="' . getLink('forum') . '?action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
 	}
 }

system/pages/highscores.php

@@ -31,21 +31,23 @@ if(!is_numeric($page) || $page < 1 || $page > PHP_INT_MAX) {
 
 $query = Player::query();
 
-$settingHighscoresVocationBox = setting('core.highscores_vocation_box');
 $configVocations = config('vocations');
 $configVocationsAmount = config('vocations_amount');
 
-if($settingHighscoresVocationBox && $vocation !== 'all')
-{
+$vocationId = null;
+if($vocation !== 'all') {
 	foreach($configVocations as $id => $name) {
 		if(strtolower($name) == $vocation) {
-			$add_vocs = array($id);
+			$vocationId = $id;
+			$add_vocs = [$id];
 
+			if ($id !== 0) {
 				$i = $id + $configVocationsAmount;
 				while (isset($configVocations[$i])) {
 					$add_vocs[] = $i;
 					$i += $configVocationsAmount;
 				}
+			}
 
 			$query->whereIn('players.vocation', $add_vocs);
 			break;
@@ -175,12 +177,12 @@ if (empty($highscores)) {
 			$query
 				->join('player_skills', 'player_skills.player_id', '=', 'players.id')
 				->where('skillid', $skill)
-				->addSelect('player_skills.skillid as value');
+				->addSelect('player_skills.value as value');
 		}
 	} else if ($skill == SKILL_FRAGS) // frags
 	{
 		if ($db->hasTable('player_killers')) {
-			$query->addSelect(['value' => PlayerKillers::where('player_killers.player_id', 'players.id')->selectRaw('COUNT(*)')]);
+			$query->addSelect(['value' => PlayerKillers::whereColumn('player_killers.player_id', 'players.id')->selectRaw('COUNT(*)')]);
 		} else {
 			$query->addSelect(['value' => PlayerDeath::unjustified()->whereColumn('player_deaths.killed_by', 'players.name')->selectRaw('COUNT(*)')]);
 		}
@@ -287,6 +289,7 @@ $twig->display('highscores.html.twig', [
 	'skillName' => ($skill == SKILL_FRAGS ? 'Frags' : ($skill == SKILL_BALANCE ? 'Balance' : getSkillName($skill))),
 	'levelName' => ($skill != SKILL_FRAGS && $skill != SKILL_BALANCE ? 'Level' : ($skill == SKILL_BALANCE ? 'Balance' : 'Frags')),
 	'vocation' => $vocation !== 'all' ? $vocation :  null,
+	'vocationId' => $vocationId,
 	'types' => $types,
 	'linkPreviousPage' => $linkPreviousPage,
 	'linkNextPage' => $linkNextPage,

system/pages/monsters.php

@@ -62,7 +62,9 @@ if ($monsterModel && isset($monsterModel->name)) {
 	$elements = json_decode($monster['elements'], true);
 	$immunities = json_decode($monster['immunities'], true);
 	$loot = json_decode($monster['loot'], true);
+	if (!empty($loot)) {
 		usort($loot, 'sort_by_chance');
+	}
 
 	foreach ($loot as &$item) {
 		$item['name'] = getItemNameById($item['id']);

system/pages/online.php

@@ -50,8 +50,8 @@ if (setting('core.online_outfit')) {
 	}
 }
 
+$vocs = [];
 if (setting('core.online_vocations')) {
-	$vocs = array();
 	foreach($config['vocations'] as $id => $name) {
 		$vocs[$id] = 0;
 	}
@@ -100,7 +100,7 @@ foreach($playersOnline as $player) {
 }
 
 $record = '';
-if($players > 0) {
+if(count($players_data) > 0) {
 	if( setting('core.online_record')) {
 		$result = null;
 		$timestamp = false;
@@ -114,7 +114,7 @@ if($players > 0) {
 			}
 		}
 
-		if($record) {
+		if($result) {
 			$record = 'The maximum on this game world was ' . $result['record'] . ' players' . ($timestamp ? ' on ' . date("M d Y, H:i:s", $result['timestamp']) . '.' : '.');
 		}
 	}
@@ -122,7 +122,8 @@ if($players > 0) {
 
 $twig->display('online.html.twig', array(
 	'players' => $players_data,
-	'record' => $record
+	'record' => $record,
+	'vocs' => $vocs,
 ));
 
 //search bar