Update CHANGELOG.md

Bumps [nesbot/carbon](https://github.com/CarbonPHP/carbon) from 2.72.5 to 2.72.6.
- [Release notes](https://github.com/CarbonPHP/carbon/releases)
- [Commits](https://github.com/CarbonPHP/carbon/compare/2.72.5...2.72.6)

---
updated-dependencies:
- dependency-name: nesbot/carbon
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/cypress.yml

@@ -1,9 +1,9 @@
 name: Cypress
 on:
   pull_request:
-    branches: [develop]
+    branches: [master]
   push:
-    branches: [develop]
+    branches: [master]
 
 jobs:
   cypress:
@@ -35,7 +35,7 @@ jobs:
         - name: Checkout MyAAC
           uses: actions/checkout@v4
           with:
-            ref: develop
+            ref: master
 
         - uses: actions/setup-node@v4
           with:

.github/workflows/phplint.yml

@@ -1,9 +1,9 @@
 name: PHP Linting
 on:
   pull_request:
-    branches: [develop]
+    branches: [master]
   push:
-    branches: [develop]
+    branches: [master]
 
 jobs:
   phplint:

.github/workflows/phpstan.yml

@@ -2,9 +2,9 @@ name: "PHPStan"
 
 on:
   pull_request:
-    branches: [develop]
+    branches: [master]
   push:
-    branches: [develop]
+    branches: [master]
 
 jobs:
   tests:

CHANGELOG.md

@@ -1,5 +1,110 @@
 # Changelog
 
+## [1.0.1 - 14.01.2025]
+
+### Fixed
+* tibiacom account & news menu links not auto expanding
+
+### Updated (Thanks dependabot)
+* twig from ^2.0 to ^3.11
+* tinymce from ^6.8.3 to ^7.2.0
+* cypress from ^12.12.0 to ^13.17.0
+* nesbot/carbon from 2.72.5 to 2.72.6
+
+## [1.0 - 12.01.2025]
+
+First stable release in the v1.0 series.
+
+Minimum PHP 8.1 is required.
+
+Changes since RC.2:
+
+### Added
+* feature: migrations up/down. Allows to downgrade/upgrade database to specified version (https://github.com/slawkens/myaac/commit/3f6ff3a3326b0475d28d11ffd7fff51f362d799f)
+* new hooks for news management (https://github.com/slawkens/myaac/commit/011a85d8ae34283ded6999882833f9d4797028ec, https://github.com/slawkens/myaac/commit/36bd3eb846e829b45313e10f7568dc4e95841143)
+* None Vocation to highscores (can be changed to RookStayer in Admin Panel) (https://github.com/slawkens/myaac/commit/a4a248099521bb5b8b2aa5bd592138debd2f19d5)
+* support for button_color (green, red, blue) (https://github.com/slawkens/myaac/commit/d8b6b749ee62e88b6af4a05d3d7557f90b94d94e)
+* add $whoopsHandler as variable, can be used by plugins (https://github.com/slawkens/myaac/commit/b0c8cf2ecda23045d725aaf43cfb3852ed766a4b)
+* PlayerModel->outfit_url attribute (https://github.com/slawkens/myaac/commit/3b5be1a8db5dceecaa388e2925a5536d13b38881)
+* support for selecting plugin themes in Admin menus.php (https://github.com/slawkens/myaac/commit/77a2c1cec343ffe4be5c2c2503ee81bc32a14ca1)
+
+### Changed
+* schema: Change character set to utf8mb4 (support for Emojis in Menus/Pages/News/Forum etc.) (https://github.com/slawkens/myaac/commit/27c44f1bdfb6234cf0c9d5b4b491123bb205b08f)
+* prefer get_browser_real_ip() over REMOTE_ADDR (https://github.com/slawkens/myaac/commit/941846605c00cee83168d2f916410b8ba8d4b7b9)
+* automatically set selected current one on highscores filters (https://github.com/slawkens/myaac/commit/e96227fbe41ae281783b2d49edb169a603601813)
+* rewrite towns loading code, removed OTBM loader (was too slow) (https://github.com/slawkens/myaac/commit/c980a0914632e7b27f718464f669a200707d217e)
+* allow OTS_Player to be passed as object to getPlayerLink (https://github.com/slawkens/myaac/commit/84d37c5a8f2c4535a41c8aa8264752969d3f3a3d)
+* do not clear menus by default on install (https://github.com/slawkens/myaac/commit/12d8faa3eda5e798f97b71e941c035187daad96e)
+* display warning in admin panel - plugins - if zip extension is not installed (https://github.com/slawkens/myaac/commit/e3ffe5d9e11d78ab064a370d8541bac351c9bcd9)
+* set default_socket_timeout for ipinfo.io checkup to 5 seconds (https://github.com/slawkens/myaac/commit/783d96fc6568a607d3198b832fed3a0dd06c4ebb)
+* refactor getTopPlayers function (support for balance) (https://github.com/slawkens/myaac/commit/c769962e39fe8dfb72ecd5be1864e145696be794)
+
+### Fixed
+* XSS in forum (https://github.com/slawkens/myaac/commit/c2b7286d20d4b579171540f7a774e8a0995d5e8f, https://github.com/slawkens/myaac/commit/8fb643596f9586005976e7bdb484a541a9d8715e)
+* price deducted when changing sex (https://github.com/slawkens/myaac/commit/16671ea40b72dcf74037c359ad572f9eb825edf9)
+* move_thread by unauthorized user (https://github.com/slawkens/myaac/commit/d6c40c836a53cb1710f911f77f45f28b54ea1b54, thanks @anyeor)
+* TFS 1.4.2 where conditions is NULL (https://github.com/slawkens/myaac/commit/b8396d4c8482e951da538b13f2296123732c4545)
+* do not show forum new thread show button if not logged in (https://github.com/slawkens/myaac/commit/507402171ba3b6e7ee184bd7fa73e0d55e0cad7a, @anyeor)
+* login if limiter is disabled (https://github.com/slawkens/myaac/commit/a0f1971583f0f790013e2145fb5ac573c59fbdef)
+* fixes to installMenus function (https://github.com/slawkens/myaac/commit/a2fadc5945fe0a5e39f740827f6ffbda1bb501e2)
+* many PHP exceptions in different places
+* fixes to tibiacom menus ActiveSubmenuItem
+
+### Removed
+* bugtracker SQL table code as the page has been removed/moved to plugins (https://github.com/slawkens/myaac/commit/5782772b901b05fb814bc718d062f6e2cd71df8c)
+
+## [1.0-RC.2 - 25.10.2024]
+
+Still waiting for your reports about bugs found in this release. We are very close to stable release.
+
+### Added
+* feat: rate limit settings for blocking accounts login attempts (@gpedro, #266)
+* search by email in accounts editor (https://github.com/slawkens/myaac/commit/c2ec46824621468f2a1cb4046805c485ed13fea5)
+* New hooks in account manage + create (https://github.com/slawkens/myaac/commit/93641fc68ac9a5f1479329e2bd41380c19534d5d)
+
+### Changed
+* chore: drop raw queries + accounts - search by email + accounts - required min size for search by account number (@gpedro, #266)
+* Use https for outfit & item images (https://github.com/slawkens/myaac/commit/71c00aa5e01fbdfd88802912e200dd1025976231)
+* Do not require players & guilds tables on install (https://github.com/slawkens/myaac/commit/779aa152fa940261c9b161533946f44e288597a2)
+* Do not create player if there is no players table in db (https://github.com/slawkens/myaac/commit/201f95caa8b70e88fa651eac8c3c3aa7cd765bd0)
+
+### Fixed
+* Highscore frags fixed for TFS 0.3 (@Scrollog, #263)
+* Missing groups variable #262. thanks, @Scrollog for reporting (https://github.com/slawkens/myaac/commit/8d8bdb6dac6df21672ac77288fff2f2f8d6eb665)
+* Verified email for login.php (@gpedro, #265)
+* Warning if core.account_country is disabled (https://github.com/slawkens/myaac/commit/ab73d60c61e14a1cacdb6cfbf7f89f4bf3be0833)
+
+
+## [1.0-RC.1 - 23.07.2024]
+
+Changes since 1.0-beta:
+
+### Added
+* Feat: Hooks priority (https://github.com/slawkens/myaac/commit/dc17b701da053e04bfa64e21be9247a4f07505e1)
+* Make autoload of pages, commands and themes configurable (https://github.com/slawkens/myaac/commit/c1d4b4f80cd6bb85507ee9471e47013955a26a91)
+* Fraggers in characters page for TFS 1.x and canary (https://github.com/slawkens/myaac/commit/42f99c3edc8de39cccc5632cb42e88b24579c5a6)
+* New hooks: HOOK_INSTALL_FINISH, HOOK_ACCOUNT_CREATE_CHARACTER_* (https://github.com/slawkens/myaac/commit/08ac8ebade106521a5c7396faa5ce7006e629f7c, https://github.com/slawkens/myaac/commit/45dda5e834ff2059faea6ef9be2efa76f1723cbd)
+
+### Changed
+* Allow account_create_character_create even if account_mail_verify is activated (https://github.com/slawkens/myaac/commit/203e411b626fe62401a4b74a48420769e512aa39)
+* Create guild_rank entries, in case MySQL trigger not loaded (https://github.com/slawkens/myaac/commit/d9c1b2507c81f306970642b35e4bf5f7cc04a6f2, https://github.com/slawkens/myaac/commit/47a19e85dd84e9f3b39a1b29cfc2c04b004832b9)
+* Set Admin Account verified by default (https://github.com/slawkens/myaac/commit/cd49dfc79942f3301ce9c0b8d899b9f39bda9a41)
+* Refactor account routes into sub folders (https://github.com/slawkens/myaac/commit/bdc0c43d3fd3a51030c3e916bdb9f008468f5ecd)
+* Order towns by id (https://github.com/slawkens/myaac/commit/9ea2a5067fc4b75de395f381577b18914132ad84)
+* Do not create news about myaac, if any news already exist (on installation (https://github.com/slawkens/myaac/commit/504242fb846b73b56b87bc1e39d070687ad7f5b4)
+
+### Fixed
+* Not working google recaptcha plugin (https://github.com/slawkens/myaac/commit/a1bcb217ecf4e21fd58da4ba491da1852029898a)
+* Not working account create if account_country is disabled (https://github.com/slawkens/myaac/commit/933b681a9fcdbb6283e0469b3806d2ded492d232)
+* Account verify - do not allow login without verified email (Thanks @anyeor, https://github.com/slawkens/myaac/commit/fcb13f3c0fb8ceafda0bd614a229a26a269432bd)
+* Detect tools/ext exists on install to prevent broken installs (https://github.com/slawkens/myaac/commit/10a739773c4f2911876bc802a0ee0537c3e00a92)
+* Cache reloading each time page refreshes (https://github.com/slawkens/myaac/commit/ec96985872057340112f65073efc0c4bf86dddb0)
+* Highscores frags for TFS 1.x and canary (https://github.com/slawkens/myaac/commit/a04d186c22912915f0a7873dfe677ef3b5a23c79)
+* Monsters page: monster not found exception (https://github.com/slawkens/myaac/commit/ef79b99b8acc179f14b8475547347d9daca27512)
+* Fixed bug if \<flags\> are not present in monster.xml (https://github.com/slawkens/myaac/commit/57b47ab7983f625c7c0ef4f5303a4d07ef172786)
+* fastRoute duplicate errors (https://github.com/slawkens/myaac/commit/4c0739d3e93812dff0c33849ea3f38e4e49113ac)
+* useGuildNick displaying (https://github.com/slawkens/myaac/commit/0db0ec1aa47e044c26bc403ff5078a2115d086f8)
+
 ## [1.0-beta - 18.05.2024]
 
 Minimum PHP version for this release is 8.1.
@@ -64,4 +169,4 @@ Minimum PHP version for this release is 8.1.
 * change_password email to be more informal
 
 ### Fixed
-* hundrets of bug fixes, mostly patched from 0.8, so it makes no sense writing them again here
+* hundreds of bug fixes, mostly patched from 0.8, so it makes no sense writing them again here

aac

@@ -9,14 +9,13 @@ if(!IS_CLI) {
 }
 
 require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
 
 define('SELF_NAME', basename(__FILE__));
 
 use MyAAC\Plugins;
 use Symfony\Component\Console\Application;
 
-$application = new Application();
+$application = new Application('MyAAC', MYAAC_VERSION);
 
 $commandsGlob = glob(SYSTEM . 'src/Commands/*.php');
 foreach ($commandsGlob as $item) {
@@ -34,7 +33,4 @@ foreach ($pluginCommands as $item) {
 	$application->add(require $item);
 }
 
-$application->setName('MyAAC');
-$application->setVersion(MYAAC_VERSION);
-
 $application->run();

admin/pages/accounts.php

@@ -8,6 +8,7 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\Models\Account as AccountModel;
 use MyAAC\Models\Player;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -22,10 +23,7 @@ $use_datatable = true;
 if (setting('core.account_country'))
 	require SYSTEM . 'countries.conf.php';
 
-$nameOrNumberColumn = 'name';
-if (USE_ACCOUNT_NUMBER) {
-	$nameOrNumberColumn = 'number';
-}
+$nameOrNumberColumn = getAccountIdentityColumn();
 
 $hasSecretColumn = $db->hasColumn('accounts', 'secret');
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
@@ -51,36 +49,51 @@ $acc_type = setting('core.account_types');
 
 <?php
 $id = 0;
-$search_account = '';
+$search_account = $search_account_email = '';
 if (isset($_REQUEST['id']))
 	$id = (int)$_REQUEST['id'];
+else if (isset($_REQUEST['search_email'])) {
+	$search_account_email = $_REQUEST['search_email'];
+	$accountModel = AccountModel::where('email', $search_account_email)->limit(11)->get(['email', 'id']);
+	if (count($accountModel) == 0) {
+		echo_error('No entries found.');
+	} else if (count($accountModel) == 1) {
+		$id = $accountModel->first()->getKey();
+	} else if (count($accountModel) > 10) {
+		echo_error('Specified e-mail resulted with too many accounts.');
+	}
+}
 else if (isset($_REQUEST['search'])) {
 	$search_account = $_REQUEST['search'];
-	if (strlen($search_account) < 3 && !Validator::number($search_account)) {
-		echo_error('Player name is too short.');
+	$min_size = 3;
+	if (in_array($nameOrNumberColumn, ['id', 'number'])) {
+		$min_size = 1;
+	}
+
+	if (strlen($search_account) < $min_size && !Validator::number($search_account)) {
+		echo_error('Account ' . $nameOrNumberColumn . ' is too short.');
 	} else {
-		$query = $db->query('SELECT `id` FROM `accounts` WHERE `' . $nameOrNumberColumn . '` = ' . $db->quote($search_account));
-		if ($query->rowCount() == 1) {
-			$query = $query->fetch();
-			$id = (int)$query['id'];
+		$query = AccountModel::where($nameOrNumberColumn, '=', $search_account)->limit(11)->get(['id', $nameOrNumberColumn]);
+		if (count($query) == 0) {
+			echo_error('No entries found.');
+		} else if (count($query) == 1) {
+			$id = $query->first()->getKey();
+		} else if (count($query) > 10) {
+			echo_error('Specified name resulted with too many accounts.');
 		} else {
-			$query = $db->query('SELECT `id`, `' . $nameOrNumberColumn . '` FROM `accounts` WHERE `' . $nameOrNumberColumn . '` LIKE ' . $db->quote('%' . $search_account . '%'));
-			if ($query->rowCount() > 0 && $query->rowCount() <= 10) {
 			$str_construct = 'Do you mean?<ul class="mb-0">';
-				foreach ($query as $row)
-					$str_construct .= '<li><a href="' . $admin_base . '&id=' . $row['id'] . '">' . $row[$nameOrNumberColumn] . '</a></li>';
+			foreach ($query as $row) {
+				$str_construct .= '<li><a href="' . $admin_base . '&id=' . $row->getKey() . '">' . $row->attributes[$nameOrNumberColumn] . '</a></li>';
+			}
 			$str_construct .= '</ul>';
 			echo_error($str_construct);
-			} else if ($query->rowCount() > 10)
-				echo_error('Specified name resulted with too many accounts.');
-			else
-				echo_error('No entries found.');
 		}
 	}
 }
 ?>
 <div class="row">
 	<?php
+	$groups = new OTS_Groups_List();
 	if ($id > 0) {
 		$account = new OTS_Account();
 		$account->load($id);
@@ -143,7 +156,9 @@ else if (isset($_REQUEST['search'])) {
 			$rl_loca = $_POST['rl_loca'];
 
 			//country
+			if(setting('core.account_country')) {
 				$rl_country = $_POST['rl_country'];
+			}
 
 			$web_flags = $_POST['web_flags'];
 			verify_number($web_flags, 'Web Flags', 1);
@@ -190,7 +205,11 @@ else if (isset($_REQUEST['search'])) {
 				}
 				$account->setRLName($rl_name);
 				$account->setLocation($rl_loca);
+
+				if(setting('core.account_country')) {
 					$account->setCountry($rl_country);
+				}
+
 				$account->setCustomField('created', $created);
 				$account->setWebFlags($web_flags);
 				$account->setCustomField('web_lastlogin', $web_lastlogin);
@@ -214,7 +233,7 @@ else if (isset($_REQUEST['search'])) {
 			}
 		}
 	} else if ($id == 0) {
-		$accounts_db = $db->query('SELECT `id`, `' . $nameOrNumberColumn . '`' . ($hasTypeColumn ? ',type' : ($hasGroupColumn ? ',group_id' : '')) . ' FROM `accounts` ORDER BY `id` ASC');
+		$accounts_db = $db->query('SELECT `id`, `' . $nameOrNumberColumn . '`' . ($hasTypeColumn ? ',type' : ($hasGroupColumn ? ',group_id' : '')) . ', email FROM `accounts` ORDER BY `id` ASC');
 		?>
 		<div class="col-12 col-sm-12 col-lg-10">
 			<div class="card card-info card-outline">
@@ -226,8 +245,9 @@ else if (isset($_REQUEST['search'])) {
 						<thead>
 						<tr>
 							<th>ID</th>
-							<th><?= ($nameOrNumberColumn == 'number' ? 'Number' : 'Name'); ?></th>
+							<th><?= ($nameOrNumberColumn == 'name' ? 'Name' : 'Number'); ?></th>
 							<?php if($hasTypeColumn || $hasGroupColumn): ?>
+							<th>E-Mail</th>
 							<th>Position</th>
 							<?php endif; ?>
 							<th style="width: 40px">Edit</th>
@@ -238,6 +258,7 @@ else if (isset($_REQUEST['search'])) {
 							<tr>
 								<th><?php echo $account_lst['id']; ?></th>
 								<td><?php echo $account_lst[$nameOrNumberColumn]; ?></a></td>
+								<td><?php echo $account_lst['email']; ?></td>
 								<?php if($hasTypeColumn || $hasGroupColumn): ?>
 								<td>
 									<?php if ($hasTypeColumn) {
@@ -585,6 +606,16 @@ else if (isset($_REQUEST['search'])) {
 			</div>
 			<div class="card-body">
 				<div class="row">
+					<div class="col-6 col-lg-12">
+						<form action="<?php echo $admin_base; ?>" method="post">
+							<?php csrf(); ?>
+							<label for="search">Account E-Mail:</label>
+							<div class="input-group input-group-sm">
+								<input type="email" class="form-control" id="search_email" name="search_email" value="<?= escapeHtml($search_account_email); ?>" maxlength="255" size="255">
+								<span class="input-group-append"><button type="submit" class="btn btn-info btn-flat">Search</button></span>
+							</div>
+						</form>
+					</div>
 					<div class="col-6 col-lg-12">
 						<form action="<?php echo $admin_base; ?>" method="post">
 							<?php csrf(); ?>

admin/pages/mailer.php

@@ -7,6 +7,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Models\Account;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Mailer';
 
@@ -61,15 +64,15 @@ if (!empty($mail_content) && !empty($mail_subject) && empty($mail_to)) {
 		$add = ' AND `email_verified` = 1';
 	}
 
-	$query = $db->query('SELECT `email` FROM `accounts` WHERE `email` != ""' . $add);
+	$query = Account::where('email', '!=', '')->get(['email']);
 	foreach ($query as $email) {
-		if (_mail($email['email'], $mail_subject, $mail_content)) {
+		if (_mail($email->email, $mail_subject, $mail_content)) {
 			$success++;
 		}
 		else {
 			$failed++;
 			echo '<br />';
-			error('An error occorred while sending email to <b>' . $email['email'] . '</b>. For Admin: More info can be found in system/logs/mailer-error.log');
+			error('An error occorred while sending email to <b>' . $email->email . '</b>. For Admin: More info can be found in system/logs/mailer-error.log');
 		}
 	}
 

admin/pages/mass_account.php

@@ -24,20 +24,13 @@ $freePremium = $config['lua']['freePremium'];
 
 function admin_give_points($points)
 {
-	global $db, $hasPointsColumn;
+	global $hasPointsColumn;
 
 	if (!$hasPointsColumn) {
 		displayMessage('Points not supported.');
 		return;
 	}
 
-
-	$statement = $db->prepare('UPDATE `accounts` SET `premium_points` = `premium_points` + :points');
-	if (!$statement) {
-		displayMessage('Failed to prepare query statement.');
-		return;
-	}
-
 	if (!Account::query()->increment('premium_points', $points)) {
 		displayMessage('Failed to add points.');
 		return;
@@ -47,7 +40,7 @@ function admin_give_points($points)
 
 function admin_give_coins($coins)
 {
-	global $db, $hasCoinsColumn;
+	global $hasCoinsColumn;
 
 	if (!$hasCoinsColumn) {
 		displayMessage('Coins not supported.');
@@ -62,24 +55,6 @@ function admin_give_coins($coins)
 	displayMessage($coins . ' coins added to all accounts.', true);
 }
 
-function query_add_premium($column, $value_query, $condition_query = '1=1', $params = [])
-{
-	global $db;
-
-	$statement = $db->prepare("UPDATE `accounts` SET `{$column}` = $value_query WHERE $condition_query");
-	if (!$statement) {
-		displayMessage('Failed to prepare query statement.');
-		return false;
-	}
-
-	if (!$statement->execute($params)) {
-		displayMessage('Failed to add premium days.');
-		return false;
-	}
-
-	return true;
-}
-
 function admin_give_premdays($days)
 {
 	global $db, $freePremium;
@@ -94,9 +69,9 @@ function admin_give_premdays($days)
 	// othire
 	if ($db->hasColumn('accounts', 'premend')) {
 		// append premend
-		if (query_add_premium('premend', '`premend` + :value', '`premend` > :now', ['value' => $value, 'now' => $now])) {
+		if (Account::where('premend', '>', $now)->increment('premend', $value)) {
 			// set premend
-			if (query_add_premium('premend', ':value', '`premend` <= :now', ['value' => $now + $value, 'now' => $now])) {
+			if (Account::where('premend', '<=', $now)->update(['premend' => $now + $value])) {
 				displayMessage($days . ' premium days added to all accounts.', true);
 				return;
 			} else {
@@ -114,11 +89,11 @@ function admin_give_premdays($days)
 	// tfs 0.x
 	if ($db->hasColumn('accounts', 'premdays')) {
 		// append premdays
-		if (query_add_premium('premdays', '`premdays` + :value', '1=1', ['value' => $days])) {
+		if (Account::query()->update(['premdays' => $days])) {
 			// append lastday
-			if (query_add_premium('lastday', '`lastday` + :value', '`lastday` > :now', ['value' => $value, 'now' => $now])) {
+			if (Account::where('lastday', '>', $now)->increment('lastday', $value)) {
 				// set lastday
-				if (query_add_premium('lastday', ':value', '`lastday` <= :now', ['value' => $now + $value, 'now' => $now])) {
+				if (Account::where('lastday', '<=', $now)->update(['lastday' => $now + $value])) {
 					displayMessage($days . ' premium days added to all accounts.', true);
 					return;
 				} else {
@@ -142,9 +117,9 @@ function admin_give_premdays($days)
 	// tfs 1.x
 	if ($db->hasColumn('accounts', 'premium_ends_at')) {
 		// append premium_ends_at
-		if (query_add_premium('premium_ends_at', '`premium_ends_at` + :value', '`premium_ends_at` > :now', ['value' => $value, 'now' => $now])) {
+		if (Account::where('premium_ends_at', '>', $now)->increment('premium_ends_at', $value)) {
 			// set premium_ends_at
-			if (query_add_premium('premium_ends_at', ':value', '`premium_ends_at` <= :now', ['value' => $now + $value, 'now' => $now])) {
+			if (Account::where('premium_ends_at', '<=', $now)->update(['premium_ends_at' => $now + $value])) {
 				displayMessage($days . ' premium days added to all accounts.', true);
 				return;
 			} else {

admin/pages/menus.php

@@ -10,6 +10,7 @@
 
 use MyAAC\Cache\Cache;
 use MyAAC\Models\Menu;
+use MyAAC\Plugins;
 
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Menus';
@@ -21,6 +22,8 @@ if (!hasFlag(FLAG_CONTENT_MENUS) && !superAdmin()) {
 	return;
 }
 
+$pluginThemes = Plugins::getThemes();
+
 if (isset($_POST['template'])) {
 	$template = $_POST['template'];
 
@@ -64,9 +67,16 @@ if (isset($_POST['template'])) {
 		success('Saved at ' . date('H:i'));
 	}
 
-	$file = TEMPLATES . $template . '/config.php';
-	if (file_exists($file)) {
-		require_once $file;
+	$path = TEMPLATES . $template;
+
+	if (isset($pluginThemes[$template])) {
+		$path = BASE . $pluginThemes[$template];
+	}
+
+	$path .= '/config.php';
+
+	if (file_exists($path)) {
+		require_once $path;
 	} else {
 		echo 'Cannot find template config.php file.';
 		return;
@@ -169,8 +179,13 @@ if (isset($_POST['template'])) {
 } else {
 	$templates = Menu::select('template')->distinct()->get()->toArray();
 	foreach ($templates as $key => $value) {
-		$file = TEMPLATES . $value['template'] . '/config.php';
-		if (!file_exists($file)) {
+		$path = TEMPLATES . $value['template'];
+
+		if (isset($pluginThemes[$value['template']])) {
+			$path = BASE . $pluginThemes[$value['template']];
+		}
+
+		if (!file_exists($path . '/config.php')) {
 			unset($templates[$key]);
 		}
 	}

admin/pages/modules/created.php

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $accounts = 0;
 
 if ($db->hasColumn('accounts', 'created')) {
-	$accounts = Account::orderByDesc('created')->limit(10)->get(['created', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
+	$accounts = Account::orderByDesc('created')->limit(10)->get(['id', 'created'])->toArray();
 }
 
 $twig->display('created.html.twig', array(

admin/pages/modules/templates/created.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=accounts&id={{ result.id }}">{{ result.id }}</a></td>
 							<td>{{ result.created|date("M d Y, H:i:s") }}</td>
 						</tr>
 					{% endfor %}

admin/pages/news.php

@@ -26,7 +26,7 @@ if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
 
 header('X-XSS-Protection:0');
 
-// some constants, used mainly by database (cannot by modified without schema changes)
+// some constants, used mainly by database (cannot be modified without schema changes)
 const NEWS_TITLE_LIMIT = 100;
 const NEWS_BODY_LIMIT = 65535; // maximum news body length
 const ARTICLE_TEXT_LIMIT = 300;
@@ -136,9 +136,18 @@ if($action == 'edit' || $action == 'new') {
 
 $query = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news'));
 $newses = array();
+
+$cachePlayers = [];
 foreach ($query as $_news) {
+	$playerId = $_news['player_id'];
+	if (isset($cachePlayers[$playerId])) {
+		$_player = $cachePlayers[$playerId];
+	}
+	else {
 		$_player = new OTS_Player();
-	$_player->load($_news['player_id']);
+		$_player->load($playerId);
+		$cachePlayers[$playerId] = $_player;
+	}
 
 	$newses[$_news['type']][] = array(
 		'id' => $_news['id'],
@@ -147,7 +156,7 @@ foreach ($query as $_news) {
 		'title' => $_news['title'],
 		'date' => $_news['date'],
 		'player_name' => $_player->isLoaded() ? $_player->getName() : '',
-		'player_link' => $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
+		'player_link' => $_player->isLoaded() ? getPlayerLink($_player, false) : '',
 	);
 }
 

admin/pages/players.php

@@ -51,22 +51,20 @@ else if (isset($_REQUEST['search'])) {
 	if (strlen($search_player) < 3 && !Validator::number($search_player)) {
 		echo_error('Player name is too short.');
 	} else {
-		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($search_player));
-		if ($query->rowCount() == 1) {
-			$query = $query->fetch();
-			$id = (int)$query['id'];
+		$query = Player::where('name', 'like', '%' . $search_player . '%')->orderBy('name')->limit(11)->get(['id', 'name']);
+		if (count($query) == 0) {
+			echo_error('No entries found.');
+		} else if (count($query) == 1) {
+			$id = $query->first()->getKey();
+		} else if (count($query) > 10) {
+			echo_error('Specified name resulted with too many players.');
 		} else {
-			$query = $db->query('SELECT `id`, `name` FROM `players` WHERE `name` LIKE ' . $db->quote('%' . $search_player . '%'));
-			if ($query->rowCount() > 0 && $query->rowCount() <= 10) {
 			$str_construct = 'Do you mean?<ul>';
-				foreach ($query as $row)
-					$str_construct .= '<li><a href="' . $player_base . '&id=' . $row['id'] . '">' . $row['name'] . '</a></li>';
+			foreach ($query as $row) {
+				$str_construct .= '<li><a href="' . $player_base . '&id=' . $row->getKey() . '">' . $row->name . '</a></li>';
+			}
 			$str_construct .= '</ul>';
 			echo_error($str_construct);
-			} else if ($query->rowCount() > 10)
-				echo_error('Specified name resulted with too many players.');
-			else
-				echo_error('No entries found.');
 		}
 	}
 }
@@ -202,7 +200,7 @@ else if (isset($_REQUEST['search'])) {
 
 			if ($hasBlessingsColumn) {
 				$blessings = $_POST['blessings'];
-				verify_number($blessings, 'Blessings', 2);
+				verify_number($blessings, 'Blessings', 3);
 			}
 
 			$balance = $_POST['balance'];
@@ -274,7 +272,7 @@ else if (isset($_REQUEST['search'])) {
 					$player->setLossContainers($loss_containers);
 					$player->setLossItems($loss_items);
 				}
-				if ($db->hasColumn('players', 'blessings'))
+				if ($hasBlessingsColumn)
 					$player->setBlessings($blessings);
 
 				if ($hasBlessingColumn) {
@@ -307,7 +305,7 @@ else if (isset($_REQUEST['search'])) {
 			}
 		}
 	} else if ($id == 0) {
-		$players_db = $db->query('SELECT `id`, `name`, `level` FROM `players` ORDER BY `id` asc');
+		$players_db = Player::orderBy('id')->get(['id','name', 'level']);
 		?>
 		<div class="col-12 col-sm-12 col-lg-10">
 			<div class="card card-info card-outline">
@@ -327,11 +325,11 @@ else if (isset($_REQUEST['search'])) {
 						<tbody>
 						<?php foreach ($players_db as $player_db): ?>
 							<tr>
-								<th><?php echo $player_db['id']; ?></th>
-								<td><?php echo $player_db['name']; ?></a></td>
-								<td><?php echo $player_db['level']; ?></a></td>
+								<th><?php echo $player_db->id; ?></th>
+								<td><?php echo $player_db->name; ?></a></td>
+								<td><?php echo $player_db->level; ?></a></td>
 
-								<td><a href="?p=players&id=<?php echo $player_db['id']; ?>" class="btn btn-success btn-sm" title="Edit">
+								<td><a href="?p=players&id=<?php echo $player_db->id; ?>" class="btn btn-success btn-sm" title="Edit">
 										<i class="fas fa-pencil-alt"></i>
 									</a>
 								</td>

admin/pages/plugins.php

@@ -21,7 +21,13 @@ if (!getBoolean(setting('core.admin_plugins_manage_enable'))) {
 	warning('Plugin installation and management is disabled in Settings.<br/>If you wish to enable, go to Settings and enable <strong>Enable Plugins Manage</strong>.');
 }
 else {
-	$twig->display('admin.plugins.form.html.twig');
+	$pluginUploadEnabled = true;
+	if(!\class_exists('\ZipArchive')) {
+		error('Please install PHP zip extension. Plugins upload disabled until then.');
+		$pluginUploadEnabled = false;
+	}
+
+	$twig->display('admin.plugins.form.html.twig', ['pluginUploadEnabled' => $pluginUploadEnabled]);
 
 	if (isset($_POST['uninstall'])) {
 		$uninstall = $_POST['uninstall'];

admin/pages/settings.php

@@ -48,7 +48,7 @@ if (!is_array($settingsFile)) {
 
 $settingsKeyName = ($plugin == 'core' ? $plugin : $settingsFile['key']);
 
-$title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $plugin);
+$title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $settingsFile['name']);
 
 $settingsParsed = Settings::display($settingsKeyName, $settingsFile['settings']);
 

common.php

@@ -20,14 +20,14 @@
  *
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2019 MyAAC
+ * @copyright 2024 MyAAC
  * @link      https://my-aac.org
  */
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.0-beta';
-const DATABASE_VERSION = 40;
+const MYAAC_VERSION = '1.0.1';
+const DATABASE_VERSION = 42;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -156,7 +156,7 @@ if (file_exists(BASE . 'config.local.php')) {
 
 /** @var array $config */
 ini_set('log_errors', 1);
-if(@$config['env'] === 'dev') {
+if(@$config['env'] === 'dev' || defined('MYAAC_INSTALL')) {
 	ini_set('display_errors', 1);
 	ini_set('display_startup_errors', 1);
 	error_reporting(E_ALL);

composer.json

@@ -1,6 +1,6 @@
 {
     "require": {
-        "php": "^8.0",
+        "php": "^8.1",
         "ext-pdo": "*",
         "ext-pdo_mysql": "*",
         "ext-json": "*",
@@ -8,7 +8,7 @@
         "ext-dom": "*",
         "phpmailer/phpmailer": "^6.1",
         "composer/semver": "^3.2",
-        "twig/twig": "^2.0",
+        "twig/twig": "^3.11",
         "erusev/parsedown": "^1.7",
         "nikic/fast-route": "^1.3",
         "matomo/device-detector": "^6.0",
@@ -18,7 +18,7 @@
         "symfony/string": "^6.4",
         "symfony/var-dumper": "^6.4",
         "filp/whoops": "^2.15",
-        "maximebf/debugbar": "dev-master"
+        "maximebf/debugbar": "1.*"
     },
     "require-dev": {
         "phpstan/phpstan": "^1.10"

cypress/e2e/2-create-account.cy.js

@@ -22,7 +22,7 @@ describe('Create Account Page', () => {
 		cy.get('#vocation1').check()
 		cy.get('#accept_rules').check()
 
-		cy.get('#form').submit()
+		cy.get('#createaccount').submit()
 
 		// no errors please
 		cy.contains('The Following Errors Have Occurred:').should('not.exist')

cypress/e2e/3-check-public-pages.cy.js

@@ -116,9 +116,9 @@ describe('Check Public Pages', () => {
 	})
 
 	// library
-	it('Go to creatures page', () => {
+	it('Go to monsters page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/creatures',
+			url: Cypress.env('URL') + '/monsters',
 			method: 'GET',
 		})
 	})

cypress/e2e/4-check-protected-pages.cy.js

@@ -4,7 +4,7 @@ const YOU_ARE_NOT_LOGGEDIN = 'You are not logged in.';
 describe('Check Protected Pages', () => {
 
 	// character actions
-	it('Go to accouht character creation page', () => {
+	it('Go to account character creation page', () => {
 		cy.visit({
 			url: Cypress.env('URL') + '/account/character/create',
 			method: 'GET',
@@ -12,7 +12,7 @@ describe('Check Protected Pages', () => {
 		cy.contains(REQUIRED_LOGIN_MESSAGE)
 	})
 
-	it('Go to accouht character deletion page', () => {
+	it('Go to account character deletion page', () => {
 		cy.visit({
 			url: Cypress.env('URL') + '/account/character/delete',
 			method: 'GET',
@@ -21,7 +21,7 @@ describe('Check Protected Pages', () => {
 	})
 
 	// account actions
-	it('Go to accouht email change page', () => {
+	it('Go to account email change page', () => {
 		cy.visit({
 			url: Cypress.env('URL') + '/account/email',
 			method: 'GET',
@@ -29,7 +29,7 @@ describe('Check Protected Pages', () => {
 		cy.contains(REQUIRED_LOGIN_MESSAGE)
 	})
 
-	it('Go to accouht password change page', () => {
+	it('Go to account password change page', () => {
 		cy.visit({
 			url: Cypress.env('URL') + '/account/password',
 			method: 'GET',
@@ -37,7 +37,7 @@ describe('Check Protected Pages', () => {
 		cy.contains(REQUIRED_LOGIN_MESSAGE)
 	})
 
-	it('Go to accouht info change page', () => {
+	it('Go to account info change page', () => {
 		cy.visit({
 			url: Cypress.env('URL') + '/account/info',
 			method: 'GET',
@@ -45,7 +45,7 @@ describe('Check Protected Pages', () => {
 		cy.contains(REQUIRED_LOGIN_MESSAGE)
 	})
 
-	it('Go to accouht logout change page', () => {
+	it('Go to account logout change page', () => {
 		cy.visit({
 			url: Cypress.env('URL') + '/account/logout',
 			method: 'GET',

index.php

@@ -134,7 +134,7 @@ if(setting('core.anonymous_usage_statistics')) {
 		if(fetchDatabaseConfig('last_usage_report', $value)) {
 			$should_report = time() > (int)$value + $report_time;
 			if($cache->enabled()) {
-				$cache->set('last_usage_report', $value);
+				$cache->set('last_usage_report', $value, 60 * 60);
 			}
 		}
 		else {
@@ -148,7 +148,7 @@ if(setting('core.anonymous_usage_statistics')) {
 
 		updateDatabaseConfig('last_usage_report', time());
 		if($cache->enabled()) {
-			$cache->set('last_usage_report', time());
+			$cache->set('last_usage_report', time(), 60 * 60);
 		}
 	}
 }

install/includes/schema.sql

@@ -1,4 +1,4 @@
-SET @myaac_database_version = 40;
+SET @myaac_database_version = 42;
 
 CREATE TABLE `myaac_account_actions`
 (
@@ -8,7 +8,7 @@ CREATE TABLE `myaac_account_actions`
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`action` VARCHAR(255) NOT NULL DEFAULT '',
 	KEY (`account_id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_admin_menu`
 (
@@ -19,22 +19,7 @@ CREATE TABLE `myaac_admin_menu`
 	`flags` INT(11) NOT NULL DEFAULT 0,
 	`enabled` INT(1) NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-
-CREATE TABLE `myaac_bugtracker`
-(
-	`account` VARCHAR(255) NOT NULL,
-	`type` INT(11) NOT NULL DEFAULT 0,
-	`status` INT(11) NOT NULL DEFAULT 0,
-	`text` text NOT NULL,
-	`id` INT(11) NOT NULL DEFAULT 0,
-	`subject` VARCHAR(255) NOT NULL DEFAULT '',
-	`reply` INT(11) NOT NULL DEFAULT 0,
-	`who` INT(11) NOT NULL DEFAULT 0,
-	`uid` INT(11) NOT NULL AUTO_INCREMENT,
-	`tag` INT(11) NOT NULL DEFAULT 0,
-	PRIMARY KEY (`uid`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_changelog`
 (
@@ -46,7 +31,7 @@ CREATE TABLE `myaac_changelog`
 	`player_id` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
 
@@ -57,7 +42,7 @@ CREATE TABLE `myaac_config`
 	`value` VARCHAR(1000) NOT NULL,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_config` (`name`, `value`) VALUES ('database_version', @myaac_database_version);
 
@@ -69,7 +54,7 @@ CREATE TABLE `myaac_faq`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_forum_boards`
 (
@@ -82,7 +67,7 @@ CREATE TABLE `myaac_forum_boards`
 	`closed` TINYINT(1) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Trade', 'Trade offers.', 1);
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Quests', 'Quest making.', 2);
@@ -106,12 +91,12 @@ CREATE TABLE `myaac_forum`
 	`post_date` int(20) NOT NULL default '0',
 	`last_edit_aid` int(20) NOT NULL default '0',
 	`edit_date` int(20) NOT NULL default '0',
-	`post_ip` varchar(32) NOT NULL default '0.0.0.0',
+	`post_ip` varchar(45) NOT NULL default '0.0.0.0',
 	`sticked` tinyint(1) NOT NULL DEFAULT '0',
 	`closed` tinyint(1) NOT NULL DEFAULT '0',
 	PRIMARY KEY (`id`),
 	KEY `section` (`section`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_menu`
 (
@@ -125,7 +110,7 @@ CREATE TABLE `myaac_menu`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`enabled` INT(1) NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_monsters` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
@@ -158,7 +143,7 @@ CREATE TABLE `myaac_monsters` (
 	`loot` text NOT NULL,
 	`summons` TEXT NOT NULL,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news`
 (
@@ -176,7 +161,7 @@ CREATE TABLE `myaac_news`
 	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news_categories`
 (
@@ -186,7 +171,7 @@ CREATE TABLE `myaac_news_categories`
 	`icon_id` INT(2) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 0);
 INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 1);
@@ -202,7 +187,7 @@ CREATE TABLE `myaac_notepad`
 	`content` TEXT NOT NULL,
 	/*`public` TINYINT(1) NOT NULL DEFAULT 0*/
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_pages`
 (
@@ -218,7 +203,7 @@ CREATE TABLE `myaac_pages`
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_gallery`
 (
@@ -230,7 +215,7 @@ CREATE TABLE `myaac_gallery`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_gallery` (`id`, `ordering`, `comment`, `image`, `thumb`, `author`) VALUES (NULL, 1, 'Demon', 'images/gallery/demon.jpg', 'images/gallery/demon_thumb.gif', 'MyAAC');
 
@@ -242,7 +227,7 @@ CREATE TABLE `myaac_settings`
 	`value` TEXT NOT NULL,
 	PRIMARY KEY (`id`),
 	KEY `key` (`key`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_spells`
 (
@@ -265,7 +250,7 @@ CREATE TABLE `myaac_spells`
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_visitors`
 (
@@ -274,7 +259,7 @@ CREATE TABLE `myaac_visitors`
 	`page` VARCHAR(2048) NOT NULL,
 	`user_agent` VARCHAR(255) NOT NULL DEFAULT '',
 	UNIQUE (`ip`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_weapons`
 (
@@ -283,4 +268,4 @@ CREATE TABLE `myaac_weapons`
 	`maglevel` INT(11) NOT NULL DEFAULT 0,
 	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

install/index.php

@@ -3,9 +3,9 @@
 use Twig\Environment as Twig_Environment;
 use Twig\Loader\FilesystemLoader as Twig_FilesystemLoader;
 
-require '../common.php';
+const MYAAC_INSTALL = true;
 
-define('MYAAC_INSTALL', true);
+require '../common.php';
 
 // includes
 require SYSTEM . 'functions.php';
@@ -114,7 +114,7 @@ else if($step == 'finish') {
 	$email = $_SESSION['var_email'];
 	$password = $_SESSION['var_password'];
 	$password_confirm = $_SESSION['var_password_confirm'];
-	$player_name = $_SESSION['var_player_name'];
+	$player_name = $_SESSION['var_player_name'] ?? null;
 
 	// email check
 	if(empty($email)) {
@@ -125,18 +125,7 @@ else if($step == 'finish') {
 	}
 
 	// account check
-	if(isset($_SESSION['var_account'])) {
-		if(empty($_SESSION['var_account'])) {
-			$errors[] = $locale['step_admin_account_error_empty'];
-		}
-		else if(!Validator::accountName($_SESSION['var_account'])) {
-			$errors[] = $locale['step_admin_account_error_format'];
-		}
-		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
-			$errors[] = $locale['step_admin_account_error_same'];
-		}
-	}
-	else if(isset($_SESSION['var_account_id'])) {
+	if(isset($_SESSION['var_account_id'])) {
 		if(empty($_SESSION['var_account_id'])) {
 			$errors[] = $locale['step_admin_account_id_error_empty'];
 		}
@@ -147,6 +136,17 @@ else if($step == 'finish') {
 			$errors[] = $locale['step_admin_account_id_error_same'];
 		}
 	}
+	else if(isset($_SESSION['var_account'])) {
+		if(empty($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_empty'];
+		}
+		else if(!Validator::accountName($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_format'];
+		}
+		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
+			$errors[] = $locale['step_admin_account_error_same'];
+		}
+	}
 
 	// password check
 	if(empty($password)) {
@@ -159,13 +159,14 @@ else if($step == 'finish') {
 		$errors[] = $locale['step_admin_password_confirm_error_not_same'];
 	}
 
+	if (isset($player_name)) {
 		// player name check
 		if (empty($player_name)) {
 			$errors[] = $locale['step_admin_player_name_error_empty'];
-	}
-	else if(!Validator::characterName($player_name)) {
+		} else if (!Validator::characterName($player_name)) {
 			$errors[] = $locale['step_admin_player_name_error_format'];
 		}
+	}
 
 	if(!empty($errors)) {
 		$step = 'admin';
@@ -182,14 +183,14 @@ clearstatcache();
 if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
 	if(!file_exists(BASE . 'install/ip.txt')) {
 		$content = warning('AAC installation is disabled. To enable it make file <b>ip.txt</b> in install/ directory and put there your IP.<br/>
-		Your IP is:<br /><b>' . $_SERVER['REMOTE_ADDR'] . '</b>', true);
+		Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 	}
 	else {
 		$file_content = trim(file_get_contents(BASE . 'install/ip.txt'));
 		$allow = false;
 		$listIP = preg_split('/\s+/', $file_content);
 		foreach($listIP as $ip) {
-			if($_SERVER['REMOTE_ADDR'] == $ip) {
+			if(get_browser_real_ip() == $ip) {
 				$allow = true;
 			}
 		}
@@ -198,7 +199,7 @@ if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
 		{
 			$content = warning('In file <b>install/ip.txt</b> must be your IP!<br/>
 			In file is:<br /><b>' . nl2br($file_content) . '</b><br/>
-			Your IP is:<br /><b>' . $_SERVER['REMOTE_ADDR'] . '</b>', true);
+			Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 		}
 		else {
 			ob_start();

install/steps/3-requirements.php

@@ -2,10 +2,15 @@
 defined('MYAAC') or die('Direct access not allowed!');
 
 // configuration
-$dirs_required = [
+$dirs_required_writable = [
 	'system/logs',
 	'system/cache',
 ];
+
+$dirs_required = [
+	'tools/ext' => $locale['step_requirements_folder_not_exists_tools_ext'],
+];
+
 $dirs_optional = [
 	GUILD_IMAGES_DIR => $locale['step_requirements_warning_images_guilds'],
 	GALLERY_DIR => $locale['step_requirements_warning_images_gallery'],
@@ -18,6 +23,7 @@ $extensions_optional = [
 	'gd' => $locale['step_requirements_warning_player_signatures'],
 	'zip' => $locale['step_requirements_warning_install_plugins'],
 ];
+
 /*
  *
  * @param string $name
@@ -41,7 +47,7 @@ $failed = false;
 // start validating
 version_check($locale['step_requirements_php_version'], (PHP_VERSION_ID >= 50500), PHP_VERSION);
 
-foreach ($dirs_required as $value)
+foreach ($dirs_required_writable as $value)
 {
 	$is_writable = is_writable(BASE . $value) && (MYAAC_OS != 'WINDOWS' || win_is_writable(BASE . $value));
 	version_check($locale['step_requirements_write_perms'] . ': ' . $value, $is_writable);
@@ -52,6 +58,12 @@ foreach ($dirs_optional as $dir => $errorMsg) {
 	version_check($locale['step_requirements_write_perms'] . ': ' . $dir, $is_writable, $is_writable ? '' : $errorMsg, true);
 }
 
+foreach ($dirs_required as $dir => $errorMsg)
+{
+	$exists = is_dir(BASE . $dir);
+	version_check($locale['step_requirements_folder_exists'] . ': ' . $dir, $exists, $exists ? '' : $errorMsg);
+}
+
 $ini_register_globals = ini_get_bool('register_globals');
 version_check('register_long_arrays', !$ini_register_globals, $ini_register_globals ? $locale['on'] : $locale['off']);
 
@@ -78,4 +90,3 @@ if($failed) {
 }
 
 echo '</div>';
-?>

install/steps/5-database.php

@@ -40,15 +40,21 @@ if(!$error) {
 	$configToSave['gzip_output'] = false;
 	$configToSave['cache_engine'] = 'auto';
 	$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
+	$configToSave['database_auto_migrate'] = true;
 
+	if(!$error) {
+		$content = '';
+		$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
+		if ($saved) {
+			success($locale['step_database_config_saved']);
+			$_SESSION['saved'] = true;
+
+			require BASE . 'config.local.php';
 			require BASE . 'install/includes/config.php';
 
 			if (!$error) {
 				require BASE . 'install/includes/database.php';
 
-		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
-		success($locale['step_database_importing']);
-
 				if (isset($database_error)) { // we failed connect to the database
 					error($database_error);
 				}
@@ -59,31 +65,15 @@ if(!$error) {
 						$error = true;
 					}
 
-			if(!$db->hasTable('players')) {
-				$tmp = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
-				error($tmp);
-				$error = true;
-			}
-
-			if(!$db->hasTable('guilds')) {
-				$tmp = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
-				error($tmp);
-				$error = true;
-			}
-
 					if (!$error) {
 						$twig->display('install.installer.html.twig', array(
 							'url' => 'tools/5-database.php',
 							'message' => $locale['loading_spinner']
 						));
-
-				$content = '';
-				$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
-				if($saved) {
-					success($locale['step_database_config_saved']);
-					$_SESSION['saved'] = true;
 					}
-				else {
+				}
+			}
+		} else {
 			$_SESSION['config_content'] = $content;
 			unset($_SESSION['saved']);
 
@@ -93,8 +83,6 @@ if(!$error) {
 		}
 	}
 }
-	}
-}
 ?>
 
 <div class="text-center m-3">

install/steps/6-admin.php

@@ -18,6 +18,7 @@ if(!$error) {
 		'locale' => $locale,
 		'session' => $_SESSION,
 		'account' => $account,
+		'hasTablePlayers' => $db->hasTable('players'),
 		'errors' => isset($errors) ? $errors : null,
 		'buttons' => next_buttons(true, $error ? false : true)
 	));

install/steps/7-finish.php

@@ -1,5 +1,7 @@
 <?php
 
+use MyAAC\Cache\Cache;
+use MyAAC\Models\News;
 use MyAAC\Settings;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -7,14 +9,24 @@ defined('MYAAC') or die('Direct access not allowed!');
 ini_set('max_execution_time', 300);
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
+	return;
 }
-else {
+
+$cache = Cache::getInstance();
+if ($cache->enabled()) {
+	// clear plugin_hooks to have fresh hooks
+	$cache->delete('plugins_hooks');
+}
+
 require SYSTEM . 'init.php';
-	if(!$error) {
+if($error) {
+	return;
+}
+
 if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER)
-			$account = isset($_SESSION['var_account']) ? $_SESSION['var_account'] : null;
+	$account = $_SESSION['var_account'] ?? null;
 else
-			$account_id = isset($_SESSION['var_account_id']) ? $_SESSION['var_account_id'] : null;
+	$account_id = $_SESSION['var_account_id'] ?? null;
 
 $password = $_SESSION['var_password'];
 
@@ -30,6 +42,7 @@ else {
 else
 	$account_db->load($account_id);
 
+if ($db->hasTable('players')) {
 	$player_name = $_SESSION['var_player_name'];
 	$player_db = new OTS_Player();
 	$player_db->find($player_name);
@@ -47,6 +60,7 @@ else {
 
 	$groups = new OTS_Groups_List();
 	$player_used->setGroupId($groups->getHighestId());
+}
 
 $email = $_SESSION['var_email'];
 if($account_db->isLoaded()) {
@@ -81,15 +95,23 @@ else {
 
 $account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);
 $account_used->setCustomField('country', 'us');
+$account_used->setCustomField('email_verified', 1);
+
 if($db->hasColumn('accounts', 'group_id'))
 	$account_used->setCustomField('group_id', $groups->getHighestId());
 if($db->hasColumn('accounts', 'type'))
 	$account_used->setCustomField('type', 6);
 
-		if(!$player_db->isLoaded())
+if ($db->hasTable('players')) {
+	if(!$player_db->isLoaded()) {
 		$player->setAccountId($account_used->getId());
-		else
+		$player->save();
+	}
+	else {
 		$player_db->setAccountId($account_used->getId());
+		$player_db->save();
+	}
+}
 
 success($locale['step_database_created_account']);
 
@@ -97,27 +119,40 @@ else {
 setSession('password', encrypt($password));
 setSession('remember_me', true);
 
-		if($player_db->isLoaded()) {
-			$player_db->save();
-		}
-		else {
-			$player->save();
-		}
-
+if(!News::all()->count()) {
 	$player_id = 0;
-		$query = $db->query("SELECT `id` FROM `players` WHERE `name` = " . $db->quote($player_name) . ";");
-		if($query->rowCount() == 1) {
-			$query = $query->fetch();
-			$player_id = $query['id'];
+
+	if ($db->hasTable('players')) {
+		$tmpNewsPlayer = \MyAAC\Models\Player::where('name', $player_name)->first();
+		if($tmpNewsPlayer) {
+			$player_id = $tmpNewsPlayer->id;
+		}
 	}
 
-		$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX ."news` WHERE `title` LIKE 'Hello!';");
-		if($query->rowCount() == 0) {
-			if(query("INSERT INTO `" . TABLE_PREFIX ."news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hide`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'https://my-aac.org', '0');
-	INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hide`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'https://my-aac.org', " . $player_id . ", '', '0');")) {
+	News::create([
+		'type' => 1,
+		'date' => time(),
+		'category' => 2,
+		'title' => 'Hello!',
+		'body' => 'MyAAC is just READY to use!',
+		'player_id' => $player_id,
+		'comments' => 'https://my-aac.org',
+		'hide' => 0,
+	]);
+
+	News::create([
+		'type' => 2,
+		'date' => time(),
+		'category' => 4,
+		'title' => 'Hello tickers!',
+		'body' => 'https://my-aac.org',
+		'player_id' => $player_id,
+		'comments' => '',
+		'hide' => 0,
+	]);
+
 	success($locale['step_database_created_news']);
 }
-		}
 
 $settings = Settings::getInstance();
 foreach($_SESSION as $key => $value) {
@@ -168,5 +203,5 @@ else {
 if(file_exists(CACHE . 'install.txt')) {
 	unlink(CACHE . 'install.txt');
 }
-	}
-}
+
+$hooks->trigger(HOOK_INSTALL_FINISH_END);

install/tools/5-database.php

@@ -32,6 +32,9 @@ if($db->hasTable(TABLE_PREFIX . 'account_actions')) {
 else {
 	// import schema
 	try {
+		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
+		success($locale['step_database_importing']);
+
 		$db->query(file_get_contents(BASE . 'install/includes/schema.sql'));
 
 		$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
@@ -138,6 +141,7 @@ if(!$db->hasColumn('accounts', 'premium_points')) {
 		success($locale['step_database_adding_field'] . ' accounts.premium_points...');
 }
 
+if ($db->hasTable('guilds')) {
 	if ($db->hasColumn('guilds', 'checkdata')) {
 		if (query("ALTER TABLE `guilds` MODIFY `checkdata` INT NOT NULL DEFAULT 0;"))
 			success($locale['step_database_modifying_field'] . ' guilds.checkdata...');
@@ -146,8 +150,7 @@ if($db->hasColumn('guilds', 'checkdata')) {
 	if (!$db->hasColumn('guilds', 'motd')) {
 		if (query("ALTER TABLE `guilds` ADD `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 			success($locale['step_database_adding_field'] . ' guilds.motd...');
-}
-else {
+	} else {
 		if (query("ALTER TABLE `guilds` MODIFY `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 			success($locale['step_database_modifying_field'] . ' guilds.motd...');
 	}
@@ -163,12 +166,13 @@ if($db->hasColumn('guilds', 'logo_gfx_name')) {
 			$tmp = str_replace('$FIELD_NEW$', 'guilds.logo_name', $tmp);
 			success($tmp);
 		}
-}
-else if(!$db->hasColumn('guilds', 'logo_name')) {
+	} else if (!$db->hasColumn('guilds', 'logo_name')) {
 		if (query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
 			success($locale['step_database_adding_field'] . ' guilds.logo_name...');
 	}
+}
 
+if ($db->hasTable('players')) {
 	if (!$db->hasColumn('players', 'created')) {
 		if (query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_adding_field'] . ' players.created...');
@@ -187,8 +191,7 @@ if($db->hasColumn('players', 'hide_char')) {
 				success($tmp);
 			}
 		}
-}
-else if(!$db->hasColumn('players', 'hide')) {
+	} else if (!$db->hasColumn('players', 'hide')) {
 		if (query("ALTER TABLE `players` ADD `hide` TINYINT(1) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_adding_field'] . ' players.hide...');
 	}
@@ -208,6 +211,7 @@ if($db->hasColumn('players', 'rank_id')) {
 			}
 		}
 	}
+}
 
 if($db->hasTable('z_forum')) {
 	if(!$db->hasColumn('z_forum', 'post_html')) {

install/tools/7-finish.php

@@ -25,12 +25,14 @@ if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['save
 
 require SYSTEM . 'init.php';
 
+if ($db->hasTable('players')) {
 	$deleted = 'deleted';
 	if ($db->hasColumn('players', 'deletion'))
 		$deleted = 'deletion';
 
 	$time = time();
-function insert_sample_if_not_exist($p) {
+	function insert_sample_if_not_exist($p)
+	{
 		global $db, $success, $deleted, $time;
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($p['name']));
@@ -50,6 +52,7 @@ insert_sample_if_not_exist(array('name' => 'Knight Sample', 'level' => 8, 'vocat
 	if ($success) {
 		success($locale['step_database_imported_players']);
 	}
+}
 
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
@@ -59,16 +62,21 @@ DataLoader::load();
 
 // update config.highscores_ids_hidden
 require_once SYSTEM . 'migrations/20.php';
+$up();
 
 // add z_polls tables
 require_once SYSTEM . 'migrations/22.php';
+$up();
 
 // add myaac_pages pages
 require_once SYSTEM . 'migrations/27.php';
+$up();
 require_once SYSTEM . 'migrations/30.php';
+$up();
 
 // new monster columns
 require_once SYSTEM . 'migrations/31.php';
+$up();
 
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([
@@ -77,6 +85,8 @@ if(ModelsFAQ::count() == 0) {
 	]);
 }
 
+$hooks->trigger(HOOK_INSTALL_FINISH);
+
 $db->setClearCacheAfter(true);
 
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);

login.php

@@ -4,6 +4,7 @@ use MyAAC\Models\BoostedCreature;
 use MyAAC\Models\PlayerOnline;
 use MyAAC\Models\Account;
 use MyAAC\Models\Player;
+use MyAAC\RateLimit;
 
 require_once 'common.php';
 require_once SYSTEM . 'functions.php';
@@ -130,12 +131,29 @@ switch ($action) {
 		}
 
 		$account = $account->first();
+
+		$ip = get_browser_real_ip();
+		$limiter = new RateLimit('failed_logins', setting('core.account_login_attempts_limit'), setting('core.account_login_ban_time'));
+		$limiter->enabled = setting('core.account_login_ipban_protection');
+		$limiter->load();
+
+		$ban_msg = 'A wrong account, password or secret has been entered ' . setting('core.account_login_attempts_limit') . ' times in a row. You are unable to log into your account for the next ' . setting('core.account_login_ban_time') . ' minutes. Please wait.';
 		if (!$account) {
+			$limiter->increment($ip);
+			if ($limiter->exceeded($ip)) {
+				sendError($ban_msg);
+			}
+			
 			sendError(($inputEmail != false ? 'Email' : 'Account name') . ' or password is not correct.');
 		}
 
 		$current_password = encrypt((USE_ACCOUNT_SALT ? $account->salt : '') . $request->password);
 		if (!$account || $account->password != $current_password) {
+			$limiter->increment($ip);
+			if ($limiter->exceeded($ip)) {
+				sendError($ban_msg);
+			}
+
 			sendError(($inputEmail != false ? 'Email' : 'Account name') . ' or password is not correct.');
 		}
 
@@ -145,16 +163,30 @@ switch ($action) {
 			if ($accountSecret != null && $accountSecret != '') {
 				$accountHasSecret = true;
 				if ($inputToken === false) {
+					$limiter->increment($ip);
+					if ($limiter->exceeded($ip)) {
+						sendError($ban_msg);
+					}
 					sendError('Submit a valid two-factor authentication token.', 6);
 				} else {
 					require_once LIBS . 'rfc6238.php';
 					if (TokenAuth6238::verify($accountSecret, $inputToken) !== true) {
+						$limiter->increment($ip);
+						if ($limiter->exceeded($ip)) {
+							sendError($ban_msg);
+						}
+
 						sendError('Two-factor authentication failed, token is wrong.', 6);
 					}
 				}
 			}
 		}
 
+		$limiter->reset($ip);
+		if (setting('core.account_mail_verify') && $account->email_verified !== 1) {
+			sendError('You need to verify your account, enter in our site and resend verify e-mail!');
+		}
+
 		// common columns
 		$columns = 'id, name, level, sex, vocation, looktype, lookhead, lookbody, looklegs, lookfeet, lookaddons';
 

nginx-sample.conf

@@ -10,29 +10,21 @@ server {
 	# this is very important, be sure its in your nginx conf - it prevents access to logs etc.
 	location ~ /system {
 		deny all;
-		return 404;
-	}
-
-	location /vendor {
-		deny all;
-		return 404;
 	}
 
 	# block .htaccess, CHANGELOG.md, composer.json etc.
 	# this is to prevent finding software versions
 	location ~\.(ht|md|json|dist)$ {
 		deny all;
-		return 404;
 	}
 
 	# block git files and folders
 	location ~ /\.git {
-		return 404;
 		deny all;
 	}
 
 	location / {
-		try_files $uri $uri/ /index.php?$query_string;;
+		try_files $uri $uri/ /index.php?$query_string;
 	}
 
 	location ~ \.php$ {

package.json

@@ -4,7 +4,7 @@
     "postinstall": "node ./npm-post-install.js"
   },
   "devDependencies": {
-    "cypress": "^12.12.0"
+    "cypress": "^13.17.0"
   },
   "dependencies": {
     "@tinymce/tinymce-jquery": "^2.1.0",
@@ -12,6 +12,6 @@
     "fs-extra": "^11.2.0",
     "jquery": "^3.7.1",
     "jquery-ui": "^1.13.2",
-    "tinymce": "^6.8.3"
+    "tinymce": "^7.2.0"
   }
 }

phpstan.neon

@@ -28,7 +28,8 @@ parameters:
 		- '#Variable \$guild might not be defined#'
 		- '#Variable \$[a-zA-Z0-9\\_]+ might not be defined#'
 		# Eloquent models
-		- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+()#'
+		- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
+		- '#Call to an undefined method object::toArray\(\)#'
 		# system/pages/highscores.php
 		- '#Call to an undefined method Illuminate\\Database\\Query\\Builder::withOnlineStatus\(\)#'
 		- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$online_status#'

plugins/email-confirmed-reward/reward.php

@@ -1,8 +1,6 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 
-$reward = setting('core.account_mail_confirmed_reward');
-
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
 $rewardCoins = setting('core.account_mail_confirmed_reward_coins');
 if ($rewardCoins > 0 && !$hasCoinsColumn) {

plugins/example.json

@@ -25,7 +25,8 @@
 	"hooks": {
 		"Example Hook": {
 			"type": "BEFORE_PAGE",
-			"file": "plugins/example/before.php"
+			"file": "plugins/example/before.php",
+			"priority": 1000
 		}
 	},
 	"routes": {
@@ -33,12 +34,20 @@
 			"pattern": "/YourAwesomePage/{name:string}/{page:int}",
 			"file": "plugins/your-plugin/your-awesome-page.php",
 			"method": "GET",
-			"priority": "130"
+			"priority": 130
 		},
 		"Redirect Example": {
 			"redirect_from": "/redirectExample",
 			"redirect_to": "account/manage"
 		}
 	},
-	"settings": "plugins/your-plugin-folder/settings.php"
+	"routes-default-priority": 1000,
+	"pages-default-priority": 1000,
+	"settings": "plugins/your-plugin-folder/settings.php",
+	"autoload": {
+		"pages": true,
+		"pagesSubFolders": false,
+		"commands": true,
+		"themes": true
+	}
  }

release.sh

@@ -22,7 +22,7 @@ if [ $1 = "prepare" ]; then
 	mkdir -p tmp
 
 	# get myaac from git archive
-	git archive --format zip --output tmp/myaac.zip develop
+	git archive --format zip --output tmp/myaac.zip master
 
 	cd tmp/ || exit
 

system/clients.conf.php

@@ -105,4 +105,8 @@ $config['clients'] = [
 	1316,
 	1320,
 	1321,
+	1322,
+	1330,
+	1332,
+	1340,
 ];

system/compat/classes.php

@@ -36,3 +36,5 @@ class Guild extends OTS_Guild {
 }
 class GuildRank extends OTS_GuildRank {}
 class House extends OTS_House {}
+
+class Cache extends \MyAAC\Cache\Cache {}

system/database.php

@@ -106,6 +106,7 @@ try {
 		'persistent' => @$config['database_persistent']
 	));
 
+	global $db;
 	$db = POT::getInstance()->getDBHandle();
 	$capsule = new Capsule;
 	$capsule->addConnection([
@@ -127,6 +128,7 @@ try {
 	}
 
 	if(defined('MYAAC_INSTALL')) {
+		$error = $e->getMessage();
 		return; // installer will take care of this
 	}
 

system/exception.php

@@ -9,16 +9,16 @@
  */
 
 use MyAAC\Exceptions\SensitiveException;
+use Whoops\Handler\PlainTextHandler;
+use Whoops\Handler\PrettyPageHandler;
+use Whoops\Run;
 
-if (class_exists(\Whoops\Run::class)) {
-	$whoops = new \Whoops\Run;
-	if(IS_CLI) {
-		$whoops->pushHandler(new \Whoops\Handler\PlainTextHandler);
-	}
-	else {
-		$whoops->pushHandler(new \Whoops\Handler\PrettyPageHandler);
-	}
+if (class_exists(Run::class)) {
+	$whoops = new Run;
 
+	$whoopsHandler = IS_CLI ? (new PlainTextHandler()) : (new PrettyPageHandler());
+
+	$whoops->pushHandler($whoopsHandler);
 	$whoops->register();
 	return;
 }

system/functions.php

@@ -89,6 +89,10 @@ function getForumBoardLink($board_id, $page = NULL): string {
 
 function getPlayerLink($name, $generate = true, bool $colored = false): string
 {
+	if (is_object($name) and $name instanceof OTS_Player) {
+		$player = $name;
+	}
+	else {
 		$player = new OTS_Player();
 
 		if(is_numeric($name)) {
@@ -97,6 +101,7 @@ function getPlayerLink($name, $generate = true, bool $colored = false): string
 		else {
 			$player->find($name);
 		}
+	}
 
 	if (!$player->isLoaded()) {
 		return '(error)';
@@ -584,24 +589,12 @@ function template_form()
 {
 	global $template_name;
 
-	$cache = Cache::getInstance();
-	if($cache->enabled())
-	{
-		$tmp = '';
-		if($cache->fetch('templates', $tmp)) {
-			$templates = unserialize($tmp);
-		}
-		else
-		{
-			$templates = get_templates();
-			$cache->set('templates', serialize($templates), 30);
-		}
-	}
-	else
-		$templates = get_templates();
+	$templates = Cache::remember('templates', 5 * 60, function() {
+		return get_templates();
+	});
 
 	$options = '';
-	foreach($templates as $key => $value)
+	foreach($templates as $value)
 		$options .= '<option ' . ($template_name == $value ? 'SELECTED' : '') . '>' . $value . '</option>';
 
 	global $twig;
@@ -1097,20 +1090,16 @@ function csrfProtect(): void
 	}
 }
 
-function getTopPlayers($limit = 5) {
+function getTopPlayers($limit = 5, $skill = 'level') {
 	global $db;
 
-	$cache = Cache::getInstance();
-	if($cache->enabled()) {
-		$tmp = '';
-		if($cache->fetch('top_' . $limit . '_level', $tmp)) {
-			$players = unserialize($tmp);
-		}
+	if ($skill === 'level') {
+		$skill = 'experience';
 	}
 
-	if (!isset($players)) {
+	return Cache::remember("top_{$limit}_{$skill}", 2 * 60, function () use ($db, $limit, $skill) {
 		$columns = [
-			'id', 'name', 'level', 'vocation', 'experience',
+			'id', 'name', 'level', 'vocation', 'experience', 'balance',
 			'looktype', 'lookhead', 'lookbody', 'looklegs', 'lookfeet'
 		];
 
@@ -1122,32 +1111,27 @@ function getTopPlayers($limit = 5) {
 			$columns[] = 'online';
 		}
 
-		$players = Player::query()
+		return Player::query()
 			->select($columns)
 			->withOnlineStatus()
 			->notDeleted()
 			->where('group_id', '<', setting('core.highscores_groups_hidden'))
 			->whereNotIn('id', setting('core.highscores_ids_hidden'))
 			->where('account_id', '!=', 1)
-			->orderByDesc('experience')
+			->orderByDesc($skill)
 			->limit($limit)
 			->get()
 			->map(function ($e, $i) {
 				$row = $e->toArray();
 				$row['online'] = $e->online_status;
 				$row['rank'] = $i + 1;
+				$row['outfit_url'] = $e->outfit_url;
 
 				unset($row['online_table']);
 
 				return $row;
 			})->toArray();
-
-		if($cache->enabled()) {
-			$cache->set('top_' . $limit . '_level', serialize($players), 120);
-		}
-	}
-
-	return $players;
+	});
 }
 
 function deleteDirectory($dir, $ignore = array(), $contentOnly = false) {
@@ -1679,6 +1663,18 @@ function isRequestMethod(string $method): bool {
 	return strtolower($_SERVER['REQUEST_METHOD']) == strtolower($method);
 }
 
+function getAccountIdentityColumn(): string
+{
+	if (USE_ACCOUNT_NAME) {
+		return 'name';
+	}
+	elseif (USE_ACCOUNT_NUMBER) {
+		return 'number';
+	}
+
+	return 'id';
+}
+
 // validator functions
 require_once SYSTEM . 'compat/base.php';
 

system/init.php

@@ -12,11 +12,12 @@ use DebugBar\StandardDebugBar;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Hooks;
+use MyAAC\Models\Town;
 use MyAAC\Settings;
-use MyAAC\Towns;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
+global $config;
 if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
@@ -38,13 +39,15 @@ if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
 	$config['server_path'] .= '/';
 
 // enable gzip compression if supported by the browser
-if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false && function_exists('ob_gzhandler'))
+if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && str_contains($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('ob_gzhandler'))
 	ob_start('ob_gzhandler');
 
 // cache
+global $cache;
 $cache = Cache::getInstance();
 
 // event system
+global $hooks;
 $hooks = new Hooks();
 $hooks->load();
 
@@ -93,8 +96,8 @@ if($config_lua_reload) {
 
 	// cache config
 	if($cache->enabled()) {
-		$cache->set('config_lua', serialize($config['lua']), 120);
-		$cache->set('server_path', $config['server_path']);
+		$cache->set('config_lua', serialize($config['lua']), 2 * 60);
+		$cache->set('server_path', $config['server_path'], 10 * 60);
 	}
 }
 unset($tmp);
@@ -134,17 +137,16 @@ $ots = POT::getInstance();
 $eloquentConnection = null;
 require_once SYSTEM . 'database.php';
 
-if ($config_lua_reload) {
-	clearCache();
-}
-
 // verify myaac tables exists in database
 if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
 	throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . BASE_URL . 'install');
 }
 
 // execute migrations
+$configDatabaseAutoMigrate = config('database_auto_migrate');
+if (!isset($configDatabaseAutoMigrate) || $configDatabaseAutoMigrate) {
 	require SYSTEM . 'migrate.php';
+}
 
 // settings
 $settings = Settings::getInstance();
@@ -159,12 +161,15 @@ if (!isset($token) || !$token) {
 // deprecated config values
 require_once SYSTEM . 'compat/config.php';
 
+// deprecated classes
+require_once SYSTEM . 'compat/classes.php';
+
 date_default_timezone_set(setting('core.date_timezone'));
 
 setting(
 	[
-		'core.account_create_character_create',
-		setting('core.account_create_character_create') && (!setting('core.mail_enabled') || !setting('core.account_mail_verify'))
+		'core.account_mail_verify',
+		setting('core.account_mail_verify') && setting('core.mail_enabled')
 	]
 );
 
@@ -177,4 +182,17 @@ define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
 define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
 define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
 
-Towns::load();
+$towns = Cache::remember('towns', 10 * 60, function () use ($db) {
+	if ($db->hasTable('towns') && Town::count() > 0) {
+		return Town::orderBy('id', 'ASC')->pluck('name', 'id')->toArray();
+	}
+
+	return [];
+});
+
+if (count($towns) <= 0) {
+	$towns = setting('core.towns');
+}
+
+config(['towns', $towns]);
+unset($towns);

system/libs/pot/OTS_Base_DAO.php

@@ -83,38 +83,4 @@ abstract class OTS_Base_DAO implements IOTS_DAO
     {
         unset($this->data['id']);
     }
-
-/**
- * Magic PHP5 method.
- * 
- * <p>
- * Allows object importing from {@link http://www.php.net/manual/en/function.var-export.php var_export()}.
- * </p>
- * 
- * @version 0.1.0
- * @param array $properties List of object properties.
- */
-    public static function __set_state($properties)
-    {
-        // deletes database handle
-        if( isset($properties['db']) )
-        {
-            unset($properties['db']);
 }
-
-        // initializes new object with current database connection
-        $object = new self();
-
-        // loads properties
-        foreach($properties as $name => $value)
-        {
-            $object->$name = $value;
-        }
-
-        return $object;
-    }
-}
-
-/**#@-*/
-
-?>

system/libs/pot/OTS_Base_DB.php

@@ -184,8 +184,14 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
 		$query = 'UPDATE '.$this->tableName($table).' SET ';
 
 		$count = count($fields);
-		for ($i = 0; $i < $count; $i++)
-			$query.= $this->fieldName($fields[$i]).' = '.$this->quote($values[$i]).', ';
+		for ($i = 0; $i < $count; $i++) {
+			$value = 'NULL';
+			if ($values[$i] !== null) {
+				$value = $this->quote($values[$i]);
+			}
+
+			$query.= $this->fieldName($fields[$i]).' = '.$value.', ';
+		}
 
 		$query = substr($query, 0, -2);
 		$query.=' WHERE (';
@@ -229,6 +235,30 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
 		$this->exec($query);
 		return true;
 	}
+
+	public function addColumn($table, $column, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' ADD ' . $this->fieldName($column) . ' ' . $definition . ';');
+	}
+
+	public function modifyColumn($table, $column, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' MODIFY ' . $this->fieldName($column) . ' ' . $definition . ';');
+	}
+
+	public function changeColumn($table, $from, $to, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' CHANGE ' . $this->fieldName($from) . ' ' . $this->fieldName($to) . ' ' . $definition . ';');
+	}
+
+	public function dropColumn($table, $column): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' DROP COLUMN ' . $this->fieldName($column) . ';');
+	}
+
+	public function renameTable($from, $to): void {
+		$this->exec('RENAME TABLE ' . $this->tableName($from) . ' TO ' . $this->tableName($to) . ';');
+	}
+
+	public function dropTable($table, $ifExists = true): void {
+		$this->exec('DROP TABLE ' . ($ifExists ? 'IF EXISTS' : '') . ' ' . $this->tableName($table) . ';');
+	}
 /**
  * LIMIT/OFFSET clause for queries.
  *

system/libs/pot/OTS_Buffer.php

@@ -196,6 +196,16 @@ class OTS_Buffer
 		return $value[1];
 	}
 
+	public function getLongLong()
+	{
+		// checks buffer size
+		$this->check(8);
+
+		$value = unpack('P', substr($this->buffer, $this->pos, 8) );
+		$this->pos += 8;
+		return $value[1];
+	}
+
 /**
  * Appends quater byte to buffer.
  *

system/libs/pot/OTS_DB_MySQL.php

@@ -165,7 +165,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		}
 
 		if($this->logged) {
-			log_append('database.log', $_SERVER['REQUEST_URI'] . PHP_EOL . $this->getLog());
+			$currentScript = $_SERVER['REQUEST_URI'] ?? $_SERVER['SCRIPT_FILENAME'];
+			log_append('database.log', $currentScript . PHP_EOL . $this->getLog());
 		}
 	}
 

system/libs/pot/OTS_House.php

@@ -60,12 +60,7 @@ class OTS_House extends OTS_Row_DAO
     private $tiles = array();
 
 	public function load($id) {
-		$this->data = $this->db->query('SELECT * FROM `houses` WHERE `id` = ' . $id )->fetch();
-		foreach($this->data as $key => $value) {
-			if(is_numeric($key)) {
-				unset($this->data[$key]);
-			}
-		}
+		$this->data = $this->db->query('SELECT * FROM `houses` WHERE `id` = ' . $id )->fetch(PDO::FETCH_ASSOC);
 	}
 
     public function find($name)

system/libs/pot/OTS_Monster.php

@@ -135,13 +135,14 @@ class OTS_Monster extends DOMDocument
 	{
 		$flags = array();
 
-        // read all flags
+		if ($this->documentElement->getElementsByTagName('flags')->item(0)) {
 			foreach( $this->documentElement->getElementsByTagName('flags')->item(0)->getElementsByTagName('flag') as $flag)
 			{
 				$flag = $flag->attributes->item(0);
 
 				$flags[$flag->nodeName] = (int) $flag->nodeValue;
 			}
+		}
 
 		return $flags;
 	}

system/libs/pot/OTS_Player.php

@@ -90,7 +90,7 @@ class OTS_Player extends OTS_Row_DAO
  * @version 0.1.2
  * @var array
  */
-    private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
+    private $data = array('group_id' => 1, 'sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
 
 /**
  * Player skills.
@@ -1752,11 +1752,6 @@ class OTS_Player extends OTS_Row_DAO
  */
     public function getConditions()
     {
-        if( !isset($this->data['conditions']) )
-        {
-            throw new E_OTS_NotLoaded();
-        }
-
         return $this->data['conditions'];
     }
 

system/locale/de/install.php

@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Anforderungen';
 $locale['step_requirements_title'] = 'Anforderungen überprüfen';
 $locale['step_requirements_php_version'] = 'PHP Version';
 $locale['step_requirements_write_perms'] = 'Schreibberechtigungen';
+$locale['step_requirements_folder_exists'] = 'Ordner ist vorhanden';
+$locale['step_requirements_folder_not_exists_tools_ext'] = 'NPM Package Manager wird verwendet für externe JavaScript/CSS Bibliotheken.'
+	. ' Es sollte via Command Line installiert werden: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
+	. ' Nachdem das Tool installiert wurde, folgende Befehl sollte ausgeführt in dem Hauptordner des MyAACs: "npm install".';
 $locale['step_requirements_failed'] = 'Die Installation wird deaktiviert, bis diese Anforderungen erfüllt sind.</b><br/>Für weitere Informationen siehe <b>README</b> Datei.';
 $locale['step_requirements_extension'] = '$EXTENSION$ PHP Erweiterung';
 

system/locale/en/install.php

@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Requirements';
 $locale['step_requirements_title'] = 'Requirements check';
 $locale['step_requirements_php_version'] = 'PHP Version';
 $locale['step_requirements_write_perms'] = 'Write permissions';
+$locale['step_requirements_folder_exists'] = 'Directory exists';
+$locale['step_requirements_folder_not_exists_tools_ext'] = 'NPM Package Manager is used for external JavaScript/CSS libraries.'
+	. ' You need to install it through Command Line: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
+	. ' When you done with installing that tool, execute: "npm install" in the main MyAAC folder.';
 $locale['step_requirements_failed'] = 'Installation will be disabled until these requirements will be passed.</b><br/>For more informations see <b>README</b> file.';
 $locale['step_requirements_extension'] = '$EXTENSION$ PHP extension';
 $locale['step_requirements_warning_images_guilds'] = 'Guild logo upload will not work';
@@ -90,7 +94,7 @@ $locale['step_database_loaded_npcs'] = 'NPCs has been loaded...';
 $locale['step_database_error_npcs'] = 'There were some problems loading your NPCs';
 $locale['step_database_loaded_spells'] = 'Spells has been loaded...';
 $locale['step_database_loaded_towns'] = 'Towns has been loaded...';
-$locale['step_database_error_towns'] = 'There were some problems loading your towns. You will need to configure them manually in config.';
+$locale['step_database_error_towns'] = 'There were some problems loading your towns. You will need to configure them manually in Settings.';
 $locale['step_database_created_account'] = 'Created admin account...';
 $locale['step_database_created_news'] = 'Newses has been created...';
 

system/locale/pl/install.php

@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Wymagania';
 $locale['step_requirements_title'] = 'Sprawdzanie wymagań';
 $locale['step_requirements_php_version'] = 'Wersja PHP';
 $locale['step_requirements_write_perms'] = 'Uprawnienia do zapisu';
+$locale['step_requirements_folder_exists'] = 'Folder istnieje';
+$locale['step_requirements_folder_not_exists_tools_ext'] = 'Manadżer Pakietów NPM jest używany do zewnętrznych bibliotek JavaScript/CSS.'
+	. ' Trzeba go zainstalować poprzez wiersz poleceń: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
+	. ' Po instalacji narzędzia, wywołaj następujące polecenie w głownym katalogu MyAAC: "npm install".';
 $locale['step_requirements_failed'] = 'Instalacja zostanie zablokowana dopóki te wymagania nie zostaną spełnione.</b><br/>Po więcej informacji zasięgnij do pliku <b>README</b>.';
 $locale['step_requirements_extension'] = 'Rozszerzenie PHP - $EXTENSION$';
 $locale['step_requirements_warning_images_guilds'] = 'Nie będzie możliwości uploadu obrazków gildii';
@@ -89,7 +93,7 @@ $locale['step_database_loaded_npcs'] = 'Załadowano NPCs...';
 $locale['step_database_error_npcs'] = 'Wystąpił problem podczas ładowania NPCs';
 $locale['step_database_loaded_spells'] = 'Załadowano czary (spells)...';
 $locale['step_database_loaded_towns'] = 'Załadowano miasta (towns)...';
-$locale['step_database_error_towns'] = 'Wystąpił problem podczas ładowania miast. Trzeba będzie je skonfigurować manualnie.';
+$locale['step_database_error_towns'] = 'Wystąpił problem podczas ładowania miast. Trzeba będzie je skonfigurować manualnie w ustawieniach.';
 $locale['step_database_created_account'] = 'Utworzono konto admina...';
 $locale['step_database_created_news'] = 'Utworzono newsy...';
 

system/migrate.php

@@ -17,6 +17,12 @@ if(fetchDatabaseConfig('database_version', $tmp)) { // we got version
 		$db->revalidateCache();
 		for($i = $tmp + 1; $i <= DATABASE_VERSION; $i++) {
 			require SYSTEM . 'migrations/' . $i . '.php';
+
+			if (isset($up)) {
+				$up();
+				unset($up);
+			}
+
 			updateDatabaseConfig('database_version', $i);
 		}
 	}
@@ -26,6 +32,12 @@ else { // register first version
 	$db->revalidateCache();
 	for($i = 1; $i <= DATABASE_VERSION; $i++) {
 		require SYSTEM . 'migrations/' . $i . '.php';
+
+		if (isset($up)) {
+			$up();
+			unset($up);
+		}
+
 		updateDatabaseConfig('database_version', $i);
 	}
 }

system/migrations/1-hooks.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/1.php

@@ -1,16 +1,16 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';");
-	$db->query("
-	CREATE TABLE `myaac_hooks`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(30) NOT NULL DEFAULT '',
-	`type` INT(2) NOT NULL DEFAULT 0,
-	`file` VARCHAR(100) NOT NULL,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-?>
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'date', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'action', "VARCHAR(255) NOT NULL DEFAULT ''");
+
+	$db->query(file_get_contents(__DIR__ . '/1-hooks.sql'));
+};
+
+$down = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'hooks');
+};

system/migrations/10-admin_menu.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `myaac_admin_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(255) NOT NULL DEFAULT '',
+	`page` VARCHAR(255) NOT NULL DEFAULT '',
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`flags` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/10.php

@@ -1,17 +1,24 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "hooks` ADD `ordering` INT(11) NOT NULL DEFAULT 0 AFTER `file`;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-	if(!$db->hasTable(TABLE_PREFIX . 'admin_menu'))
-		$db->query("
-CREATE TABLE `myaac_admin_menu`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(255) NOT NULL DEFAULT '',
-	`page` VARCHAR(255) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`flags` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering')) {
+		$db->addColumn(TABLE_PREFIX . 'hooks', 'ordering', "INT(11) NOT NULL DEFAULT 0 AFTER `file`");
+	}
+
+	if (!$db->hasTable(TABLE_PREFIX . 'admin_menu')) {
+		$db->query(file_get_contents(__DIR__ . '/10-admin_menu.sql'));
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering')) {
+		$db->dropColumn(TABLE_PREFIX . 'hooks', 'ordering');
+	}
+
+	if ($db->hasTable(TABLE_PREFIX . 'admin_menu')) {
+		$db->dropTable(TABLE_PREFIX . 'admin_menu');
+	}
+};

system/migrations/11.php

@@ -1,8 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
 	// rename database tables
-	$db->query("RENAME TABLE
-		" . TABLE_PREFIX . "screenshots TO " . TABLE_PREFIX . "gallery,
-		" . TABLE_PREFIX . "movies TO " . TABLE_PREFIX . "videos;");
+	$db->renameTable(TABLE_PREFIX . 'screenshots', TABLE_PREFIX . 'gallery');
+	$db->renameTable(TABLE_PREFIX . 'movies', TABLE_PREFIX . 'videos');
 
 	// rename images dir
 	if (file_exists(BASE . 'images/screenshots') && !file_exists(BASE . GALLERY_DIR)) {
@@ -17,3 +21,24 @@
 			'thumb' => str_replace('/screenshots/', '/gallery/', $item['thumb']),
 		), array('id' => $item['id']));
 	}
+};
+
+$down = function () use ($db) {
+	// rename database tables
+	$db->renameTable(TABLE_PREFIX . 'gallery', TABLE_PREFIX . 'screenshots');
+	$db->renameTable(TABLE_PREFIX . 'videos', TABLE_PREFIX . 'movies');
+
+	// rename images dir
+	if (file_exists(BASE . GALLERY_DIR) && !file_exists(BASE . 'images/screenshots')) {
+		rename(BASE . GALLERY_DIR, BASE . 'images/screenshots');
+	}
+
+	// convert new database gallery images to screenshots
+	$query = $db->query('SELECT `id`, `image`, `thumb` FROM `' . TABLE_PREFIX . 'screenshots`;');
+	foreach ($query->fetchAll() as $item) {
+		$db->update(TABLE_PREFIX . 'screenshots', [
+			'image' => str_replace('/gallery/', '/screenshots/', $item['image']),
+			'thumb' => str_replace('/gallery/', '/screenshots/', $item['thumb']),
+		], ['id' => $item['id']]);
+	}
+};

system/migrations/12-items.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_items`
+(
+	`id` INT(11) NOT NULL,
+	`article` VARCHAR(5) NOT NULL DEFAULT '',
+	`name` VARCHAR(50) NOT NULL DEFAULT '',
+	`plural` VARCHAR(50) NOT NULL DEFAULT '',
+	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/12-weapons.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_weapons`
+(
+	`id` INT(11) NOT NULL,
+	`level` INT(11) NOT NULL DEFAULT 0,
+	`maglevel` INT(11) NOT NULL DEFAULT 0,
+	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/12.php

@@ -1,51 +1,65 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+use MyAAC\Models\Spell;
+
+$up = function () use ($db) {
 	// add new item_id field for runes
-if(!$db->hasColumn(TABLE_PREFIX . 'spells', 'item_id'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD `item_id` INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`;");
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'item_id')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'item_id', 'INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`');
+	}
 
 	// change unique index from spell to name
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `spell`;");
 	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD UNIQUE INDEX (`name`);");
 
 	// change comment of spells.type
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune';");
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'type', "TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune'");
 
 	// new items table
-if(!$db->hasTable(TABLE_PREFIX . 'items'))
-$db->query("
-CREATE TABLE `" . TABLE_PREFIX . "items`
-(
-	`id` INT(11) NOT NULL,
-	`article` VARCHAR(5) NOT NULL DEFAULT '',
-	`name` VARCHAR(50) NOT NULL DEFAULT '',
-	`plural` VARCHAR(50) NOT NULL DEFAULT '',
-	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+	if (!$db->hasTable(TABLE_PREFIX . 'items')) {
+		$db->query(file_get_contents(__DIR__ . '/12-items.sql'));
+	}
 
 	// new weapons table
-if(!$db->hasTable(TABLE_PREFIX . 'weapons'))
-$db->query("
-CREATE TABLE `" . TABLE_PREFIX . "weapons`
-(
-	`id` INT(11) NOT NULL,
-	`level` INT(11) NOT NULL DEFAULT 0,
-	`maglevel` INT(11) NOT NULL DEFAULT 0,
-	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+	if (!$db->hasTable(TABLE_PREFIX . 'weapons')) {
+		$db->query(file_get_contents(__DIR__ . '/12-weapons.sql'));
+	}
 
 	// modify vocations to support json data
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(100) NOT NULL DEFAULT '';");
-$query = $db->query('SELECT `id`, `vocations` FROM `' . TABLE_PREFIX . 'spells`');
-foreach($query->fetchAll() as $spell) {
-	$tmp = explode(',', $spell['vocations']);
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'vocations', "VARCHAR(100) NOT NULL DEFAULT ''");
+
+	$spells = Spell::select('id', 'vocations')->get();
+	foreach ($spells as $spell) {
+		$tmp = explode(',', $spell->vocations);
 		foreach ($tmp as &$v) {
 			$v = (int)$v;
 		}
-	$db->update(TABLE_PREFIX . 'spells', array('vocations' => json_encode($tmp)), array('id' => $spell['id']));
+
+		Spell::where('id', $spell->id)->update(['vocations' => json_encode($tmp)]);
 	}
-?>
+};
+
+$down = function () use ($db) {
+	// remove item_id field for runes
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'item_id')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'item_id');
+	}
+
+	// change unique index from spell to name
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `name`;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD INDEX (`spell`);");
+
+	$db->dropTable(TABLE_PREFIX . 'items');
+	$db->dropTable(TABLE_PREFIX . 'weapons');
+
+	$spells = Spell::select('id', 'vocations')->get();
+	// modify vocations to use vocation separated by comma
+	foreach ($spells as $spell) {
+		$vocations = empty($spell->vocations) ? [] : json_decode($spell->vocations);
+
+		Spell::where('id', $spell->id)->update(['vocations' => implode(',', $vocations)]);
+	}
+};

system/migrations/13.php

@@ -1,3 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'spells', 'spell'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP COLUMN `spell`;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'spell');
+	}
+};
+
+$down = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'spell', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
+};

system/migrations/14.php

@@ -1,18 +1,39 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	// change monsters.file_path field to loot
 	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'file_path')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `file_path` `loot` VARCHAR(5000);");
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'file_path', 'loot', 'VARCHAR(5000)');
 	}
 
 	// update loot to empty string
 	$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `loot` = '';");
 
 	// drop monsters.gfx_name field
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` DROP COLUMN `gfx_name`;");
+	$db->dropColumn(TABLE_PREFIX . 'monsters', 'gfx_name');
 
 	// rename hide_creature to hidden
 	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'hide_creature')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hide_creature` `hidden` TINYINT(1) NOT NULL DEFAULT 0;");
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'hide_creature', 'hidden', "TINYINT(1) NOT NULL DEFAULT 0");
 	}
-?>
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'loot')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'loot', 'file_path', 'VARCHAR(5000)');
+	}
+
+	// update file_path to empty string
+	$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `file_path` = '';");
+
+	// add monsters.gfx_name field
+	$db->addColumn(TABLE_PREFIX . 'monsters', 'gfx_name', 'varchar(255) NOT NULL AFTER `race`');
+
+	// rename hidden to hide_creature
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'hidden')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'hidden', 'hide_creature', 'TINYINT(1) NOT NULL DEFAULT 0');
+	}
+};

system/migrations/15.php

@@ -1,10 +1,26 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // add new forum.guild and forum.access fields
+
+$up = function () use ($db) {
 	if (!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `guild` TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`;");
+		$db->addColumn(TABLE_PREFIX . 'forum_boards', 'guild', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`');
 	}
 
 	if (!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `access` TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`;");
+		$db->addColumn(TABLE_PREFIX . 'forum_boards', 'access', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`');
 	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
+		$db->dropColumn(TABLE_PREFIX . 'forum_boards', 'guild');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
+		$db->dropColumn(TABLE_PREFIX . 'forum_boards', 'access');
+	}
+};

system/migrations/16.php

@@ -1,5 +1,14 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // change size of spells.vocations
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(300) NOT NULL DEFAULT '';");
-?>
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'vocations', "VARCHAR(300) NOT NULL DEFAULT ''");
+};
+
+$down = function () {
+	// nothing to do here
+};

system/migrations/17-menu.sql

@@ -0,0 +1,11 @@
+CREATE TABLE `myaac_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`template` VARCHAR(255) NOT NULL,
+	`name` VARCHAR(255) NOT NULL,
+	`link` VARCHAR(255) NOT NULL,
+	`category` INT(11) NOT NULL DEFAULT 1,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/17.php

@@ -1,23 +1,20 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 use MyAAC\Plugins;
 
-if(!$db->hasTable('myaac_menu')) {
-	$db->query("
-CREATE TABLE `myaac_menu`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`template` VARCHAR(255) NOT NULL,
-	`name` VARCHAR(255) NOT NULL,
-	`link` VARCHAR(255) NOT NULL,
-	`category` INT(11) NOT NULL DEFAULT 1,
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+$up = function () use ($db) {
+	if (!$db->hasTable(TABLE_PREFIX . 'menu')) {
+		$db->exec(file_get_contents(__DIR__ . '/17-menu.sql'));
 	}
 
 	Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 	Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
+};
+
+$down = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'menu');
+};
 

system/migrations/18.php

@@ -1,6 +1,24 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_text` VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`;");
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_image` VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'news', 'article_text')) {
+		$db->addColumn(TABLE_PREFIX . 'news', 'article_text', "VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`");
+	}
 
-?>
+	if (!$db->hasColumn(TABLE_PREFIX . 'news', 'article_image')) {
+		$db->addColumn(TABLE_PREFIX . 'news', 'article_image', "VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'news', 'article_text')) {
+		$db->dropColumn(TABLE_PREFIX . 'news', 'article_text');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'news', 'article_image')) {
+		$db->dropColumn(TABLE_PREFIX . 'news', 'article_image');
+	}
+};

system/migrations/2.php

@@ -1,5 +1,11 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "faq` MODIFY `answer` VARCHAR(1020) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'faq', 'answer', "VARCHAR(1020) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'movies', 'title', "VARCHAR(100) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'news', 'title', "VARCHAR(100) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'news', 'body', "TEXT NOT NULL");
+};

system/migrations/20.php

@@ -2,16 +2,33 @@
 
 use MyAAC\Settings;
 
+function updateHighscoresIdsHidden(): void
+{
+	global $db;
+
+	if (!$db->hasTable('players')) {
+		return;
+	}
+
 	$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
 
 	$highscores_ignored_ids = array();
 	if ($query->rowCount() > 0) {
 		foreach ($query->fetchAll() as $result)
 			$highscores_ignored_ids[] = $result['id'];
-}
-else {
+	} else {
 		$highscores_ignored_ids[] = 0;
 	}
 
 	$settings = Settings::getInstance();
 	$settings->updateInDatabase('core', 'highscores_ids_hidden', implode(', ', $highscores_ignored_ids));
+}
+
+$up = function () {
+	updateHighscoresIdsHidden();
+};
+
+$down = function () {
+	$settings = Settings::getInstance();
+	$settings->updateInDatabase('core', 'highscores_ids_hidden', '0');
+};

system/migrations/21.php

@@ -1,6 +1,10 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum` ADD `post_html` TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`;");
+$up = function () use ($db) {
+	$db->addColumn(TABLE_PREFIX . 'forum', 'post_html', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`');
 
 	$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "forum_boards` WHERE `name` LIKE " . $db->quote('News') . " LIMIT 1;");
 	if ($query->rowCount() == 0) {
@@ -12,3 +16,8 @@ $id = $query['id'];
 
 	// update all forum threads with is_html = 1
 	$db->exec("UPDATE `" . TABLE_PREFIX . "forum` SET `post_html` = 1 WHERE `section` = " . $id . " AND `id` = `first_post`;");
+};
+
+$down = function () use ($db) {
+	$db->dropColumn(TABLE_PREFIX . 'forum', 'post_html');
+};

system/migrations/22-z_polls.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `z_polls` (
+	`id` int(11) NOT NULL auto_increment,
+	`question` varchar(255) NOT NULL,
+	`description` varchar(255) NOT NULL,
+	`end` int(11) NOT NULL DEFAULT 0,
+	`start` int(11) NOT NULL DEFAULT 0,
+	`answers` int(11) NOT NULL DEFAULT 0,
+	`votes_all` int(11) NOT NULL DEFAULT 0,
+	PRIMARY KEY  (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/22-z_polls_answers.sql

@@ -0,0 +1,6 @@
+CREATE TABLE `z_polls_answers` (
+	`poll_id` int(11) NOT NULL,
+	`answer_id` int(11) NOT NULL,
+	`answer` varchar(255) NOT NULL,
+	`votes` int(11) NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/22.php

@@ -1,31 +1,35 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasTable('z_polls'))
-	$db->query('
-CREATE TABLE `z_polls` (
-  `id` int(11) NOT NULL auto_increment,
-  `question` varchar(255) NOT NULL,
-  `description` varchar(255) NOT NULL,
-  `end` int(11) NOT NULL DEFAULT 0,
-  `start` int(11) NOT NULL DEFAULT 0,
-  `answers` int(11) NOT NULL DEFAULT 0,
-  `votes_all` int(11) NOT NULL DEFAULT 0,
-  PRIMARY KEY  (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-');
-
-if(!$db->hasTable('z_polls_answers'))
-$db->query('
-	CREATE TABLE `z_polls_answers` (
-  `poll_id` int(11) NOT NULL,
-  `answer_id` int(11) NOT NULL,
-  `answer` varchar(255) NOT NULL,
-  `votes` int(11) NOT NULL DEFAULT 0
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-');
-
-if(!$db->hasColumn('accounts', 'vote'))
-	$db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) DEFAULT 0 NOT NULL ;');
-else {
-	$db->query('ALTER TABLE `accounts` MODIFY `vote` INT( 11 ) DEFAULT 0 NOT NULL ;');
+$up = function () use ($db) {
+	if (!$db->hasTable('z_polls')) {
+		$db->exec(file_get_contents(__DIR__ . '/22-z_polls.sql'));
 	}
+
+	if (!$db->hasTable('z_polls_answers')) {
+		$db->exec(file_get_contents(__DIR__ . '/22-z_polls_answers.sql'));
+	}
+
+	if (!$db->hasColumn('accounts', 'vote')) {
+		$db->addColumn('accounts', 'vote', 'int(11) NOT NULL DEFAULT 0');
+	}
+	else {
+		$db->modifyColumn('accounts', 'vote', 'int(11) NOT NULL DEFAULT 0');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasTable('z_polls')) {
+		$db->dropTable('z_polls;');
+	}
+
+	if ($db->hasTable('z_polls_answers')) {
+		$db->dropTable('z_polls_answers');
+	}
+
+	if ($db->hasColumn('accounts', 'vote')) {
+		$db->dropColumn('accounts', 'vote');
+	}
+};

system/migrations/23.php

@@ -1,7 +1,24 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasColumn(TABLE_PREFIX . 'menu', 'blank'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "menu` ADD `blank` TINYINT(1) NOT NULL DEFAULT 0 AFTER `link`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'blank')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'blank', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `link`');
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'menu', 'color'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "menu` ADD `color` CHAR(6) NOT NULL DEFAULT '' AFTER `blank`;");
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'color')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'color', "CHAR(6) NOT NULL DEFAULT '' AFTER `blank`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'blank')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'blank');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'color')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'color');
+	}
+};

system/migrations/24-items.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_items`
+(
+	`id` INT(11) NOT NULL,
+	`article` VARCHAR(5) NOT NULL DEFAULT '',
+	`name` VARCHAR(50) NOT NULL DEFAULT '',
+	`plural` VARCHAR(50) NOT NULL DEFAULT '',
+	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/24.php

@@ -1,3 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'items`;');
+$up = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'items');
+};
+
+$down = function () use ($db) {
+	$db->exec(file_get_contents(__DIR__ . '/24-items.sql'));
+};

system/migrations/25.php

@@ -1,3 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'monsters` MODIFY `loot` text NOT NULL;');
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'monsters', 'loot', 'text NOT NULL');
+};
+
+$down = function () {
+	// nothing to do
+};

system/migrations/26.php

@@ -1,17 +1,32 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . "spells` MODIFY `spell` VARCHAR(255) NOT NULL DEFAULT '';");
+		$db->modifyColumn(TABLE_PREFIX . 'spells', 'spell', "VARCHAR(255) NOT NULL DEFAULT ''");
 	}
 
 	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'words')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . "spells` MODIFY `words` VARCHAR(255) NOT NULL DEFAULT '';");
+		$db->modifyColumn(TABLE_PREFIX . 'spells', 'words', "VARCHAR(255) NOT NULL DEFAULT ''");
 	}
 
 	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'spells` ADD `conjure_id` INT(11) NOT NULL DEFAULT 0 AFTER `soul`;');
+		$db->addColumn(TABLE_PREFIX . 'spells', 'conjure_id', 'INT(11) NOT NULL DEFAULT 0 AFTER `soul`');
 	}
 
 	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'spells` ADD `reagent` INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`;');
+		$db->addColumn(TABLE_PREFIX . 'spells', 'reagent', 'INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`');
 	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'conjure_id');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'reagent');
+	}
+};

system/migrations/27-commands.html

@@ -0,0 +1,22 @@
+<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
+	<thead>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
+		<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
+	</tr>
+	</thead>
+	<tbody>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;">!example</td>
+		<td style="height: 18px; border-width: 1px;">This is just an example</td>
+	</tr>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;">!buyhouse</td>
+		<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
+	</tr>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
+		<td style="height: 18px; border-width: 1px;">Buy AoL</td>
+	</tr>
+	</tbody>
+</table>

system/migrations/27-downloads.html

@@ -0,0 +1,6 @@
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
+	<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
+	<h2>IP Changer:</h2>
+	<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>

system/migrations/27.php

@@ -1,47 +1,48 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$downloadsPage = <<<HTML
-<p>&nbsp;</p>
-<p>&nbsp;</p>
-<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
-<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
-<h2>IP Changer:</h2>
-<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>
-HTML;
+use MyAAC\Models\Pages;
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('downloads') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-	(null, 'downloads', 'Downloads', {$db->quote($downloadsPage)}, 0, 1, 0, 0, 0);");
+$up = function () use ($db) {
+	$downloadsModel = Pages::where('name', 'downloads')->first();
+	if (!$downloadsModel) {
+		$db->insert(TABLE_PREFIX . 'pages', [
+			'name' => 'downloads',
+			'title' => 'Downloads',
+			'body' => file_get_contents(__DIR__ . '/27-downloads.html'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'access' => 0,
+			($db->hasColumn(TABLE_PREFIX . 'pages', 'hide') ? 'hide' : 'hidden') => 0,
+		]);
 	}
 
-$commandsPage = <<<HTML
-<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
-<thead>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
-<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
-</tr>
-</thead>
-<tbody>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;">!example</td>
-<td style="height: 18px; border-width: 1px;">This is just an example</td>
-</tr>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;">!buyhouse</td>
-<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
-</tr>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
-<td style="height: 18px; border-width: 1px;">Buy AoL</td>
-</tr>
-</tbody>
-</table>
-HTML;
-
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('commands') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-(null, 'commands', 'Commands', {$db->quote($commandsPage)}, 0, 1, 0, 0, 0);");
+	$commandsModel = Pages::where('name', 'commands')->first();
+	if (!$commandsModel) {
+		$db->insert(TABLE_PREFIX . 'pages', [
+			'name' => 'commands',
+			'title' => 'Commands',
+			'body' => file_get_contents(__DIR__ . '/27-commands.html'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'access' => 0,
+			($db->hasColumn(TABLE_PREFIX . 'pages', 'hide') ? 'hide' : 'hidden') => 0,
+		]);
 	}
+};
+
+$down = function () {
+	$downloadsModel = Pages::where('name', 'downloads')->first();
+	if ($downloadsModel) {
+		$downloadsModel->delete();
+	}
+
+	$commandsModel = Pages::where('name', 'commands')->first();
+	if ($commandsModel) {
+		$commandsModel->delete();
+	}
+};

system/migrations/28-hooks.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/28.php

@@ -1,10 +1,25 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 use MyAAC\Cache\Cache;
 
-$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'hooks`;');
+$up = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'hooks');
 
 	$cache = Cache::getInstance();
 	if($cache->enabled()) {
 		$cache->delete('hooks');
 	}
+};
+
+$down = function () use ($db) {
+	$db->exec(file_get_contents(__DIR__ . '/28-hooks.sql'));
+
+	$cache = Cache::getInstance();
+	if($cache->enabled()) {
+		$cache->delete('hooks');
+	}
+};
+

system/migrations/29.php

@@ -1,5 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	if (!$db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'pages` ADD `enable_tinymce` TINYINT(1) NOT NULL DEFAULT 1 COMMENT \'1 - enabled, 0 - disabled\' AFTER `php`;');
+		$db->addColumn(TABLE_PREFIX . 'pages', 'enable_tinymce', "TINYINT(1) NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled' AFTER `php`");
 	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
+		$db->dropColumn(TABLE_PREFIX . 'pages', 'enable_tinymce');
+	}
+};

system/migrations/3.php

@@ -1,3 +1,15 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` ADD `ipv6` BINARY(16) NOT NULL DEFAULT 0;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0");
+	}
+};
+
+$down = function () {
+	// we don't want data loss
+	//$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
+};

system/migrations/30-rules.txt

@@ -0,0 +1,25 @@
+1. Names
+a) Names which contain insulting (e.g. "Bastard"), racist (e.g. "Nigger"), extremely right-wing (e.g. "Hitler"), sexist (e.g. "Bitch") or offensive (e.g. "Copkiller") language.
+b) Names containing parts of sentences (e.g. "Mike returns"), nonsensical combinations of letters (e.g. "Fgfshdsfg") or invalid formattings (e.g. "Thegreatknight").
+c) Names that obviously do not describe a person (e.g. "Christmastree", "Matrix"), names of real life celebrities (e.g. "Britney Spears"), names that refer to real countries (e.g. "Swedish Druid"), names which were created to fake other players' identities (e.g. "Arieswer" instead of "Arieswar") or official positions (e.g. "System Admin").
+
+2. Cheating
+a) Exploiting obvious errors of the game ("bugs"), for instance to duplicate items. If you find an error you must report it to CipSoft immediately.
+b) Intentional abuse of weaknesses in the gameplay, for example arranging objects or players in a way that other players cannot move them.
+c) Using tools to automatically perform or repeat certain actions without any interaction by the player ("macros").
+d) Manipulating the client program or using additional software to play the game.
+e) Trying to steal other players\' account data ("hacking").
+f) Playing on more than one account at the same time ("multi-clienting").
+g) Offering account data to other players or accepting other players' account data ("account-trading/sharing").
+
+3. Gamemasters
+a) Threatening a gamemaster because of his or her actions or position as a gamemaster.
+b) Pretending to be a gamemaster or to have influence on the decisions of a gamemaster.
+c) Intentionally giving wrong or misleading information to a gamemaster concerning his or her investigations or making false reports about rule violations.
+
+4. Player Killing
+a) Excessive killing of characters who are not marked with a "skull" on worlds which are not PvP-enforced. Please note that killing marked characters is not a reason for a banishment.
+
+A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
+
+These rules may be changed at any time. All changes will be announced on the official website.

system/migrations/30.php

@@ -1,31 +1,27 @@
 <?php
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('rules_on_the_page') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hide`) VALUES
-	(null, 'rules_on_the_page', 'Rules', '1. Names
-a) Names which contain insulting (e.g. \"Bastard\"), racist (e.g. \"Nigger\"), extremely right-wing (e.g. \"Hitler\"), sexist (e.g. \"Bitch\") or offensive (e.g. \"Copkiller\") language.
-b) Names containing parts of sentences (e.g. \"Mike returns\"), nonsensical combinations of letters (e.g. \"Fgfshdsfg\") or invalid formattings (e.g. \"Thegreatknight\").
-c) Names that obviously do not describe a person (e.g. \"Christmastree\", \"Matrix\"), names of real life celebrities (e.g. \"Britney Spears\"), names that refer to real countries (e.g. \"Swedish Druid\"), names which were created to fake other players\' identities (e.g. \"Arieswer\" instead of \"Arieswar\") or official positions (e.g. \"System Admin\").
+use MyAAC\Models\Pages;
 
-2. Cheating
-a) Exploiting obvious errors of the game (\"bugs\"), for instance to duplicate items. If you find an error you must report it to CipSoft immediately.
-b) Intentional abuse of weaknesses in the gameplay, for example arranging objects or players in a way that other players cannot move them.
-c) Using tools to automatically perform or repeat certain actions without any interaction by the player (\"macros\").
-d) Manipulating the client program or using additional software to play the game.
-e) Trying to steal other players\' account data (\"hacking\").
-f) Playing on more than one account at the same time (\"multi-clienting\").
-g) Offering account data to other players or accepting other players\' account data (\"account-trading/sharing\").
-
-3. Gamemasters
-a) Threatening a gamemaster because of his or her actions or position as a gamemaster.
-b) Pretending to be a gamemaster or to have influence on the decisions of a gamemaster.
-c) Intentionally giving wrong or misleading information to a gamemaster concerning his or her investigations or making false reports about rule violations.
-
-4. Player Killing
-a) Excessive killing of characters who are not marked with a \"skull\" on worlds which are not PvP-enforced. Please note that killing marked characters is not a reason for a banishment.
-
-A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
-
-These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 0, 0);");
+$up = function () {
+	$rulesOnPage = Pages::where('name', 'rules_on_the_page')->first();
+	if (!$rulesOnPage) {
+		Pages::create([
+			'name' => 'rules_on_the_page',
+			'title' => 'Rules',
+			'body' => file_get_contents(__DIR__ . '/30-rules.txt'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'enable_tinymce' => 0,
+			'access' => 0,
+			'hidden' => 0,
+		]);
 	}
+};
+
+$down = function () {
+	$rulesOnPage = Pages::where('name', 'rules_on_the_page')->first();
+	if ($rulesOnPage) {
+		Pages::where('name', 'rules_on_the_page')->delete();
+	}
+};

system/migrations/31.php

@@ -1,57 +1,121 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `elements` TEXT NOT NULL AFTER `immunities`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'elements', "TEXT NOT NULL AFTER `immunities`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `pushable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'pushable', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushitems` TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canpushitems', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `runonhealth` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'runonhealth', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `hostile` TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'hostile', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `attackable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'attackable', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `rewardboss` TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'rewardboss', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `defense` INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'defense', "INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `armor` INT(11) NOT NULL DEFAULT '0' AFTER `defense`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'armor', "INT(11) NOT NULL DEFAULT '0' AFTER `defense`");
 	}
 
 	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `summons` TEXT NOT NULL AFTER `loot`;");
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'summons', "TEXT NOT NULL AFTER `loot`");
 	}
+};
+
+$down = function () use ($db) {
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'elements');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'pushable');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canpushitems');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'runonhealth');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'hostile');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'attackable');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'rewardboss');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'defense');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'armor');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'summons');
+	}
+};
+

system/migrations/32.php

@@ -1,4 +1,14 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // Increase size of page in myaac_visitors table
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `page` VARCHAR(2048) NOT NULL;");
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'visitors', 'page', 'VARCHAR(2048) NOT NULL');
+};
+
+$down = function () {
+	// nothing to be done, as we have just extended the size of a column
+};

system/migrations/33.php

@@ -1,6 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // Increase size of ip in myaac_visitors table
 // according to this answer: https://stackoverflow.com/questions/166132/maximum-length-of-the-textual-representation-of-an-ipv6-address
 // the size of ipv6 can be maximal 45 chars
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `ip` VARCHAR(45) NOT NULL;");
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'visitors', 'ip', 'VARCHAR(45) NOT NULL');
+};
+
+$down = function () {
+	// nothing to be done, as we have just extended the size of a column
+};

system/migrations/34.php

@@ -1,4 +1,18 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // add user_agent column into visitors
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` ADD `user_agent` VARCHAR(255) NOT NULL DEFAULT '';");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'visitors', 'user_agent')) {
+		$db->addColumn(TABLE_PREFIX . 'visitors', 'user_agent', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'visitors', 'user_agent')) {
+		$db->dropColumn(TABLE_PREFIX . 'visitors', 'user_agent');
+	}
+};

system/migrations/35.php

@@ -1,3 +1,17 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // add look column
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "monsters` ADD `look` VARCHAR(255) NOT NULL DEFAULT '' AFTER `health`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'monsters', 'look')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'look', "VARCHAR(255) NOT NULL DEFAULT '' AFTER `health`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'look')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'look');
+	}
+};

system/migrations/36-settings.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_settings`
+(
+	`id` int(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(255) NOT NULL DEFAULT '',
+	`key` VARCHAR(255) NOT NULL DEFAULT '',
+	`value` TEXT NOT NULL,
+	PRIMARY KEY (`id`),
+	KEY `key` (`key`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/36.php

@@ -1,14 +1,18 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
+$up = function () use ($db) {
 	// add settings table
 	if (!$db->hasTable(TABLE_PREFIX . 'settings')) {
-	$db->exec("CREATE TABLE `" . TABLE_PREFIX . "settings`
-	(
-		`id` int(11) NOT NULL AUTO_INCREMENT,
-		`name` VARCHAR(255) NOT NULL DEFAULT '',
-		`key` VARCHAR(255) NOT NULL DEFAULT '',
-		`value` TEXT NOT NULL,
-		PRIMARY KEY (`id`),
-		KEY `key` (`key`)
-	) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;");
+		$db->exec(file_get_contents(__DIR__ . '/36-settings.sql'));
 	}
+};
+
+$down = function () {
+	// will break the aac
+	//if ($db->hasTable(TABLE_PREFIX . 'settings')) {
+	//	$db->dropTable(TABLE_PREFIX . 'settings');
+	//}
+};

system/migrations/37.php

@@ -5,4 +5,10 @@
 
 use MyAAC\Models\Pages;
 
+$up = function () {
 	Pages::query()->where('access', 1)->update(['access' => 0]);
+};
+
+$down = function () {
+	Pages::query()->where('access', 0)->update(['access' => 1]);
+};

system/migrations/38.php

@@ -1,5 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // 2023-11-11
 // execute highscores_ids_hidden once again, cause of settings
-require __DIR__ . '/20.php';
+$up = function () {
+	require_once __DIR__ . '/20.php';
+	updateHighscoresIdsHidden();
+};
+
+$down = function () {
+	// there is no downgrade for this
+};
+

system/migrations/39.php

@@ -1,18 +1,41 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // 2024-01-27
 // change hidden to hide (Eloquent model reserved keyword)
 
+$definition = 'TINYINT(1) NOT NULL DEFAULT 0';
+
+$up = function () use ($db, $definition) {
 	if (!$db->hasColumn('players', 'hide')) {
-	$db->exec("ALTER TABLE `players` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+		$db->changeColumn('players', 'hidden', 'hide', $definition);
 	}
 
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "changelog` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "faq` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news_categories` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "pages` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "gallery` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "spells` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+	$db->changeColumn(TABLE_PREFIX . 'changelog', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'faq', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'forum_boards', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'monsters', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news_categories', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'pages', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'gallery', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'spells', 'hidden', 'hide', $definition);
+};
+
+$down = function () use ($db, $definition) {
+	if (!$db->hasColumn('players', 'hidden')) {
+		$db->changeColumn('players', 'hide', 'hidden', $definition);
+	}
+
+	$db->changeColumn(TABLE_PREFIX . 'changelog', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'faq', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'forum_boards', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'monsters', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news_categories', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'pages', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'gallery', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'spells', 'hide', 'hidden', $definition);
+};