Release v1.6.1

Update account.generate_recovery_key.html.twig
Add missing csrf() into account manage actions
2025-09-14 12:33:35 +02:00 · 2025-06-11 05:51:39 +02:00 · 2025-06-09 21:18:45 +02:00 · 2025-06-09 21:18:42 +02:00 · 2025-06-09 21:14:44 +02:00 · 2025-06-09 14:24:36 +02:00
144 changed files with 2351 additions and 1811 deletions
--- a/.github/workflows/cypress.yml
+++ b/.github/workflows/cypress.yml
@@ -22,7 +22,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3' ]
+        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
        ots: ['tfs-1.4', 'canary-3.1.2'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
    name: Cypress (PHP ${{ matrix.php-versions }}, ${{ matrix.ots }})
    steps:
@@ -146,6 +146,7 @@ jobs:
          with:
            name: cypress-screenshots-${{ matrix.php-versions }}-${{ matrix.ots }}
            path: cypress/screenshots
            if-no-files-found: ignore
        - name: Upload Cypress Videos
          uses: actions/upload-artifact@v4
@@ -153,6 +154,7 @@ jobs:
          with:
            name: cypress-videos-${{ matrix.php-versions }}-${{ matrix.ots }}
            path: cypress/videos
            if-no-files-found: ignore
        - name: Upload PHP Logs
          uses: actions/upload-artifact@v4
--- a/.github/workflows/phpstan.yml
+++ b/.github/workflows/phpstan.yml
@@ -14,7 +14,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3' ]
+        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
    steps:
      - name: "Checkout"
        uses: "actions/checkout@v4"
--- a/.htaccess.dist
+++ b/.htaccess.dist
@@ -6,7 +6,7 @@
 	Options -MultiViews
 </IfModule>
-<FilesMatch "^(CHANGELOG\.md|README\.md|composer\.json|composer\.lock|package\.json|package-lock\.json|cypress\.env\.json)$">
+<FilesMatch "^(.*\.md|.*\.json|.*\.dist|.*\.sql|CHANGELOG|README|composer\.lock)$">
 	Require all denied
 </FilesMatch>
--- a/CHANGELOG-1.x.md
+++ b/CHANGELOG-1.x.md
@@ -1,5 +1,67 @@
 # Changelog
 ## [1.6.1 - 11.06.2025]
 ### Fixed
 * Fixed "Request has been cancelled due to security reasons", cause of missing csrf() in twig files (https://github.com/slawkens/myaac/commit/10cd71a6630ffec91b43a26a6d685b66c5836a6a)
 * Fix: Ignore duplicated route exception (https://github.com/slawkens/myaac/commit/9d8e9d27bd87167d8d4005942a6af62bfe4c0892)
 ### Changed
 * Move counter & visitors code before router (In case someone wants to include that info on page) (https://github.com/slawkens/myaac/commit/f78285030708ad3c74ab048711f73bbf3ee5281e)
 * Set TinyMCE license key to gpl (Avoid warning message in browser console) (https://github.com/slawkens/myaac/commit/8d29fdb98b92dbc3d2853ef88a185c67036b4a77)
 ### Removed
 * Remove deprecated TinyMCE plugin - template (https://github.com/slawkens/myaac/commit/309c1fb715b882e67cb673b1544a03befbf64a22)
 ## [1.6 - 03.06.2025]
 ### Added
 * Add new setting/configurable: site_url, prevents domain spoofing (https://github.com/slawkens/myaac/commit/d8a6090be382c35c19117cfef964b594ed02b8d4)
 * Add new account coins setting (https://github.com/slawkens/myaac/commit/28886551e86fe562172c4c7f2afb89a2e7672c2e)
 * autoload: settings/install/init.php (https://github.com/slawkens/myaac/commit/e5749437074c3b3556628a2aeb5bad2edf97bde0, https://github.com/slawkens/myaac/commit/7d213f479a7e40c6254069b5fc4e578dc32bf8d9, https://github.com/slawkens/myaac/commit/207d6bc69120aba1af2b51808f17e0059b571fed)
 * Protect against csrf in more places (accounts & guilds & forums pages) (https://github.com/slawkens/myaac/commit/6eda38603c8ed7e99b92a78a4600b1245377f74d, https://github.com/slawkens/myaac/commit/e776bd52beb3064a9e694efd1b9021ec972ee2f6, https://github.com/slawkens/myaac/commit/84d502bf105f2a789481fba1acc820d236b4de66)
 * Added two new hooks for pages loaded from database (custom pages): HOOK_BEFORE_PAGE_CUSTOM, HOOK_AFTER_PAGE_CUSTOM (https://github.com/slawkens/myaac/commit/c961a1ebf837f2ab1734a825ff2c57b4937610c9)
 * Add global variables into $hooks->executeFilter (https://github.com/slawkens/myaac/commit/8fdea943768b20193eede99d60313ee84511a0be)
 * Add getNPCsCount() to OTS_InfoRespond (https://github.com/slawkens/myaac/commit/7d435ff6433ef1fb2295ee79ed043ee10dc725e9)
 ### Fixed
 * Allow [] in character name (https://github.com/slawkens/myaac/commit/de6603a51347b9e656c58637ed9971fffdd7cedd)
 * Do not allow access to tools/ folder after install (https://github.com/slawkens/myaac/commit/6e0f5913831f8dba69fd2d1505be3e2a303c6324)
 * Fix CHANGELOG-1.x.md loading in admin panel (https://github.com/slawkens/myaac/commit/4a30fb495dbfbe1d434e8d52419eaf44fe517aee)
 * Fix links not working in admin dashboard modules (https://github.com/slawkens/myaac/commit/be7b27c31aa3bbd6c0289c34d1e61139a3fe015c)
 * Fix twig variables: logged + account_logged being not set directly after login (https://github.com/slawkens/myaac/commit/1e9b10d6489c488cadf7f6ed17b42f1ea6c767a8)
 ### Changed
 * OTS_ServerInfo -> move setTimeout out of class - Possibility to use the class without MyAAC (https://github.com/slawkens/myaac/commit/40d65a6613149fda51bdceb82c807e5301a3388b)
 ## [1.5 - 14.05.2025]
 ### Added
 * Feature/twig hooks filters (#258)
 * Add latest client versions (14.00 - 15.01) (https://github.com/slawkens/myaac/commit/5367df23812c6182863353c9a39fd7fb0b743f4b)
 * db variable to twig (https://github.com/slawkens/myaac/commit/5ed1aec28e146b871a75597411d12e42a067f4e6)
 * New filter: HOOK_FILTER_ROUTES (https://github.com/slawkens/myaac/commit/9b75011224f385db8b27e109bfeb28e75b9d779c)
 * Allow optionally separate folder for views (thanks @Scrollog for idea) (https://github.com/slawkens/myaac/commit/03e275213901a89edb0ebb8974b776a992ab391f)
 * Add float & double types to the Settings (https://github.com/slawkens/myaac/commit/67ab425bb9796d9d123296e3fda542fa8f7f05ee)
 * Add optional param _page_only for single-page apps etc. (https://github.com/slawkens/myaac/commit/113473f2560aab6d364c301cc14a8b5ba8f309f4)
 ### Changed
 * Change OTS_Account->getPremDays to not return -1 in case of freePremium (https://github.com/slawkens/myaac/commit/3befde2a1e4d24a011311e785f15185db57e19b8)
 * Add note about highscores being updated x minutes + allow ttl 0 to disable cache (https://github.com/slawkens/myaac/commit/a161cff00329da6f970f3a70967fe8346fe92bbc)
 * Better monster images (no image not found anymore) + use cache (https://github.com/slawkens/myaac/commit/73a5829974ceca3f02d7925d5cfbd5fa50b1bbd2)
 * Rename server-info -> ots-info, changelog -> change-log (Due to conflict with apache2 server-info mod) (https://github.com/slawkens/myaac/commit/3949d84e5d7631f332111b6d00278bddbd0ad10a)
 * Move rules page to admin panel (https://github.com/slawkens/myaac/commit/3949d84e5d7631f332111b6d00278bddbd0ad10a)
 ### Fixed
 * php 8.4 warnings
 * Visitors counter not working properly on dev mode (https://github.com/slawkens/myaac/commit/da151051186c913dd0dd091aabe893649c2b9ee7)
 * Fix login.php boosted creature & boss (not sure exact version, but should be 14.12 or around) (https://github.com/slawkens/myaac/commit/c48b8006319f6c3b5f082befd16785420bb98110)
 * Fix installMenus when theme/template was removed from disc (https://github.com/slawkens/myaac/commit/c24c580796bccd54bf9e95b864763f4642684d55)
 * Fix if user removes the menu category (https://github.com/slawkens/myaac/commit/dbea69f31478391dacfbbc02c8353c39b4245daf)
 ### Updated:
 * Update cypress from version ^13.17.0 to ^14.3.3 (https://github.com/slawkens/myaac/commit/629fd18ea166860d5898a822f44f9277da6ce43d)
 ## [1.4 - 22.04.2025]
 ### Added
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # [MyAAC](https://my-aac.org)
-MyAAC is a free and open-source Automatic Account Creator (AAC) written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
+MyAAC is a free and open-source Automatic Account Creator (AAC) for Open Tibia Servers written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
 Official website: https://my-aac.org
@@ -80,7 +80,7 @@ Pull requests should be made to the *develop* branch as that is the working bran
 Bug fixes to current release should be done to master branch.
-Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our wiki.
+Look: [Contributing](https://docs.my-aac.org/misc/contributing) in our wiki.
 ### Other Notes
@@ -95,4 +95,4 @@ Many thanks to Jetbrains for kindly providing a license for me to work on this a
 ### License
 This program and all associated files are released under the GNU Public License.  
-See [LICENSE](https://github.com/slawkens/myaac/blob/master/LICENSE) for details.
+See [LICENSE](https://github.com/slawkens/myaac/blob/main/LICENSE) for details.
--- a/admin/pages/clmd.php
+++ b/admin/pages/clmd.php
@@ -11,12 +11,12 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'MyAAC Changelog';
-if (!file_exists(BASE . 'CHANGELOG.md')) {
+if (!file_exists(BASE . 'CHANGELOG-1.x.md')) {
 	echo 'File CHANGELOG.md doesn\'t exist.';
 	return;
 }
-$changelog = file_get_contents(BASE . 'CHANGELOG.md');
+$changelog = file_get_contents(BASE . 'CHANGELOG-1.x.md');
 $Parsedown = new Parsedown();
--- a/admin/pages/modules/balance.php
+++ b/admin/pages/modules/balance.php
@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $balance = 0;
 if ($db->hasColumn('players', 'balance')) {
-	$balance = Player::orderByDesc('balance')->limit(10)->get(['balance', 'id','name', 'level'])->toArray();
+	$balance = Player::orderByDesc('balance')->limit(10)->get(['id', 'name', 'balance'])->toArray();
 }
 $twig->display('balance.html.twig', array(
--- a/admin/pages/modules/coins.php
+++ b/admin/pages/modules/coins.php
@@ -7,7 +7,12 @@ defined('MYAAC') or die('Direct access not allowed!');
 $coins = 0;
 if ($db->hasColumn('accounts', 'coins')) {
-	$coins = Account::orderByDesc('coins')->limit(10)->get(['coins', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
+	$whatToGet = ['id', 'coins'];
 	if (USE_ACCOUNT_NAME) {
 		$whatToGet[] = 'name';
 	}
 	$coins = Account::orderByDesc('coins')->limit(10)->get($whatToGet)->toArray();
 }
 $twig->display('coins.html.twig', array(
--- a/admin/pages/modules/lastlogin.php
+++ b/admin/pages/modules/lastlogin.php
@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $players = 0;
 if ($db->hasColumn('players', 'lastlogin')) {
-	$players = Player::orderByDesc('lastlogin')->limit(10)->get(['name', 'level', 'lastlogin'])->toArray();
+	$players = Player::orderByDesc('lastlogin')->limit(10)->get(['id', 'name', 'level', 'lastlogin'])->toArray();
 }
 $twig->display('lastlogin.html.twig', array(
--- a/admin/pages/modules/templates/balance.html.twig
+++ b/admin/pages/modules/templates/balance.html.twig
@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
 							<td>{{ result.balance }}</td>
 						</tr>
 					{% endfor %}
--- a/admin/pages/modules/templates/coins.html.twig
+++ b/admin/pages/modules/templates/coins.html.twig
@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=accounts&id={{ result.id }}">{{ result.name ?? result.id }}</a></td>
 							<td>{{ result.coins }}</td>
 						</tr>
 					{% endfor %}
--- a/admin/pages/modules/templates/lastlogin.html.twig
+++ b/admin/pages/modules/templates/lastlogin.html.twig
@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
 							<td>{{ result.lastlogin|date("M d Y, H:i:s") }}</td>
 						</tr>
 					{% endfor %}
--- a/admin/pages/modules/templates/points.html.twig
+++ b/admin/pages/modules/templates/points.html.twig
@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=accounts&id={{ result.id }}">{{ result.name }}</a></td>
 							<td>{{ result.premium_points }}</td>
 						</tr>
 					{% endfor %}
--- a/admin/tools/settings_save.php
+++ b/admin/tools/settings_save.php
@@ -1,6 +1,5 @@
 <?php
 use MyAAC\Hooks;
 use MyAAC\Settings;
 const MYAAC_ADMIN = true;
--- a/common.php
+++ b/common.php
@@ -26,8 +26,8 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 const MYAAC = true;
-const MYAAC_VERSION = '1.4';
+const MYAAC_VERSION = '1.6.1';
-const DATABASE_VERSION = 43;
+const DATABASE_VERSION = 45;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -122,36 +122,28 @@ if (!IS_CLI) {
 	session_start();
 }
-// basedir
+if (file_exists(BASE . 'config.local.php')) {
-$basedir = '';
+	require BASE . 'config.local.php';
-$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
+}
 $size = count($tmp) - 1;
 for($i = 1; $i < $size; $i++)
 	$basedir .= '/' . $tmp[$i];
-$basedir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $basedir);
+require SYSTEM . 'base.php';
-define('BASE_DIR', $basedir);
+define('BASE_DIR', $baseDir);
 if(!IS_CLI) {
-	if (isset($_SERVER['HTTP_HOST'][0])) {
+	if (isset($config['site_url'])) {
-		$baseHost = $_SERVER['HTTP_HOST'];
+		$hasSlashAtEnd = ($config['site_url'][strlen($config['site_url']) - 1] == '/');
 	} else {
 		if (isset($_SERVER['SERVER_NAME'][0])) {
 			$baseHost = $_SERVER['SERVER_NAME'];
 		} else {
 			$baseHost = $_SERVER['SERVER_ADDR'];
 		}
 	}
 		define('SERVER_URL', $config['site_url']);
 		define('BASE_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/'));
 		define('ADMIN_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/') . ADMIN_PANEL_FOLDER . '/');
 	}
 	else {
 		define('SERVER_URL', 'http' . (isHttps() ? 's' : '') . '://' . $baseHost);
 		define('BASE_URL', SERVER_URL . BASE_DIR . '/');
 		define('ADMIN_URL', SERVER_URL . BASE_DIR . '/' . ADMIN_PANEL_FOLDER . '/');
 		//define('CURRENT_URL', BASE_URL . $_SERVER['REQUEST_URI']);
-}
+	}
 if (file_exists(BASE . 'config.local.php')) {
 	require BASE . 'config.local.php';
 }
 /** @var array $config */
--- a/cypress/e2e/3-check-public-pages.cy.js
+++ b/cypress/e2e/3-check-public-pages.cy.js
@@ -17,7 +17,7 @@ describe('Check Public Pages', () => {
 	it('Go to changelog page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/changelog',
+			url: Cypress.env('URL') + '/change-log',
 			method: 'GET',
 		})
 	})
@@ -132,7 +132,7 @@ describe('Check Public Pages', () => {
 	it('Go to server info page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/server-info',
+			url: Cypress.env('URL') + '/ots-info',
 			method: 'GET',
 		})
 	})
--- a/index.php
+++ b/index.php
@@ -117,6 +117,14 @@ if(setting('core.backward_support')) {
 		$config['status']['serverStatus_' . $key] = $value;
 }
 if(setting('core.views_counter')) {
 	require_once SYSTEM . 'counter.php';
 }
 if(setting('core.visitors_counter')) {
 	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
 }
 require_once SYSTEM . 'router.php';
 // anonymous usage statistics
@@ -153,13 +161,6 @@ if(setting('core.anonymous_usage_statistics')) {
 	}
 }
 if(setting('core.views_counter'))
 	require_once SYSTEM . 'counter.php';
 if(setting('core.visitors_counter')) {
 	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
 }
 /**
 * @var OTS_Account $account_logged
 */
@@ -168,6 +169,7 @@ if ($logged && admin()) {
 		'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
 	]);
 }
 $title_full =  (isset($title) ? $title . ' - ' : '') . $config['lua']['serverName'];
 require $template_path . '/' . $template_index;
--- a/install/includes/schema.sql
+++ b/install/includes/schema.sql
@@ -1,4 +1,4 @@
-SET @myaac_database_version = 43;
+SET @myaac_database_version = 45;
 CREATE TABLE `myaac_account_actions`
 (
--- a/install/steps/4-config.php
+++ b/install/steps/4-config.php
@@ -10,6 +10,14 @@ foreach($config['clients'] as $client) {
 	$clients[$client] = $client_version;
 }
 if (empty($_SESSION['var_site_url'])) {
 	//require SYSTEM . 'base.php';
 	$serverUrl = 'http' . (isHttps() ? 's' : '') . '://' . $baseHost;
 	$siteURL = $serverUrl . $baseDir;
 	$_SESSION['var_site_url'] = $siteURL;
 }
 $twig->display('install.config.html.twig', array(
 	'clients' => $clients,
 	'timezones' => DateTimeZone::listIdentifiers(),
--- a/install/steps/7-finish.php
+++ b/install/steps/7-finish.php
@@ -195,13 +195,4 @@ if(!isset($_SESSION['installed'])) {
 	$_SESSION['installed'] = true;
 }
 foreach($_SESSION as $key => $value) {
 	if(strpos($key, 'var_') !== false)
 		unset($_SESSION[$key]);
 }
 unset($_SESSION['saved']);
 if(file_exists(CACHE . 'install.txt')) {
 	unlink(CACHE . 'install.txt');
 }
 $hooks->trigger(HOOK_INSTALL_FINISH_END);
--- a/install/tools/5-database.php
+++ b/install/tools/5-database.php
@@ -7,6 +7,11 @@ require SYSTEM . 'functions.php';
 require BASE . 'install/includes/functions.php';
 require BASE . 'install/includes/locale.php';
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
 	return;
 }
 $error = false;
 require BASE . 'install/includes/config.php';
--- a/install/tools/7-finish.php
+++ b/install/tools/7-finish.php
@@ -17,11 +17,11 @@ ini_set('max_execution_time', 300);
 ob_implicit_flush();
 header('X-Accel-Buffering: no');
-/*
+
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
 	return;
-}*/
+}
 require SYSTEM . 'init.php';
@@ -54,12 +54,13 @@ if ($db->hasTable('players')) {
 	}
 }
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
 DataLoader::setLocale($locale);
 DataLoader::load();
 // add menus entries
 require_once SYSTEM . 'migrations/17.php';
 $up();
 // update config.highscores_ids_hidden
 require_once SYSTEM . 'migrations/20.php';
 $up();
@@ -78,6 +79,10 @@ $up();
 require_once SYSTEM . 'migrations/31.php';
 $up();
 // rules page
 require_once SYSTEM . 'migrations/45.php';
 $up();
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([
 		'question' => 'What is this?',
@@ -89,6 +94,17 @@ $hooks->trigger(HOOK_INSTALL_FINISH);
 $db->setClearCacheAfter(true);
 // cleanup
 foreach($_SESSION as $key => $value) {
 	if(str_contains($key, 'var_')) {
 		unset($_SESSION[$key]);
 	}
 }
 unset($_SESSION['saved']);
 if(file_exists(CACHE . 'install.txt')) {
 	unlink(CACHE . 'install.txt');
 }
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);
--- a/login.php
+++ b/login.php
@@ -86,12 +86,25 @@ switch ($action) {
 		die(json_encode(['eventlist' => $eventlist, 'lastupdatetimestamp' => time()]));
 	case 'boostedcreature':
-		$boostedCreature = BoostedCreature::latest();
+		$clientVersion = (int)setting('core.client');
 		// 14.00 and up
 		if ($clientVersion >= 1400) {
 			$creatureBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_creature'))->fetchAll();
 			$bossBoost     = $db->query("SELECT * FROM " . $db->tableName('boosted_boss'))->fetchAll();
 			die(json_encode([
 				'boostedcreature' => true,
 				'creatureraceid'  => intval($creatureBoost[0]['raceid']),
 				'bossraceid'      => intval($bossBoost[0]['raceid'])
 			]));
 		}
 		// lower clients
 		$boostedCreature = BoostedCreature::first();
 		die(json_encode([
 			'boostedcreature' => true,
 			'raceid' => $boostedCreature->raceid
 		]));
 	break;
 	case 'login':
--- a/nginx-sample.conf
+++ b/nginx-sample.conf
@@ -14,7 +14,7 @@ server {
 	# block .htaccess, CHANGELOG.md, composer.json etc.
 	# this is to prevent finding software versions
-	location ~\.(ht|md|json|dist)$ {
+	location ~\.(ht|md|json|dist|sql)$ {
 		deny all;
 	}
--- a/package-lock.json
+++ b/package-lock.json
@@ -14,24 +14,13 @@
        "tinymce": "^7.2.0"
      },
      "devDependencies": {
-        "cypress": "^13.17.0"
+        "cypress": "^14.3.3"
      }
    },
    "node_modules/@colors/colors": {
      "version": "1.5.0",
      "resolved": "https://registry.npmjs.org/@colors/colors/-/colors-1.5.0.tgz",
      "integrity": "sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==",
      "dev": true,
      "license": "MIT",
      "optional": true,
      "engines": {
        "node": ">=0.1.90"
      }
    },
    "node_modules/@cypress/request": {
-      "version": "3.0.7",
+      "version": "3.0.8",
-      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.7.tgz",
+      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.8.tgz",
-      "integrity": "sha512-LzxlLEMbBOPYB85uXrDqvD4MgcenjRBLIns3zyhx7vTPj/0u2eQhzXvPiGcaJrV38Q9dbkExWp6cOHPJ+EtFYg==",
+      "integrity": "sha512-h0NFgh1mJmm1nr4jCwkGHwKneVYKghUyWe6TMNrk0B9zsjAJxpg8C4/+BAcmLgCPa1vj1V8rNUaILl+zYRUWBQ==",
      "dev": true,
      "license": "Apache-2.0",
      "dependencies": {
@@ -48,7 +37,7 @@
        "json-stringify-safe": "~5.0.1",
        "mime-types": "~2.1.19",
        "performance-now": "^2.1.0",
-        "qs": "6.13.1",
+        "qs": "6.14.0",
        "safe-buffer": "^5.1.2",
        "tough-cookie": "^5.0.0",
        "tunnel-agent": "^0.6.0",
@@ -387,9 +376,9 @@
      }
    },
    "node_modules/call-bind-apply-helpers": {
-      "version": "1.0.1",
+      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.1.tgz",
+      "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz",
-      "integrity": "sha512-BhYE+WDaywFg2TBWYNXAE+8B1ATnThNBqXHP5nQu0jWJdVvY2hvkpyB3qOmtmDePiS5/BDQ8wASEWGMWRG148g==",
+      "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
@@ -401,14 +390,14 @@
      }
    },
    "node_modules/call-bound": {
-      "version": "1.0.3",
+      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz",
-      "integrity": "sha512-YTd+6wGlNlPxSuri7Y6X8tY2dmm12UMH66RpKMhiX6rsk5wXXnYgbUcOt8kiS31/AjfoTOvCsE+w8nZQLQnzHA==",
+      "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "call-bind-apply-helpers": "^1.0.1",
+        "call-bind-apply-helpers": "^1.0.2",
-        "get-intrinsic": "^1.2.6"
+        "get-intrinsic": "^1.3.0"
      },
      "engines": {
        "node": ">= 0.4"
@@ -504,9 +493,9 @@
      }
    },
    "node_modules/cli-table3": {
-      "version": "0.6.5",
+      "version": "0.6.1",
-      "resolved": "https://registry.npmjs.org/cli-table3/-/cli-table3-0.6.5.tgz",
+      "resolved": "https://registry.npmjs.org/cli-table3/-/cli-table3-0.6.1.tgz",
-      "integrity": "sha512-+W/5efTR7y5HRD7gACw9yQjqMVvEMLBHmboM/kPWam+H+Hmyrgjh6YncVKK122YZkXrLudzTuAukUw9FnMf7IQ==",
+      "integrity": "sha512-w0q/enDHhPLq44ovMGdQeeDLvwxwavsJX7oQGYt/LrBlYsyaxyDnp6z3QzFut/6kLLKnlcUVJLrpB7KBfgG/RA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
@@ -516,7 +505,7 @@
        "node": "10.* || >= 12.*"
      },
      "optionalDependencies": {
-        "@colors/colors": "1.5.0"
+        "colors": "1.4.0"
      }
    },
    "node_modules/cli-truncate": {
@@ -563,6 +552,17 @@
      "dev": true,
      "license": "MIT"
    },
    "node_modules/colors": {
      "version": "1.4.0",
      "resolved": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz",
      "integrity": "sha512-a+UqTh4kgZg/SlGvfbzDHpgRu7AAQOmmqRHJnxhRZICKFUT91brVhNNt58CMWU9PsBbv3PDCZUHbVxuDiH2mtA==",
      "dev": true,
      "license": "MIT",
      "optional": true,
      "engines": {
        "node": ">=0.1.90"
      }
    },
    "node_modules/combined-stream": {
      "version": "1.0.8",
      "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
@@ -619,14 +619,14 @@
      }
    },
    "node_modules/cypress": {
-      "version": "13.17.0",
+      "version": "14.3.3",
-      "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.17.0.tgz",
+      "resolved": "https://registry.npmjs.org/cypress/-/cypress-14.3.3.tgz",
-      "integrity": "sha512-5xWkaPurwkIljojFidhw8lFScyxhtiFHl/i/3zov+1Z5CmY4t9tjIdvSXfu82Y3w7wt0uR9KkucbhkVvJZLQSA==",
+      "integrity": "sha512-1Rz7zc9iqLww6BysaESqUhtIuaFHS7nL3wREovAKYsNhLTfX3TbcBWHWgEz70YimH2NkSOsm4oIcJJ9HYHOlew==",
      "dev": true,
      "hasInstallScript": true,
      "license": "MIT",
      "dependencies": {
-        "@cypress/request": "^3.0.6",
+        "@cypress/request": "^3.0.8",
        "@cypress/xvfb": "^1.2.4",
        "@types/sinonjs__fake-timers": "8.1.1",
        "@types/sizzle": "^2.3.2",
@@ -637,9 +637,9 @@
        "cachedir": "^2.3.0",
        "chalk": "^4.1.0",
        "check-more-types": "^2.24.0",
-        "ci-info": "^4.0.0",
+        "ci-info": "^4.1.0",
        "cli-cursor": "^3.1.0",
-        "cli-table3": "~0.6.1",
+        "cli-table3": "0.6.1",
        "commander": "^6.2.1",
        "common-tags": "^1.8.0",
        "dayjs": "^1.10.4",
@@ -663,7 +663,7 @@
        "process": "^0.11.10",
        "proxy-from-env": "1.0.0",
        "request-progress": "^3.0.0",
-        "semver": "^7.5.3",
+        "semver": "^7.7.1",
        "supports-color": "^8.1.1",
        "tmp": "~0.2.3",
        "tree-kill": "1.2.2",
@@ -674,7 +674,7 @@
        "cypress": "bin/cypress"
      },
      "engines": {
-        "node": "^16.0.0 || ^18.0.0 || >=20.0.0"
+        "node": "^18.0.0 || ^20.0.0 || >=22.0.0"
      }
    },
    "node_modules/cypress/node_modules/fs-extra": {
@@ -819,9 +819,9 @@
      }
    },
    "node_modules/es-object-atoms": {
-      "version": "1.0.0",
+      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
-      "integrity": "sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==",
+      "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
@@ -831,6 +831,22 @@
        "node": ">= 0.4"
      }
    },
    "node_modules/es-set-tostringtag": {
      "version": "2.1.0",
      "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz",
      "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "es-errors": "^1.3.0",
        "get-intrinsic": "^1.2.6",
        "has-tostringtag": "^1.0.2",
        "hasown": "^2.0.2"
      },
      "engines": {
        "node": ">= 0.4"
      }
    },
    "node_modules/escape-string-regexp": {
      "version": "1.0.5",
      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
@@ -960,14 +976,15 @@
      }
    },
    "node_modules/form-data": {
-      "version": "4.0.1",
+      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.2.tgz",
-      "integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==",
+      "integrity": "sha512-hGfm/slu0ZabnNt4oaRZ6uREyfCj6P4fT/n6A1rGV+Z0VdGXjfOhVUpkn6qVQONHGIFwmveGXyDs75+nr6FM8w==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "asynckit": "^0.4.0",
        "combined-stream": "^1.0.8",
        "es-set-tostringtag": "^2.1.0",
        "mime-types": "^2.1.12"
      },
      "engines": {
@@ -999,18 +1016,18 @@
      }
    },
    "node_modules/get-intrinsic": {
-      "version": "1.2.7",
+      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.7.tgz",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
-      "integrity": "sha512-VW6Pxhsrk0KAOqs3WEd0klDiF/+V7gQOpAvY1jVU/LHmaD/kQO4523aiJuikX/QAKYiW6x8Jh+RJej1almdtCA==",
+      "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "call-bind-apply-helpers": "^1.0.1",
+        "call-bind-apply-helpers": "^1.0.2",
        "es-define-property": "^1.0.1",
        "es-errors": "^1.3.0",
-        "es-object-atoms": "^1.0.0",
+        "es-object-atoms": "^1.1.1",
        "function-bind": "^1.1.2",
-        "get-proto": "^1.0.0",
+        "get-proto": "^1.0.1",
        "gopd": "^1.2.0",
        "has-symbols": "^1.1.0",
        "hasown": "^2.0.2",
@@ -1131,6 +1148,22 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/has-tostringtag": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz",
      "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "has-symbols": "^1.0.3"
      },
      "engines": {
        "node": ">= 0.4"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/hasown": {
      "version": "2.0.2",
      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
@@ -1560,9 +1593,9 @@
      }
    },
    "node_modules/object-inspect": {
-      "version": "1.13.3",
+      "version": "1.13.4",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.3.tgz",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",
-      "integrity": "sha512-kDCGIbxkDSXE3euJZZXzc6to7fCrKHNI/hSRQnRuQ+BWjFNzZwiFF8fj/6o2t2G9/jTj8PSIYTfCLelLZEeRpA==",
+      "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==",
      "dev": true,
      "license": "MIT",
      "engines": {
@@ -1709,13 +1742,13 @@
      }
    },
    "node_modules/qs": {
-      "version": "6.13.1",
+      "version": "6.14.0",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.1.tgz",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
-      "integrity": "sha512-EJPeIn0CYrGu+hli1xilKAPXODtJ12T0sP63Ijx2/khC2JtuaN3JyNIpvmnkmaEtha9ocbG4A4cMcr+TvqvwQg==",
+      "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
      "dev": true,
      "license": "BSD-3-Clause",
      "dependencies": {
-        "side-channel": "^1.0.6"
+        "side-channel": "^1.1.0"
      },
      "engines": {
        "node": ">=0.6"
@@ -1794,9 +1827,9 @@
      "license": "MIT"
    },
    "node_modules/semver": {
-      "version": "7.6.3",
+      "version": "7.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.1.tgz",
-      "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==",
+      "integrity": "sha512-hlq8tAfn0m/61p4BVRcPzIGr6LKiMwo4VM6dGi6pt4qcRkmNzTcWq6eCEjEh+qXjkMDvPlOFFSGwQjoEa6gyMA==",
      "dev": true,
      "license": "ISC",
      "bin": {
@@ -2031,22 +2064,22 @@
      "license": "GPL-2.0-or-later"
    },
    "node_modules/tldts": {
-      "version": "6.1.71",
+      "version": "6.1.86",
-      "resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.71.tgz",
+      "resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.86.tgz",
-      "integrity": "sha512-LQIHmHnuzfZgZWAf2HzL83TIIrD8NhhI0DVxqo9/FdOd4ilec+NTNZOlDZf7EwrTNoutccbsHjvWHYXLAtvxjw==",
+      "integrity": "sha512-WMi/OQ2axVTf/ykqCQgXiIct+mSQDFdH2fkwhPwgEwvJ1kSzZRiinb0zF2Xb8u4+OqPChmyI6MEu4EezNJz+FQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "tldts-core": "^6.1.71"
+        "tldts-core": "^6.1.86"
      },
      "bin": {
        "tldts": "bin/cli.js"
      }
    },
    "node_modules/tldts-core": {
-      "version": "6.1.71",
+      "version": "6.1.86",
-      "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.71.tgz",
+      "resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.86.tgz",
-      "integrity": "sha512-LRbChn2YRpic1KxY+ldL1pGXN/oVvKfCVufwfVzEQdFYNo39uF7AJa/WXdo+gYO7PTvdfkCPCed6Hkvz/kR7jg==",
+      "integrity": "sha512-Je6p7pkk+KMzMv2XXKmAE3McmolOQFdxkKw0R8EYNr7sELW46JqnNeTX8ybPiQgvg1ymCoF8LXs5fzFaZvJPTA==",
      "dev": true,
      "license": "MIT"
    },
@@ -2061,9 +2094,9 @@
      }
    },
    "node_modules/tough-cookie": {
-      "version": "5.1.0",
+      "version": "5.1.2",
-      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-5.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-5.1.2.tgz",
-      "integrity": "sha512-rvZUv+7MoBYTiDmFPBrhL7Ujx9Sk+q9wwm22x8c8T5IJaR+Wsyc7TNxbVxo84kZoRJZZMazowFLqpankBEQrGg==",
+      "integrity": "sha512-FVDYdxtnj0G6Qm/DhNPSb8Ju59ULcup3tuJxkFb5K8Bv2pUXILbf0xZWU8PX8Ov19OXljbUyveOFwRMwkXzO+A==",
      "dev": true,
      "license": "BSD-3-Clause",
      "dependencies": {
--- a/package.json
+++ b/package.json
@@ -4,7 +4,7 @@
    "postinstall": "node ./npm-post-install.js"
  },
  "devDependencies": {
-    "cypress": "^13.17.0"
+    "cypress": "^14.3.3"
  },
  "dependencies": {
    "@tinymce/tinymce-jquery": "^2.1.0",
--- a/plugins/example.json
+++ b/plugins/example.json
@@ -51,5 +51,8 @@
 		"themes": true,
 		"admin-pages": true,
 		"admin-pages-sub-folders": true,
 		"settings": true,
 		"install": true,
 		"init": false
 	}
 }
--- a/system/base.php
+++ b/system/base.php
@@ -0,0 +1,21 @@
 <?php
 $baseDir = '';
 $tmp = explode('/', $_SERVER['SCRIPT_NAME']);
 $size = count($tmp) - 1;
 for($i = 1; $i < $size; $i++)
 	$baseDir .= '/' . $tmp[$i];
 $baseDir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $baseDir);
 if(!IS_CLI) {
 	if (isset($_SERVER['HTTP_HOST'][0])) {
 		$baseHost = $_SERVER['HTTP_HOST'];
 	} else {
 		if (isset($_SERVER['SERVER_NAME'][0])) {
 			$baseHost = $_SERVER['SERVER_NAME'];
 		} else {
 			$baseHost = $_SERVER['SERVER_ADDR'];
 		}
 	}
 }
--- a/system/clients.conf.php
+++ b/system/clients.conf.php
@@ -109,4 +109,12 @@ $config['clients'] = [
 	1330,
 	1332,
 	1340,
 	1400,
 	1405,
 	1410,
 	1411,
 	1412,
 	1500,
 	1501,
 ];
--- a/system/compat/base.php
+++ b/system/compat/base.php
@@ -74,7 +74,3 @@ function fieldExist($field, $table)
 	global $db;
 	return $db->hasColumn($table, $field);
 }
 function getCreatureImgPath($creature): string {
 	return getMonsterImgPath($creature);
 }
--- a/system/database.php
+++ b/system/database.php
@@ -122,6 +122,10 @@ try {
 	$eloquentConnection = $capsule->getConnection();
 	if (isset($twig)) {
 		$twig->addGlobal('db', $db);
 	}
 } catch (Exception $e) {
 	if(isset($cache) && $cache->enabled()) {
 		$cache->delete('config_lua');
--- a/system/functions.php
+++ b/system/functions.php
@@ -545,33 +545,39 @@ function template_header($is_admin = false): string
 */
 function template_footer(): string
 {
-	global $views_counter;
+	$footer = [];
-	$ret = '';
+
 	if(admin()) {
-		$ret .= generateLink(ADMIN_URL, 'Admin Panel', true);
+		$footer[] = generateLink(ADMIN_URL, 'Admin Panel', true);
 	}
 	if(setting('core.visitors_counter')) {
 		global $visitors;
 		$amount = $visitors->getAmountVisitors();
-		$ret .= '<br/>Currently there ' . ($amount > 1 ? 'are' : 'is') . ' ' . $amount . ' visitor' . ($amount > 1 ? 's' : '') . '.';
+		$footer[] = 'Currently there ' . ($amount > 1 ? 'are' : 'is') . ' ' . $amount . ' visitor' . ($amount > 1 ? 's' : '') . '.';
 	}
 	if(setting('core.views_counter')) {
-		$ret .= '<br/>Page has been viewed ' . $views_counter . ' times.';
+		global $views_counter;
 		$footer[] = 'Page has been viewed ' . $views_counter . ' times.';
 	}
 	if(setting('core.footer_load_time')) {
-		$ret .= '<br/>Load time: ' . round(microtime(true) - START_TIME, 4) . ' seconds.';
+		$footer[] = 'Load time: ' . round(microtime(true) - START_TIME, 4) . ' seconds.';
 	}
 	$settingFooter = setting('core.footer');
 	if(isset($settingFooter[0])) {
-		$ret .= '<br/>' . $settingFooter;
+		$footer[] = '' . $settingFooter;
 	}
 	// please respect my work and help spreading the word, thanks!
-	return $ret . '<br/>' . base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4=');
+	$footer[] = base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4=');
 	global $hooks;
 	$hooks->triggerFilter(HOOK_FILTER_THEME_FOOTER, $footer);
 	return implode('<br/>', $footer);
 }
 function template_ga_code()
@@ -1572,22 +1578,6 @@ function right($str, $length) {
 	return substr($str, -$length);
 }
 function getMonsterImgPath($monster): string
 {
 	$monster_path = setting('core.monsters_images_url');
 	$monster_gfx_name = trim(strtolower($monster)) . setting('core.monsters_images_extension');
 	if (!file_exists($monster_path . $monster_gfx_name)) {
 		$monster_gfx_name = str_replace(" ", "", $monster_gfx_name);
 		if (file_exists($monster_path . $monster_gfx_name)) {
 			return $monster_path . $monster_gfx_name;
 		} else {
 			return $monster_path . 'nophoto.png';
 		}
 	} else {
 		return $monster_path . $monster_gfx_name;
 	}
 }
 function between($x, $lim1, $lim2) {
 	if ($lim1 < $lim2) {
 		$lower = $lim1; $upper = $lim2;
--- a/system/init.php
+++ b/system/init.php
@@ -12,6 +12,7 @@ use DebugBar\StandardDebugBar;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Hooks;
 use MyAAC\Plugins;
 use MyAAC\Models\Town;
 use MyAAC\Settings;
@@ -46,6 +47,11 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
 global $cache;
 $cache = Cache::getInstance();
 // load plugins init.php
 foreach (Plugins::getInits() as $init) {
 	require $init;
 }
 // event system
 global $hooks;
 $hooks = new Hooks();
@@ -138,6 +144,9 @@ $ots = POT::getInstance();
 $eloquentConnection = null;
 require_once SYSTEM . 'database.php';
 $twig->addGlobal('logged', false);
 $twig->addGlobal('account_logged', new \OTS_Account());
 // verify myaac tables exists in database
 if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
 	throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . (IS_CLI ? 'http://your-ip.com/' : BASE_URL) . 'install');
--- a/system/libs/pot/OTS.php
+++ b/system/libs/pot/OTS.php
@@ -415,9 +415,11 @@ class POT
 * @tutorial POT/Server_status.pkg
 * @deprecated 0.1.4 Use OTS_ServerInfo->status().
 */
-    public static function serverStatus($server, $port)
+	public static function serverStatus($server, $port, $timeout = 2.0)
 	{
 		$status = new OTS_ServerInfo($server, $port);
 		$status->setTimeout($timeout);
 		return $status->status();
 	}
@@ -1115,7 +1117,7 @@ class POT
 *
 * @param IOTS_FileCache $cache Cache handler (skip this parameter to reset cache handler to null).
 */
-    public function setItemsCache(IOTS_FileCache $cache = null)
+	public function setItemsCache(?IOTS_FileCache $cache = null)
 	{
 		$this->itemsCache = $cache;
 	}
@@ -1253,7 +1255,7 @@ class POT
 *
 * @param IOTS_FileCache $cache Cache handler (skip this parameter to reset cache handler to null).
 */
-    public function setMapCache(IOTS_FileCache $cache = null)
+	public function setMapCache(?IOTS_FileCache $cache = null)
 	{
 		$this->mapCache = $cache;
 	}
--- a/system/libs/pot/OTS_Account.php
+++ b/system/libs/pot/OTS_Account.php
@@ -443,9 +443,6 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			throw new E_OTS_NotLoaded();
 		}
 		$configFreePremium = configLua('freePremium');
 		if(isset($configFreePremium) && getBoolean($configFreePremium)) {return -1;}
 		if(isset($this->data['premium_ends_at']) || isset($this->data['premend'])) {
 			$col = isset($this->data['premium_ends_at']) ? 'premium_ends_at' : 'premend';
 			$ret = ceil(($this->data[$col] - time()) / (24 * 60 * 60));
--- a/system/libs/pot/OTS_Guild.php
+++ b/system/libs/pot/OTS_Guild.php
@@ -97,7 +97,7 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
 *
 * @param IOTS_GuildAction $invites Invites driver (don't pass it to clear driver).
 */
-    public function setInvitesDriver(IOTS_GuildAction $invites = null)
+    public function setInvitesDriver(?IOTS_GuildAction $invites = null)
    {
        $this->invites = $invites;
    }
@@ -107,7 +107,7 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
 *
 * @param IOTS_GuildAction $requests Membership requests driver (don't pass it to clear driver).
 */
-    public function setRequestsDriver(IOTS_GuildAction $requests = null)
+    public function setRequestsDriver(?IOTS_GuildAction $requests = null)
    {
        $this->requests = $requests;
    }
--- a/system/libs/pot/OTS_GuildRank.php
+++ b/system/libs/pot/OTS_GuildRank.php
@@ -60,7 +60,7 @@ class OTS_GuildRank extends OTS_Row_DAO implements IteratorAggregate, Countable
 * @throws PDOException On PDO operation error.
 * @throws E_OTS_NotLoaded If given <var>$guild</var> object is not loaded.
 */
-    public function find($name, OTS_Guild $guild = null)
+    public function find($name, ?OTS_Guild $guild = null)
    {
        $where = '';
--- a/system/libs/pot/OTS_InfoRespond.php
+++ b/system/libs/pot/OTS_InfoRespond.php
@@ -219,11 +219,16 @@ class OTS_InfoRespond extends DOMDocument
 * @return int Count of monsters.
 * @throws DOMException On DOM operation error.
 */
-    public function getMonstersCount()
+	public function getMonstersCount(): int
 	{
 		return (int) $this->documentElement->getElementsByTagName('monsters')->item(0)->getAttribute('total');
 	}
 	public function getNPCsCount(): int
 	{
 		return (int) $this->documentElement->getElementsByTagName('npcs')->item(0)->getAttribute('total');
 	}
 /**
 * Returns map name.
 *
--- a/system/libs/pot/OTS_Monster.php
+++ b/system/libs/pot/OTS_Monster.php
@@ -284,7 +284,7 @@ class OTS_Monster extends DOMDocument
 */
 	public function getLook()
 	{
-		$look = array();
+		$look = [];
 		$element = $this->documentElement->getElementsByTagName('look')->item(0);
@@ -292,14 +292,30 @@ class OTS_Monster extends DOMDocument
 			return $look;
 		}
-		$look['type'] = $element->getAttribute('type');
+		if ($element->hasAttribute('typeex')) {
-		$look['typeex'] = $element->getAttribute('typeex');
+			$look['typeEx'] = (int) $element->getAttribute('typeex');
-		$look['head'] = $element->getAttribute('head');
+		}
-		$look['body'] = $element->getAttribute('body');
+		if ($element->hasAttribute('type')) {
-		$look['legs'] = $element->getAttribute('legs');
+			$look['type'] = (int) $element->getAttribute('type');
-		$look['feet'] = $element->getAttribute('feet');
+		}
-		$look['addons'] = $element->getAttribute('addons');
+		if ($element->hasAttribute('head')) {
-		$look['corpse'] = $element->getAttribute('corpse');
+			$look['head'] = (int) $element->getAttribute('head');
 		}
 		if ($element->hasAttribute('body')) {
 			$look['body'] = (int) $element->getAttribute('body');
 		}
 		if ($element->hasAttribute('legs')) {
 			$look['legs'] = (int) $element->getAttribute('legs');
 		}
 		if ($element->hasAttribute('feet')) {
 			$look['feet'] = (int) $element->getAttribute('feet');
 		}
 		if ($element->hasAttribute('addons')) {
 			$look['addons'] = (int) $element->getAttribute('addons');
 		}
 		if ($element->hasAttribute('corpse')) {
 			$look['corpse'] = (int) $element->getAttribute('corpse');
 		}
 		return $look;
 	}
--- a/system/libs/pot/OTS_Player.php
+++ b/system/libs/pot/OTS_Player.php
@@ -2026,7 +2026,7 @@ class OTS_Player extends OTS_Row_DAO
 * @param OTS_GuildRank|null Guild rank (null to clear assign).
 * @throws E_OTS_NotLoaded If passed <var>$guildRank</var> parameter is not loaded.
 */
-	public function setRank(OTS_GuildRank $guildRank = null)
+	public function setRank(?OTS_GuildRank $guildRank = null)
 	{
 		if(isset($guildRank))
 			$this->setRankId($guildRank->getId(), $guildRank->getGuild()->getId());
@@ -2632,7 +2632,7 @@ class OTS_Player extends OTS_Row_DAO
 * @throws E_OTS_NotLoaded If player is not loaded.
 * @throws PDOException On PDO operation error.
 */
-	public function setSlot($slot, OTS_Item $item = null, $pid = 0)
+	public function setSlot($slot, ?OTS_Item $item = null, $pid = 0)
 	{
 		static $sid;
@@ -2776,7 +2776,7 @@ class OTS_Player extends OTS_Row_DAO
 * @throws E_OTS_NotLoaded If player is not loaded.
 * @throws PDOException On PDO operation error.
 */
-	public function setDepot($depot, OTS_Item $item = null, $pid = 0, $depot_id = 0)
+	public function setDepot($depot, ?OTS_Item $item = null, $pid = 0, $depot_id = 0)
 	{
 		static $sid;
--- a/system/libs/pot/OTS_ServerInfo.php
+++ b/system/libs/pot/OTS_ServerInfo.php
@@ -26,14 +26,19 @@ class OTS_ServerInfo
 *
 * @var string
 */
-    private $server;
+	private string $server;
 /**
 * Connection port.
 *
 * @var int
 */
-    private $port;
+	private int $port;
 	/**
 	 * Status timeout
 	 */
 	private float $timeout = 2.0;
 /**
 * Creates handler for new server.
@@ -57,7 +62,7 @@ class OTS_ServerInfo
 	private function send(OTS_Buffer $packet)
 	{
 		// connects to server
-        $socket = @fsockopen($this->server, $this->port, $error, $message, setting('core.status_timeout'));
+		$socket = @fsockopen($this->server, $this->port, $error, $message, $this->timeout);
 		// if connected then checking statistics
 		if($socket)
@@ -224,6 +229,10 @@ class OTS_ServerInfo
 				throw new OutOfBoundsException();
 		}
 	}
 	public function setTimeout($timeout) {
 		$this->timeout = $timeout;
 	}
 }
 /**#@-*/
--- a/system/locale/de/install.php
+++ b/system/locale/de/install.php
@@ -48,6 +48,8 @@ $locale['step_config'] = 'Konfiguration';
 $locale['step_config_title'] = 'Grundkonfiguration';
 $locale['step_config_server_path'] = 'Serverpfad';
 $locale['step_config_server_path_desc'] = 'Pfad zu Ihrem TFS-Hauptverzeichnis, in dem sich die config.lua befinden.';
 $locale['step_config_site_url'] = 'Website URL';
 $locale['step_config_site_url_desc'] = 'Ihre Website-Adresse.';
 $locale['step_config_mail_admin'] = 'Admin E-Mail';
 $locale['step_config_mail_admin_desc'] = 'Adresse, an die E-Mails aus dem Kontaktformular gesendet werden, z. B. admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'Admin E-Mail ist nicht korrekt.';
--- a/system/locale/en/install.php
+++ b/system/locale/en/install.php
@@ -52,6 +52,8 @@ $locale['step_config'] = 'Configuration';
 $locale['step_config_title'] = 'Basic configuration';
 $locale['step_config_server_path'] = 'Server path';
 $locale['step_config_server_path_desc'] = 'Path to your TFS main directory, where you have config.lua located.';
 $locale['step_config_site_url'] = 'Website URL';
 $locale['step_config_site_url_desc'] = 'Your website address.';
 $locale['step_config_mail_admin'] = 'Admin Email';
 $locale['step_config_mail_admin_desc'] = 'Address where emails from contact form will be delivered, for example admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'Admin Email is not correct.';
--- a/system/locale/pl/install.php
+++ b/system/locale/pl/install.php
@@ -52,6 +52,8 @@ $locale['step_config'] = 'Konfiguracja';
 $locale['step_config_title'] = 'Podstawowa konfiguracja';
 $locale['step_config_server_path'] = 'Ścieżka do serwera';
 $locale['step_config_server_path_desc'] = 'Ścieżka do Twojego folderu z TFS, gdzie znajduje się plik config.lua.';
 $locale['step_config_server_url'] = 'Adres strony';
 $locale['step_config_server_url_desc'] = 'Adres tej strony www.';
 $locale['step_config_mail_admin'] = 'E-Mail admina';
 $locale['step_config_mail_admin_desc'] = 'Na ten adres będą dostarczane E-Maile z formularza kontaktowego, przykładowo admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'E-Mail admina jest niepoprawny.';
--- a/system/migrations/17.php
+++ b/system/migrations/17.php
@@ -10,8 +10,13 @@ $up = function () use ($db) {
 		$db->exec(file_get_contents(__DIR__ . '/17-menu.sql'));
 	}
-	Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
+	$themes = ['kathrine', 'tibiacom',];
-	Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
+	foreach ($themes as $theme) {
 		$file = TEMPLATES . $theme . '/menus.php';
 		if (is_file($file)) {
 			Plugins::installMenus($theme, require $file);
 		}
 	}
 };
 $down = function () use ($db) {
--- a/system/migrations/44.php
+++ b/system/migrations/44.php
@@ -0,0 +1,20 @@
 <?php
 // 2025-05-14
 // update pages links
 // server-info conflicts with apache2 mod
 // Changelog conflicts with changelog files
 use MyAAC\Models\Menu;
 use MyAAC\Models\Pages;
 $up = function() {
 	Menu::where('link', 'server-info')->update(['link' => 'ots-info']);
 	Menu::where('link', 'changelog')->update(['link' => 'change-log']);
 };
 $down = function() {
 	Menu::where('link', 'ots-info')->update(['link' => 'server-info']);
 	Menu::where('link', 'change-log')->update(['link' => 'changelog']);
 };
--- a/system/migrations/45.php
+++ b/system/migrations/45.php
@@ -0,0 +1,32 @@
 <?php
 // 2025-05-14
 // update pages links
 // server-info conflicts with apache2 mod
 // Changelog conflicts with changelog files
 use MyAAC\Models\Pages;
 $up = function() {
 	Pages::where('name', 'rules_on_the_page')->update(['hide' => 1]);
 	$rules = Pages::where('name', 'rules')->first();
 	if (!$rules) {
 		Pages::create([
 			'name' => 'rules',
 			'title' => 'Server Rules',
 			'body' => '<b>{{ config.lua.serverName }} Rules</b><br/>' . nl2br(file_get_contents(__DIR__ . '/30-rules.txt')),
 			'date' => time(),
 			'player_id' => 1,
 			'php' => 0,
 			'enable_tinymce' => 1,
 			'access' => 0,
 			'hide' => 0,
 		]);
 	}
 };
 $down = function() {
 	Pages::where('name', 'rules_on_the_page')->update(['hide' => 0]);
 };
--- a/system/pages/account/change-email.php
+++ b/system/pages/account/change-email.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $email_new_time = $account_logged->getCustomField("email_new_time");
 if($email_new_time > 10) {
--- a/system/pages/account/change-info.php
+++ b/system/pages/account/change-info.php
@@ -20,6 +20,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 if(setting('core.account_country'))
 	require SYSTEM . 'countries.conf.php';
--- a/system/pages/account/change-password.php
+++ b/system/pages/account/change-password.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $new_password = $_POST['newpassword'] ?? NULL;
 $new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
 $old_password = $_POST['oldpassword'] ?? NULL;
--- a/system/pages/account/characters/change-comment.php
+++ b/system/pages/account/characters/change-comment.php
@@ -20,6 +20,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $player = null;
 $player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
 $new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;
--- a/system/pages/account/characters/change-name.php
+++ b/system/pages/account/characters/change-name.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
 $name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL;
 if((!setting('core.account_change_character_name')))
--- a/system/pages/account/characters/change-sex.php
+++ b/system/pages/account/characters/change-sex.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $sex_changed = false;
 $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
 $new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;
--- a/system/pages/account/characters/create.php
+++ b/system/pages/account/characters/create.php
@@ -20,6 +20,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $character_name = isset($_POST['name']) ? stripslashes($_POST['name']) : null;
 $character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null;
 $character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null;
--- a/system/pages/account/characters/delete.php
+++ b/system/pages/account/characters/delete.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null;
 $password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null;
 $password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify);
--- a/system/pages/account/create.php
+++ b/system/pages/account/create.php
@@ -23,6 +23,8 @@ if($logged)
 	return;
 }
 csrfProtect();
 if(setting('core.account_create_character_create')) {
 	$createCharacter = new CreateCharacter();
 }
@@ -219,8 +221,14 @@ if($save)
 			}
 		}
-		if(setting('core.account_premium_points') && setting('core.account_premium_points') > 0) {
+		$accountDefaultPremiumPoints = setting('core.account_premium_points');
-			$new_account->setCustomField('premium_points', setting('core.account_premium_points'));
+		if($accountDefaultPremiumPoints > 0) {
 			$new_account->setCustomField('premium_points', $accountDefaultPremiumPoints);
 		}
 		$accountDefaultCoins = setting('core.account_coins');
 		if($db->hasColumn('accounts', 'coins') && $accountDefaultCoins > 0) {
 			$new_account->setCustomField('coins', $accountDefaultCoins);
 		}
 		$tmp_account = $email;
--- a/system/pages/account/login.php
+++ b/system/pages/account/login.php
@@ -18,6 +18,8 @@ if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login']
 	return;
 }
 csrfProtect();
 $login_account = $_POST['account_login'];
 $login_password = $_POST['password_login'];
 $remember_me = isset($_POST['remember_me']);
@@ -95,3 +97,8 @@ else {
 }
 $hooks->trigger(HOOK_ACCOUNT_LOGIN_POST);
 if($logged) {
 	$twig->addGlobal('logged', true);
 	$twig->addGlobal('account_logged', $account_logged);
 }
--- a/system/pages/account/manage.php
+++ b/system/pages/account/manage.php
@@ -34,6 +34,8 @@ if(isset($_REQUEST['redirect']))
 	return;
 }
 csrfProtect();
 $groups = new OTS_Groups_List();
 $freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
--- a/system/pages/account/redirect.php
+++ b/system/pages/account/redirect.php
@@ -1,23 +0,0 @@
 <?php
 /**
 * Change comment
 *
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $redirect = urldecode($_REQUEST['redirect']);
 // should never happen, unless hacker modify the URL
 if (!str_contains($redirect, BASE_URL)) {
 	error('Fatal error: Cannot redirect outside the website.');
 	return;
 }
 $twig->display('account.redirect.html.twig', array(
 	'redirect' => $redirect
 ));
--- a/system/pages/account/register-new.php
+++ b/system/pages/account/register-new.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 if(isset($_POST['reg_password']))
 	$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
--- a/system/pages/account/register.php
+++ b/system/pages/account/register.php
@@ -17,6 +17,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 $_POST['reg_password'] = $_POST['reg_password'] ?? '';
 $reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
 $old_key = $account_logged->getCustomField("key");
--- a/system/pages/change-log.php
+++ b/system/pages/change-log.php
@@ -0,0 +1,46 @@
 <?php
 /**
 * Changelog
 *
 * @package   MyAAC
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Changelog';
 use MyAAC\Models\Changelog;
 $_page = isset($_GET['page']) ? (int)$_GET['page'] : 0;
 $limit = 30;
 $offset = $_page * $limit;
 $next_page = false;
 $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
 $changelogs = Changelog::isPublic()->orderByDesc('date')->limit($limit + 1)->offset($offset)->get()->toArray();
 $i = 0;
 foreach($changelogs as $key => &$log)
 {
 	if($i < $limit) {
 		$log['type'] = getChangelogType($log['type']);
 		$log['where'] = getChangelogWhere($log['where']);
 	}
 	else {
 		unset($changelogs[$key]);
 	}
 	if ($i >= $limit)
 		$next_page = true;
 	$i++;
 }
 $twig->display('changelog.html.twig', array(
 	'changelogs' => $changelogs,
 	'page' => $_page,
 	'next_page' => $next_page,
 	'canEdit' => $canEdit,
 ));
--- a/system/pages/changelog.php
+++ b/system/pages/changelog.php
@@ -1,46 +1,3 @@
 <?php
 /**
 * Changelog
 *
 * @package   MyAAC
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Changelog';
-use MyAAC\Models\Changelog;
+require 'change-log.php';
 $_page = isset($_GET['page']) ? (int)$_GET['page'] : 0;
 $limit = 30;
 $offset = $_page * $limit;
 $next_page = false;
 $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
 $changelogs = Changelog::isPublic()->orderByDesc('date')->limit($limit + 1)->offset($offset)->get()->toArray();
 $i = 0;
 foreach($changelogs as $key => &$log)
 {
 	if($i < $limit) {
 		$log['type'] = getChangelogType($log['type']);
 		$log['where'] = getChangelogWhere($log['where']);
 	}
 	else {
 		unset($changelogs[$key]);
 	}
 	if ($i >= $limit)
 		$next_page = true;
 	$i++;
 }
 $twig->display('changelog.html.twig', array(
 	'changelogs' => $changelogs,
 	'page' => $_page,
 	'next_page' => $next_page,
 	'canEdit' => $canEdit,
 ));
--- a/system/pages/forum/admin.php
+++ b/system/pages/forum/admin.php
@@ -17,6 +17,8 @@ if(!$canEdit) {
 	return;
 }
 csrfProtect();
 $groupsList = new OTS_Groups_List();
 $groups = [
 	['id' => 0, 'name' => 'Guest'],
@@ -30,23 +32,24 @@ foreach ($groupsList as $group) {
 }
 if(!empty($action)) {
-	if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
+	if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') {
 		$id = $_REQUEST['id'];
 	if(isset($_REQUEST['access'])) {
 		$access = $_REQUEST['access'];
 	}
-	if(isset($_REQUEST['guild'])) {
+	if(isset($_POST['access'])) {
-		$guild = $_REQUEST['guild'];
+		$access = $_POST['access'];
 	}
-	if(isset($_REQUEST['name'])) {
+	if(isset($_POST['guild'])) {
-		$name = $_REQUEST['name'];
+		$guild = $_POST['guild'];
 	}
-	if(isset($_REQUEST['description'])) {
+	if(isset($_POST['name'])) {
-		$description = stripslashes($_REQUEST['description']);
+		$name = $_POST['name'];
 	}
 	if(isset($_POST['description'])) {
 		$description = stripslashes($_POST['description']);
 	}
 	$errors = [];
@@ -55,12 +58,13 @@ if(!empty($action)) {
 		if(Forum::add_board($name, $description, $access, $guild, $errors)) {
 			$action = $name = $description = '';
 			header('Location: ' . getLink('forum'));
 			exit;
 		}
 	}
 	else if($action == 'delete_board') {
 		Forum::delete_board($id, $errors);
 		header('Location: ' . getLink('forum'));
-		$action = '';
+		exit;
 	}
 	else if($action == 'edit_board')
 	{
@@ -74,28 +78,27 @@ if(!empty($action)) {
 		else {
 			Forum::update_board($id, $name, $access, $guild, $description);
 			header('Location: ' . getLink('forum'));
-			$action = $name = $description = '';
+			exit;
 			$access = $guild = 0;
 		}
 	}
 	else if($action == 'hide_board') {
 		Forum::toggleHide_board($id, $errors);
 		header('Location: ' . getLink('forum'));
-		$action = '';
+		exit;
 	}
 	else if($action == 'moveup_board') {
 		Forum::move_board($id, -1, $errors);
 		header('Location: ' . getLink('forum'));
-		$action = '';
+		exit;
 	}
 	else if($action == 'movedown_board') {
 		Forum::move_board($id, 1, $errors);
 		header('Location: ' . getLink('forum'));
-		$action = '';
+		exit;
 	}
 	if(!empty($errors)) {
-		$twig->display('error_box.html.twig', array('errors' => $errors));
+		$twig->display('error_box.html.twig', ['errors' => $errors]);
 		$action = '';
 	}
 }
--- a/system/pages/forum/edit_post.php
+++ b/system/pages/forum/edit_post.php
@@ -23,8 +23,9 @@ if(!$logged) {
 	return;
 }
-if(Forum::canPost($account_logged))
+csrfProtect();
-{
+
 if(Forum::canPost($account_logged)) {
 	$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
 	if(!$post_id) {
 		$errors[] = 'Please enter post id.';
@@ -41,12 +42,12 @@ if(Forum::canPost($account_logged))
 			$char_id = $post_topic = $text = $smile = $html = null;
 			$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 			$saved = false;
-			if(isset($_REQUEST['save'])) {
+			if(isset($_POST['save'])) {
-				$text = stripslashes(trim($_REQUEST['text']));
+				$text = stripslashes(trim($_POST['text']));
-				$char_id = (int) $_REQUEST['char_id'];
+				$char_id = (int) $_POST['char_id'];
-				$post_topic = stripslashes(trim($_REQUEST['topic']));
+				$post_topic = stripslashes(trim($_POST['topic']));
-				$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
+				$smile = isset($_POST['smile']) ? (int)$_POST['smile'] : 0;
-				$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
+				$html = isset($_POST['html']) ? (int)$_POST['html'] : 0;
 				if (!superAdmin()) {
 					$html = 0;
--- a/system/pages/forum/move_thread.php
+++ b/system/pages/forum/move_thread.php
@@ -23,15 +23,17 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 if(!Forum::isModerator()) {
 	echo 'You are not logged in or you are not moderator.';
 	return;
 }
-$save = isset($_REQUEST['save']) && (int)$_REQUEST['save'] == 1;
+$save = isset($_POST['save']) && (int)$_POST['save'] == 1;
 if($save) {
-	$post_id = (int)$_REQUEST['id'];
+	$post_id = (int)$_POST['id'];
-	$board = (int)$_REQUEST['section'];
+	$board = (int)$_POST['section'];
 	if(!Forum::hasAccess($board)) {
 		$errors[] = "You don't have access to this board.";
 		displayErrorBoxWithBackButton($errors, getLink('forum'));
--- a/system/pages/forum/new_post.php
+++ b/system/pages/forum/new_post.php
@@ -28,6 +28,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 	$thread_id = isset($_REQUEST['thread_id']) ? (int) $_REQUEST['thread_id'] : 0;
@@ -43,11 +45,11 @@ if(Forum::canPost($account_logged)) {
 		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
 		$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
-		$text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL;
+		$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;
-		$char_id = (int) ($_REQUEST['char_id'] ?? 0);
+		$char_id = (int) ($_POST['char_id'] ?? 0);
-		$post_topic = isset($_REQUEST['topic']) ? stripslashes(trim($_REQUEST['topic'])) : '';
+		$post_topic = isset($_POST['topic']) ? stripslashes(trim($_POST['topic'])) : '';
-		$smile = (int)($_REQUEST['smile'] ?? 0);
+		$smile = (int)($_POST['smile'] ?? 0);
-		$html = (int)($_REQUEST['html'] ?? 0);
+		$html = (int)($_POST['html'] ?? 0);
 		$saved = false;
 		if (!superAdmin()) {
@@ -60,10 +62,10 @@ if(Forum::canPost($account_logged)) {
 				$text = '[i]Originally posted by ' . $quoted_post[0]['name'] . ' on ' . date('d.m.y H:i:s', $quoted_post[0]['post_date']) . ':[/i][quote]' . $quoted_post[0]['post_text'] . '[/quote]';
 			}
 		}
-		elseif(isset($_REQUEST['save'])) {
+		elseif(isset($_POST['save'])) {
 			$length = strlen($text);
 			if($length < 1 || strlen($text) > 15000) {
-				$errors[] = 'Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.';
+				$errors[] = "Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.";
 			}
 			if($char_id == 0) {
@@ -79,15 +81,14 @@ if(Forum::canPost($account_logged)) {
 				}
 				if(!$player_on_account) {
-					$errors[] = 'Player with selected ID ' . $char_id . ' doesn\'t exist or isn\'t on your account';
+					$errors[] = "Player with selected ID $char_id doesn't exist or isn't on your account";
 				}
 			}
 			if(count($errors) == 0) {
 				$last_post = 0;
 				$query = $db->query('SELECT post_date FROM ' . FORUM_TABLE_PREFIX . 'forum ORDER BY post_date DESC LIMIT 1');
-				if($query->rowCount() > 0)
+				if($query->rowCount() > 0) {
 				{
 					$query = $query->fetch();
 					$last_post = $query['post_date'];
 				}
--- a/system/pages/forum/new_thread.php
+++ b/system/pages/forum/new_thread.php
@@ -28,6 +28,8 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
 	$section_id = $_REQUEST['section_id'] ?? null;
@@ -38,19 +40,18 @@ if(Forum::canPost($account_logged)) {
 			if ($sections[$section_id]['closed'] && !Forum::isModerator())
 				$errors[] = 'You cannot create topic on this board.';
-			$quote = (int)(isset($_REQUEST['quote']) ? $_REQUEST['quote'] : 0);
+			$text = isset($_POST['text']) ? stripslashes($_POST['text']) : '';
-			$text = isset($_REQUEST['text']) ? stripslashes($_REQUEST['text']) : '';
+			$char_id = (int)(isset($_POST['char_id']) ? $_POST['char_id'] : 0);
-			$char_id = (int)(isset($_REQUEST['char_id']) ? $_REQUEST['char_id'] : 0);
+			$post_topic = isset($_POST['topic']) ? stripslashes($_POST['topic']) : '';
-			$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
+			$smile = (isset($_POST['smile']) ? (int)$_POST['smile'] : 0);
-			$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
+			$html = (isset($_POST['html']) ? (int)$_POST['html'] : 0);
 			$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
 			if (!superAdmin()) {
 				$html = 0;
 			}
 			$saved = false;
-			if (isset($_REQUEST['save'])) {
+			if (isset($_POST['save'])) {
 				$length = strlen($post_topic);
 				if ($length < 1 || $length > 60) {
 					$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";
--- a/system/pages/forum/remove_post.php
+++ b/system/pages/forum/remove_post.php
@@ -23,11 +23,13 @@ if(!$logged) {
 	return;
 }
 csrfProtect();
 if(Forum::isModerator()) {
-	$id = (int) $_REQUEST['id'];
+	$id = (int) ($_POST['id'] ?? 0);
 	$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();
-	if($post['id'] == $id && Forum::hasAccess($post['section'])) {
+	if($post && $post['id'] == $id && Forum::hasAccess($post['section'])) {
 		if($post['id'] == $post['first_post']) {
 			$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `first_post` = ".$post['id']);
 			header('Location: ' . getForumBoardLink($post['section']));
@@ -36,7 +38,7 @@ if(Forum::isModerator()) {
 			$post_page = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`id` < ".$id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $post['first_post'])->fetch();
 			$_page = (int) ceil($post_page['posts_count'] / setting('core.forum_threads_per_page')) - 1;
 			$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post['id']);
-			header('Location: ' . getForumThreadLink($post['first_post'], (int) $_page));
+			header('Location: ' . getForumThreadLink($post['first_post'], $_page));
 		}
 	}
 	else {
--- a/system/pages/forum/show_board.php
+++ b/system/pages/forum/show_board.php
@@ -33,7 +33,7 @@ if(!Forum::hasAccess($section_id)) {
 	return;
 }
-$_page = (int) (isset($_REQUEST['page']) ? $_REQUEST['page'] : 0);
+$_page = (int) ($_REQUEST['page'] ?? 0);
 $threads_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS threads_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id`")->fetch();
 for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_per_page'); $i++) {
 	if($i != $_page)
@@ -50,7 +50,7 @@ if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 }
 echo '<br /><br />Page: '.$links_to_pages.'<br />';
-$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll();
+$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll(PDO::FETCH_ASSOC);
 if(isset($last_threads[0])) {
 	echo '<table width="100%">
@@ -67,8 +67,8 @@ if(isset($last_threads[0])) {
 	foreach($last_threads as $thread) {
 		echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
 		if(Forum::isModerator()) {
-			echo '<a href="' . getLink('forum') . '?action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
+			echo '<a href="' . getLink('forum') . '?action=move_thread&id=' . $thread['id'] . '" title="Move Thread"><img src="images/icons/arrow_right.gif"/></a>';
-			echo '<a href="' . getLink('forum') . '?action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.htmlspecialchars($thread['post_topic']).' <?\')"><span style="color: red">[REMOVE]</span></a>  ';
+			$twig->display('forum.remove_post.html.twig', ['post' => $thread]);
 		}
 		$player->load($thread['player_id']);
@@ -82,11 +82,14 @@ if(isset($last_threads[0])) {
 		echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']). '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
 		if($thread['last_post'] > 0) {
 			$last_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
-			if(isset($last_post['name']))
+
-				echo date('d.m.y H:i:s', $last_post['post_date']).'<br />by ' . getPlayerLink($last_post['name']);
+			if(isset($last_post['name'])) {
-			else
+				echo date('d.m.y H:i:s', $last_post['post_date']) . '<br />by ' . getPlayerLink($last_post['name']);
 			}
 			else {
 				echo 'No posts.';
 			}
 		}
 		else {
 			echo date('d.m.y H:i:s', $thread['post_date']) . '<br />by ' . getPlayerLink($thread['name']);
 		}
--- a/system/pages/forum/show_thread.php
+++ b/system/pages/forum/show_thread.php
@@ -35,7 +35,7 @@ if(!Forum::hasAccess($thread_starter['section'])) {
 	return;
 }
-$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id)->fetch();
+$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id)->fetch();
 for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_page'); $i++) {
 	if($i != $_page)
 		$links_to_pages .= '<a href="' . getForumThreadLink($thread_id, $i) . '">'.($i + 1).'</a> ';
@@ -46,7 +46,7 @@ for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_p
 $posts = $db->query("SELECT `players`.`id` as `player_id`, `" . FORUM_TABLE_PREFIX . "forum`.`id`,`" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`section`,`" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` AS `date`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`post_html`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`last_edit_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`post_date` LIMIT " . setting('core.forum_posts_per_page') . " OFFSET ".($_page * setting('core.forum_posts_per_page')))->fetchAll();
 if(isset($posts[0]['player_id'])) {
-	$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
+	$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = " . $thread_id);
 }
 $lookaddons = $db->hasColumn('players', 'lookaddons');
--- a/system/pages/guilds/accept_invite.php
+++ b/system/pages/guilds/accept_invite.php
@@ -12,11 +12,11 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
-//set rights in guild
+// set rights in guild
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
 if(!$logged) {
-	$errors[] = 'You are not logged in. You can\'t accept invitations.';
+	$errors[] = "You are not logged in. You can't accept invitations.";
 }
 if(!Validator::guildName($guild_name)) {
@@ -27,11 +27,11 @@ if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
+		$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
 	}
 }
-if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 	if(!Validator::characterName($name)) {
 		$errors[] = 'Invalid name format.';
 	}
@@ -51,7 +51,7 @@ if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 	}
 }
-if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 	if(empty($errors)) {
 		$is_invited = false;
 		include(SYSTEM . 'libs/pot/InvitesDriver.php');
@@ -104,7 +104,7 @@ if(!empty($errors)) {
 	));
 }
 else {
-	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		$guild->acceptInvite($player);
 		$twig->display('success.html.twig', array(
 			'title' => 'Accept invitation',
--- a/system/pages/guilds/add_rank.php
+++ b/system/pages/guilds/add_rank.php
@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-$rank_name = isset($_REQUEST['rank_name']) ? $_REQUEST['rank_name'] : null;
+$rank_name = $_POST['rank_name'] ?? null;
 if(!Validator::guildName($guild_name)) {
 	$errors[] = Validator::getLastError();
 }
@@ -35,7 +35,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
 				$guild_vice = true;
--- a/system/pages/guilds/base.php
+++ b/system/pages/guilds/base.php
@@ -15,3 +15,5 @@ else
 	define('GUILD_MEMBERS_TABLE', 'guild_membership');
 define('MOTD_EXISTS', $db->hasColumn('guilds', 'motd'));
 csrfProtect();
--- a/system/pages/guilds/change_description.php
+++ b/system/pages/guilds/change_description.php
@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -42,8 +42,8 @@ if(empty($errors)) {
 		$saved = false;
 		if($guild_leader) {
-			if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+			if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
-				$description = htmlspecialchars(stripslashes(substr(trim($_REQUEST['description']),0, setting('core.guild_description_chars_limit'))));
+				$description = htmlspecialchars(stripslashes(substr(trim($_POST['description']),0, setting('core.guild_description_chars_limit'))));
 				$guild->setCustomField('description', $description);
 				$saved = true;
 			}
--- a/system/pages/guilds/change_logo.php
+++ b/system/pages/guilds/change_logo.php
@@ -30,7 +30,7 @@ if(empty($errors)) {
 	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
@@ -40,14 +40,13 @@ if(empty($errors)) {
 			}
 		}
-		if($guild_leader)
+		if($guild_leader) {
 		{
 			$max_image_size_b = setting('core.guild_image_size_kb') * 1024;
 			$allowed_ext = array('image/gif', 'image/jpg', 'image/pjpeg', 'image/jpeg', 'image/bmp', 'image/png', 'image/x-png');
 			$ext_name = array('image/gif' => 'gif', 'image/jpg' => 'jpg', 'image/jpeg' => 'jpg', 'image/pjpeg' => 'jpg', 'image/bmp' => 'bmp', 'image/png' => 'png', 'image/x-png' => 'png');
 			$save_file_name = str_replace(' ', '_', strtolower($guild->getName()));
 			$save_path = GUILD_IMAGES_DIR . $save_file_name;
-			if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
+			if(isset($_POST['todo']) && $_POST['todo'] == 'save')
 			{
 				$file = $_FILES['newlogo'];
 				if(is_uploaded_file($file['tmp_name']))
@@ -97,13 +96,13 @@ if(empty($errors)) {
 			$guild_logo = $guild->getCustomField('logo_name');
 			if(empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
-				$guild_logo = "default.gif";
+				$guild_logo = 'default.gif';
 			}
 			$twig->display('guilds.change_logo.html.twig', array(
 				'guild_logo' => $guild_logo,
 				'guild' => $guild,
-				'max_image_size_b' => $max_image_size_b
+				//'max_image_size_b' => $max_image_size_b
 			));
 		}
--- a/system/pages/guilds/change_motd.php
+++ b/system/pages/guilds/change_motd.php
@@ -34,7 +34,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -45,8 +45,8 @@ if(empty($errors)) {
 		$saved = false;
 		if($guild_leader) {
-			if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+			if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
-				$motd = htmlspecialchars(stripslashes(substr($_REQUEST['motd'],0, setting('core.guild_motd_chars_limit'))));
+				$motd = htmlspecialchars(stripslashes(substr($_POST['motd'],0, setting('core.guild_motd_chars_limit'))));
 				$guild->setCustomField('motd', $motd);
 				$saved = true;
 			}
--- a/system/pages/guilds/change_nick.php
+++ b/system/pages/guilds/change_nick.php
@@ -20,17 +20,15 @@ if(!$logged) {
 }
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
-$new_nick = isset($_REQUEST['nick']) ? stripslashes($_REQUEST['nick']) : null;
+$new_nick = isset($_POST['nick']) ? stripslashes($_POST['nick']) : null;
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 if(!$name) {
 	$errors[] = 'Please enter new name.';
 	return;
 }
 if(!$new_nick) {
 	$errors[] = 'Please enter new nick.';
 	return;
 }
 if(empty($errors))
--- a/system/pages/guilds/change_rank.php
+++ b/system/pages/guilds/change_rank.php
@@ -17,8 +17,9 @@ if(!$logged) {
 }
 else {
 	$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-	if(!Validator::guildName($guild_name))
+	if(!Validator::guildName($guild_name)) {
 		$errors[] = Validator::getLastError();
 	}
 }
 if(empty($errors))
@@ -42,7 +43,7 @@ $rank_list = $guild->getGuildRanksList();
 $rank_list->orderBy('level', POT::ORDER_DESC);
 $guild_leader = false;
 $guild_vice = false;
-$account_players = $account_logged->getPlayers();
+$account_players = $account_logged->getPlayersList();
 foreach($account_players as $player)
 {
 	$player_rank = $player->getRank();
@@ -65,22 +66,23 @@ foreach($account_players as $player)
 	}
 }
-if($guild_vice)
+if($guild_vice) {
-{
+	if(isset($_POST['todo']) && $_POST['todo'] === 'save') {
 	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] === 'save')
 	{
 		$player_name = stripslashes($_REQUEST['name']);
-		$new_rank = (int) $_REQUEST['rankid'];
+		$new_rank = (int) $_POST['rankid'];
-		if(!Validator::characterName($player_name))
+
 		if(!Validator::characterName($player_name)) {
 			$errors[] = 'Invalid player name format.';
 		}
 		$rank = new OTS_GuildRank();
 		$rank->load($new_rank);
 		if(!$rank->isLoaded())
 			$errors[] = "Rank with this ID doesn't exist.";
 		if($level_in_guild <= $rank->getLevel() && !$guild_leader)
 			$errors[] = "You can't set ranks with equal or higher level than your.";
-		if(empty($errors))
+
-		{
+		if(empty($errors)) {
 			$player_to_change = new OTS_Player();
 			$player_to_change->find($player_name);
 			if(!$player_to_change->isLoaded())
@@ -108,8 +110,7 @@ if($guild_vice)
 				$errors[] = 'This player has higher rank in guild than you. You can\'t change his/her rank.';
 		}
-		if(empty($errors))
+		if(empty($errors)) {
 		{
 			$player_to_change->setRank($rank);
 			$twig->display('success.html.twig', array(
 				'title' => 'Rank Changed',
@@ -125,7 +126,7 @@ if($guild_vice)
 	$result = getPlayersWithLowerRank($rank_list, $guild_leader, $db, $level_in_guild, $guild);
 	$twig->display('guilds.change_rank.html.twig', array(
-		'players' => isset($result['players']) ? $result['players'] : array(),
+		'players' => $result['players'] ?? [],
 		'guild_name' => $guild->getName(),
 		'ranks' => $result['ranks']
 	));
--- a/system/pages/guilds/cleanup_players.php
+++ b/system/pages/guilds/cleanup_players.php
@@ -12,33 +12,27 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
-if(!$logged)
+if(!$logged) {
 {
 	echo "You are not logged in.";
 	$twig->display('guilds.back_button.html.twig');
 	return;
 }
-if(admin())
+if(admin()) {
 {
 	$players_list = new OTS_Players_List();
 	$players_list->init();
 }
-else
+else {
 	$players_list = $account_logged->getPlayersList();
 }
-if(count($players_list) > 0)
+if(count($players_list) > 0) {
-{
+	foreach($players_list as $player) {
 	foreach($players_list as $player)
 	{
 		$player_rank = $player->getRank();
-		if($player_rank->isLoaded())
+		if($player_rank->isLoaded()) {
-		{
+			if($player_rank->isLoaded()) {
 			if($player_rank->isLoaded())
 			{
 				$rank_guild = $player_rank->getGuild();
-				if(!$rank_guild->isLoaded())
+				if(!$rank_guild->isLoaded()) {
 				{
 					$player->setRank();
 					$player->setGuildNick('');
 					$changed_ranks_of[] = $player->getName();
@@ -46,8 +40,7 @@ if(count($players_list) > 0)
 					$player_rank->delete();
 				}
 			}
-			else
+			else {
 			{
 				$player->setRank();
 				$player->setGuildNick('');
 				$changed_ranks_of[] = $player->getName();
@@ -55,14 +48,20 @@ if(count($players_list) > 0)
 		}
 	}
 	echo "<b>Deleted ranks (this ranks guilds doesn't exist [bug fix]):</b>";
-	if(!empty($deleted_ranks))
+	if(!empty($deleted_ranks)) {
-		foreach($deleted_ranks as $rank)
+		foreach ($deleted_ranks as $rank) {
-			echo "<li>".$rank;
+			echo "<li>" . $rank;
 		}
 	}
 	echo "<BR /><BR /><b>Changed ranks of players (rank or guild of rank doesn't exist [bug fix]):</b>";
-	if(!empty($changed_ranks_of))
+
-		foreach($changed_ranks_of as $name)
+	if(!empty($changed_ranks_of)) {
-			echo "<li>".$name;
+		foreach ($changed_ranks_of as $name) {
 			echo "<li>" . $name;
 		}
 	}
 }
 else
 	echo "0 players found.";
--- a/system/pages/guilds/create.php
+++ b/system/pages/guilds/create.php
@@ -14,15 +14,15 @@ use MyAAC\Models\GuildRank;
 require __DIR__ . '/base.php';
-$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
+$guild_name = isset($_POST['guild']) ? urldecode($_POST['guild']) : NULL;
-$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : NULL;
+$name = isset($_POST['name']) ? stripslashes($_POST['name']) : NULL;
-$todo = isset($_REQUEST['todo']) ? $_REQUEST['todo'] : NULL;
+$todo = isset($_POST['todo']) ? $_POST['todo'] : NULL;
 if(!$logged) {
-	$guild_errors[] = 'You are not logged in. You can\'t create guild.';
+	$errors[] = 'You are not logged in. You can\'t create guild.';
 }
 $array_of_player_nig = array();
-if(empty($guild_errors))
+if(empty($errors))
 {
 	$account_players = $account_logged->getPlayersList(false);
 	foreach($account_players as $player)
@@ -41,45 +41,44 @@ if(empty($guild_errors))
 if(empty($todo)) {
 	if(count($array_of_player_nig) == 0) {
-		$guild_errors[] = 'On your account all characters are in guilds, have too low level to create new guild' . (setting('core.guild_need_premium') ? ' or you don\' have a premium account' : '') . '.';
+		$errors[] = 'On your account all characters are in guilds, have too low level to create new guild' . (setting('core.guild_need_premium') ? ' or you don\' have a premium account' : '') . '.';
 	}
 }
 if($todo == 'save')
 {
 	if(!Validator::guildName($guild_name)) {
-		$guild_errors[] = Validator::getLastError();
+		$errors[] = Validator::getLastError();
 		$guild_name = '';
 	}
 	if(!Validator::characterName($name)) {
-		$guild_errors[] = 'Invalid character name format.';
+		$errors[] = 'Invalid character name format.';
 		$name = '';
 	}
-	if(empty($guild_errors)) {
+	if(empty($errors)) {
 		$player = new OTS_Player();
 		$player->find($name);
 		if(!$player->isLoaded()) {
-			$guild_errors[] = 'Character <b>'.$name.'</b> doesn\'t exist.';
+			$errors[] = 'Character <b>'.$name.'</b> doesn\'t exist.';
 		}
 	}
-
+	if(empty($errors))
 	if(empty($guild_errors))
 	{
 		$guild = new OTS_Guild();
 		$guild->find($guild_name);
 		if($guild->isLoaded()) {
-			$guild_errors[] = 'Guild <b>'.$guild_name.'</b> already exist. Select other name.';
+			$errors[] = 'Guild <b>'.$guild_name.'</b> already exist. Select other name.';
 		}
 	}
-	if(empty($guild_errors) && $player->isDeleted()) {
+	if(empty($errors) && $player->isDeleted()) {
-		$guild_errors[] = "Character <b>$name</b> has been deleted.";
+		$errors[] = "Character <b>$name</b> has been deleted.";
 	}
-	if(empty($guild_errors))
+	if(empty($errors))
 	{
 		$bad_char = true;
 		foreach($array_of_player_nig as $nick_from_list) {
@@ -88,22 +87,22 @@ if($todo == 'save')
 			}
 		}
 		if($bad_char) {
-			$guild_errors[] = 'Character <b>'.$name.'</b> isn\'t on your account or is already in guild.';
+			$errors[] = 'Character <b>'.$name.'</b> isn\'t on your account or is already in guild.';
 		}
 	}
-	if(empty($guild_errors)) {
+	if(empty($errors)) {
 		if($player->getLevel() < setting('core.guild_need_level')) {
-			$guild_errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
+			$errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
 		}
 		if(setting('core.guild_need_premium') && !$account_logged->isPremium()) {
-			$guild_errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
+			$errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
 		}
 	}
 }
-if(!empty($guild_errors)) {
+if(!empty($errors)) {
-	$twig->display('error_box.html.twig', array('errors' => $guild_errors));
+	$twig->display('error_box.html.twig', array('errors' => $errors));
 	unset($todo);
 }
--- a/system/pages/guilds/delete_by_admin.php
+++ b/system/pages/guilds/delete_by_admin.php
@@ -45,7 +45,10 @@ if(empty($errors)) {
 				$twig->display('success.html.twig', array(
 					'title' => 'Delete Guild',
 					'description' => 'Are you sure you want delete guild <b>' . $guild_name . '</b>?<br/>
-				<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post"><input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete"></form>',
+				<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post">
 					' . csrf(true) . '
 					<input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete">
 				</form>',
 					'custom_buttons' => $twig->render('guilds.back_button.html.twig')
 				));
 			}
--- a/system/pages/guilds/delete_guild.php
+++ b/system/pages/guilds/delete_guild.php
@@ -21,7 +21,7 @@ if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
+		$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
 	}
 }
@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
--- a/system/pages/guilds/delete_invite.php
+++ b/system/pages/guilds/delete_invite.php
@@ -15,47 +15,43 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = stripslashes($_REQUEST['name']);
-if(!$logged)
+if(!$logged) {
 	$errors[] = 'You are not logged in. You can\'t delete invitations.';
 }
-if(!Validator::guildName($guild_name))
+if(!Validator::guildName($guild_name)) {
 	$errors[] = Validator::getLastError();
 }
-if(!Validator::characterName($name))
+if(!Validator::characterName($name)) {
 	$errors[] = 'Invalid name format.';
 }
-if(empty($errors))
+if(empty($errors)) {
 {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded())
 		$errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
 }
-if(empty($errors))
+if(empty($errors)) {
 {
 	$rank_list = $guild->getGuildRanksList();
 	$rank_list->orderBy('level', POT::ORDER_DESC);
 	$guild_leader = false;
 	$guild_vice = false;
-	$account_players = $account_logged->getPlayers();
+	$account_players = $account_logged->getPlayersList();
-	foreach($account_players as $player)
+	foreach($account_players as $player) {
 	{
 		$player_rank = $player->getRank();
-		if($player_rank->isLoaded())
+		if($player_rank->isLoaded()) {
-		{
+			foreach($rank_list as $rank_in_guild) {
-			foreach($rank_list as $rank_in_guild)
+				if($rank_in_guild->getId() == $player_rank->getId()) {
 			{
 				if($rank_in_guild->getId() == $player_rank->getId())
 				{
 					$players_from_account_in_guild[] = $player->getName();
-					if($player_rank->getLevel() > 1)
+					if($player_rank->getLevel() > 1) {
 					{
 						$guild_vice = true;
 						$level_in_guild = $player_rank->getLevel();
 					}
-					if($guild->getOwner()->getId() == $player->getId())
+
-					{
+					if($guild->getOwner()->getId() == $player->getId()) {
 						$guild_vice = true;
 						$guild_leader = true;
 					}
@@ -64,44 +60,46 @@ if(empty($errors))
 		}
 	}
-	if(!$guild_vice)
+	if(!$guild_vice) {
 		$errors[] = 'You are not a leader or vice leader of guild <b>' . $guild_name . '</b>.';
-}
+	}
 if(empty($errors))
 {
 	$player = new OTS_Player();
 	$player->find($name);
 	if(!$player->isLoaded())
 		$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
 }
-if(empty($errors))
+if(empty($errors)) {
-{
+	$player = new OTS_Player();
 	$player->find($name);
 	if(!$player->isLoaded()) {
 		$errors[] = "Player with name <b>$name</b> doesn't exist.";
 	}
 }
 if(empty($errors)) {
 	include(SYSTEM . 'libs/pot/InvitesDriver.php');
 	new InvitesDriver($guild);
 	$invited_list = $guild->listInvites();
-	if(count($invited_list) > 0)
+	if(count($invited_list) > 0) {
 	{
 		$is_invited = false;
-		foreach($invited_list as $invited)
+		foreach($invited_list as $invited) {
-			if($invited->getName() == $player->getName())
+			if ($invited->getName() == $player->getName()) {
 				$is_invited = true;
 		if(!$is_invited)
 			$errors[] = '<b>'.$player->getName().'</b> isn\'t invited to your guild.';
 			}
-	else
+		}
 		if(!$is_invited) {
 			$errors[] = '<b>' . $player->getName() . '</b> isn\'t invited to your guild.';
 		}
 	}
 	else {
 		$errors[] = 'No one is invited to your guild.';
 	}
 }
-if(!empty($errors))
+
-{
+if(!empty($errors)) {
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 	$twig->display('guilds.back_button.html.twig', array('action' => getLink('guilds') . '?action=show&guild=' . $guild_name));
 }
-else
+else {
-{
+	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
 	{
 		$guild->deleteInvite($player);
 		$twig->display('success.html.twig', array(
 			'title' => 'Deleted player invitation',
--- a/system/pages/guilds/delete_rank.php
+++ b/system/pages/guilds/delete_rank.php
@@ -13,25 +13,27 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-$rank_to_delete = isset($_REQUEST['rankid']) ? (int) $_REQUEST['rankid'] : null;
+$rank_to_delete = isset($_POST['rankid']) ? (int) $_POST['rankid'] : null;
 if(!Validator::guildName($guild_name)) {
-	$guild_errors[] = Validator::getLastError();
+	$errors[] = Validator::getLastError();
 }
-if(empty($guild_errors)) {
+
 if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$guild_errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
+		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 	}
 }
-if(empty($guild_errors)) {
+
 if(empty($errors)) {
 	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -39,21 +41,21 @@ if(empty($guild_errors)) {
 				$level_in_guild = 3;
 			}
 		}
 		if($guild_leader) {
 			$rank = new OTS_GuildRank();
 			$rank->load($rank_to_delete);
 			if(!$rank->isLoaded()) {
-				$guild_errors2[] = 'Rank with ID '.$rank_to_delete.' doesn\'t exist.';
+				$errors2[] = 'Rank with ID '.$rank_to_delete.' doesn\'t exist.';
 			}
-			else
+			else {
 			{
 				if($rank->getGuild()->getId() != $guild->getId()) {
-					$guild_errors2[] = 'Rank with ID '.$rank_to_delete.' isn\'t from your guild.';
+					$errors2[] = 'Rank with ID '.$rank_to_delete.' isn\'t from your guild.';
 				}
 				else
 				{
 					if(count($rank_list) < 2) {
-						$guild_errors2[] = 'You have only 1 rank in your guild. You can\'t delete this rank.';
+						$errors2[] = 'You have only 1 rank in your guild. You can\'t delete this rank.';
 					}
 					else
 					{
@@ -87,19 +89,21 @@ if(empty($guild_errors)) {
 									$player->setRank($new_rank);
 							}
 						}
 						$rank->delete();
 						$saved = true;
 					}
 				}
 			}
-			if($saved) {
+
 			if(isset($saved) && $saved) {
 				$twig->display('success.html.twig', array(
 					'title' => 'Rank Deleted',
 					'description' => 'Rank <b>'.$rank->getName().'</b> has been deleted. Players with this rank has now other rank.',
 					'custom_buttons' => ''
 				));
 			} else {
-				$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
+				$twig->display('error_box.html.twig', array('errors' => $errors2));
 			}
 			$twig->display('guilds.back_button.html.twig', array(
@@ -107,18 +111,16 @@ if(empty($guild_errors)) {
 				'action' => getLink('guilds') . '?guild='.$guild->getName().'&action=manager'
 			));
 		}
-		else
+		else {
-		{
+			$errors[] = 'You are not a leader of guild!';
 			$guild_errors[] = 'You are not a leader of guild!';
 		}
 	}
-	else
+	else {
-	{
+		$errors[] = 'You are not logged. You can\'t manage guild.';
 		$guild_errors[] = 'You are not logged. You can\'t manage guild.';
 	}
 }
-if(!empty($guild_errors)) {
+if(!empty($errors)) {
-	$twig->display('error_box.html.twig', array('errors' => $guild_errors));
+	$twig->display('error_box.html.twig', array('errors' => $errors));
 	$twig->display('guilds.back_button.html.twig', array(
 		'new_line' => true,
--- a/system/pages/guilds/invite.php
+++ b/system/pages/guilds/invite.php
@@ -36,7 +36,7 @@ if(empty($errors)) {
 	$rank_list->orderBy('level', POT::ORDER_DESC);
 	$guild_leader = false;
 	$guild_vice = false;
-	$account_players = $account_logged->getPlayers();
+	$account_players = $account_logged->getPlayersList();
 	foreach($account_players as $player) {
 		$player_rank = $player->getRank();
 		if($player_rank->isLoaded()) {
@@ -62,7 +62,7 @@ if(!$guild_vice) {
 	$errors[] = 'You are not a leader or vice leader of guild <b>'.$guild_name.'</b>.'.$level_in_guild;
 }
-if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 	if(!Validator::characterName($name)) {
 		$errors[] = 'Invalid name format.';
 	}
@@ -71,7 +71,7 @@ if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		$player = new OTS_Player();
 		$player->find($name);
 		if(!$player->isLoaded()) {
-			$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
+			$errors[] = "Player with name <b>$name</b> doesn't exist.";
 		} else if ($player->isDeleted()) {
 			$errors[] = "Character with name <b>$name</b> has been deleted.";
 		}
@@ -102,7 +102,7 @@ if(!empty($errors)) {
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 }
 else {
-	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		$guild->invite($player);
 		$twig->display('success.html.twig', array(
 			'title' => 'Invite player',
--- a/system/pages/guilds/kick_player.php
+++ b/system/pages/guilds/kick_player.php
@@ -41,7 +41,7 @@ if(empty($errors)) {
 	$rank_list->orderBy('level', POT::ORDER_DESC);
 	$guild_leader = false;
 	$guild_vice = false;
-	$account_players = $account_logged->getPlayers();
+	$account_players = $account_logged->getPlayersList();
 	foreach($account_players as $player) {
 		$player_rank = $player->getRank();
 		if($player_rank->isLoaded()) {
@@ -102,7 +102,7 @@ if(!empty($errors)) {
 }
 else
 {
-	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		$player->setRank();
 		$twig->display('success.html.twig', array(
--- a/system/pages/guilds/leave.php
+++ b/system/pages/guilds/leave.php
@@ -34,7 +34,7 @@ if(empty($errors)) {
 $array_of_player_ig = array();
 if(empty($errors)) {
 	$guild_owner_name = $guild->getOwner()->getName();
-	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		if(!Validator::characterName($name)) {
 			$errors[] = 'Invalid name format.';
 		}
@@ -72,7 +72,7 @@ if(empty($errors)) {
 	}
 	else
 	{
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player_fac) {
 			$player_rank = $player_fac->getRank();
 			if($player_rank->isLoaded()) {
@@ -94,7 +94,7 @@ if(!empty($errors)) {
 }
 else
 {
-	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
+	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		$player->setRank();
 		$twig->display('success.html.twig', array(
 			'title' => 'Leave guild',
--- a/system/pages/guilds/list.php
+++ b/system/pages/guilds/list.php
@@ -14,23 +14,24 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
 $guilds_list = new OTS_Guilds_List();
-$guilds_list->orderBy("name");
+$guilds_list->orderBy('name');
 $guilds = array();
-if(count($guilds_list) > 0)
+if(count($guilds_list) > 0) {
 {
 	/**
 	 * @var OTS_Guild $guild
 	 */
 	foreach ($guilds_list as $guild) {
 		$guild_logo = $guild->getCustomField('logo_name');
-		if (empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo))
+		if (empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
-			$guild_logo = "default.gif";
+			$guild_logo = 'default.gif';
 		}
 		$description = $guild->getCustomField('description');
 		$description_with_lines = str_replace(array("\r\n", "\n", "\r"), '<br />', $description, $count);
-		if ($count < setting('core.guild_description_lines_limit'))
+		if ($count < setting('core.guild_description_lines_limit')) {
 			$description = nl2br($description);
 		}
 		$guildName = $guild->getName();
 		$guilds[] = array('name' => $guildName, 'logo' => $guild_logo, 'link' => getGuildLink($guildName, false), 'description' => $description);
@@ -39,6 +40,6 @@ if(count($guilds_list) > 0)
 $twig->display('guilds.list.html.twig', array(
 	'guilds' => $guilds,
-	'logged' => isset($logged) ? $logged : false,
+	'logged' => $logged ?? false,
 	'isAdmin' => admin(),
 ));
--- a/system/pages/guilds/manager.php
+++ b/system/pages/guilds/manager.php
@@ -21,7 +21,7 @@ if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
+		$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
 	}
 }
@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -39,22 +39,22 @@ if(empty($errors)) {
 				$level_in_guild = 3;
 			}
 		}
 		if($guild_leader) {
 			$twig->display('guilds.manager.html.twig', array(
 				'guild' => $guild,
 				'rank_list' => $rank_list
 			));
 		}
-		else
+		else {
 		{
 			$errors[] = 'You are not a leader of guild!';
 		}
 	}
-	else
+	else {
-	{
+		$errors[] = "You are not logged. You can't manage guild.";
 		$errors[] = 'You are not logged. You can\'t manage guild.';
 	}
 }
 if(!empty($errors)) {
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 }
--- a/system/pages/guilds/pass_leadership.php
+++ b/system/pages/guilds/pass_leadership.php
@@ -15,51 +15,52 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
 $pass_to = isset($_REQUEST['player']) ? stripslashes($_REQUEST['player']) : NULL;
 if(!Validator::guildName($guild_name)) {
-	$guild_errors[] = Validator::getLastError();
+	$errors[] = Validator::getLastError();
 }
-if(empty($guild_errors)) {
+if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$guild_errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
+		$errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
 	}
 }
-if(empty($guild_errors)) {
+
 if(empty($errors)) {
 	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		if(!Validator::characterName($pass_to)) {
-			$guild_errors2[] = 'Invalid player name format.';
+			$errors2[] = 'Invalid player name format.';
 		}
-		if(empty($guild_errors2)) {
+		if(empty($errors2)) {
 			$to_player = new OTS_Player();
 			$to_player->find($pass_to);
 			if(!$to_player->isLoaded()) {
-				$guild_errors2[] = 'Player with name <b>'.$pass_to.'</b> doesn\'t exist.';
+				$errors2[] = 'Player with name <b>'.$pass_to.'</b> doesn\'t exist.';
 			} else if ($to_player->isDeleted()) {
-				$guild_errors2[] = "Character with name <b>$pass_to</b> has been deleted.";
+				$errors2[] = "Character with name <b>$pass_to</b> has been deleted.";
 			}
-			if(empty($guild_errors2)) {
+			if(empty($errors2)) {
 				$to_player_rank = $to_player->getRank();
 				if($to_player_rank->isLoaded()) {
 					$to_player_guild = $to_player_rank->getGuild();
 					if($to_player_guild->getId() != $guild->getId()) {
-						$guild_errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
+						$errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
 					}
 				}
 				else {
-					$guild_errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
+					$errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
 				}
 			}
 		}
 	}
 }
-if(empty($guild_errors) && empty($guild_errors2)) {
+if(empty($errors) && empty($errors2)) {
 	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -99,23 +100,23 @@ if(empty($guild_errors) && empty($guild_errors2)) {
 			}
 		}
 		else {
-			$guild_errors[] = 'You are not a leader of guild!';
+			$errors[] = 'You are not a leader of guild!';
 		}
 	}
 	else {
-		$guild_errors[] = "You are not logged. You can't manage guild.";
+		$errors[] = "You are not logged. You can't manage guild.";
 	}
 }
-if(empty($guild_errors) && !empty($guild_errors2)) {
+if(empty($errors) && !empty($errors2)) {
-	$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
+	$twig->display('error_box.html.twig', array('errors' => $errors2));
 	echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '?guild='.$guild->getName().'&action=pass_leadership" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
 }
-if(!empty($guild_errors)) {
+if(!empty($errors)) {
-	if(!empty($guild_errors2)) {
+	if(!empty($errors2)) {
-		$guild_errors = array_merge($guild_errors, $guild_errors2);
+		$errors = array_merge($errors, $errors2);
 	}
-	$twig->display('error_box.html.twig', array('errors' => $guild_errors));
+	$twig->display('error_box.html.twig', array('errors' => $errors));
 	echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
 }
--- a/system/pages/guilds/save_ranks.php
+++ b/system/pages/guilds/save_ranks.php
@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayers();
+		$account_players = $account_logged->getPlayersList();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
@@ -61,6 +61,7 @@ if(empty($errors)) {
 				$rank->save();
 			}
 			//show errors or redirect
 			if(empty($errors)) {
 				header("Location: " . getLink('guilds') . "?action=manager&guild=".$guild->getName());
@@ -73,10 +74,10 @@ if(empty($errors)) {
 	}
 	else
 	{
-		$errors[] = 'You are not logged. You can\'t manage guild.';
+		$errors[] = "You are not logged. You can't manage guild.";
 	}
 }
 if(!empty($errors)) {
-	$twig->display('error_box.html.twig', array('errors' => $errors));
+	$twig->display('error_box.html.twig', ['errors' => $errors]);
 }
--- a/system/pages/guilds/show.php
+++ b/system/pages/guilds/show.php
@@ -16,19 +16,18 @@ $title = 'Guilds';
 require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-if(!Validator::guildName($guild_name))
+if(!Validator::guildName($guild_name)) {
 	$errors[] = Validator::getLastError();
 }
-if(empty($errors))
+if(empty($errors)) {
 {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded())
 		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 }
-if(!empty($errors))
+if(!empty($errors)) {
 {
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 	$twig->display('guilds.back_button.html.twig');
 	return;
@@ -47,9 +46,8 @@ $level_in_guild = 0;
 $players_from_account_in_guild = array();
 $players_from_account_ids = array();
-if($logged)
+if($logged) {
-{
+	$account_players = $account_logged->getPlayersList();
 	$account_players = $account_logged->getPlayers();
 	foreach($account_players as $player)
 	{
 		$players_from_account_ids[] = $player->getId();
--- a/system/pages/highscores.php
+++ b/system/pages/highscores.php
@@ -18,8 +18,11 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Highscores';
 $settingHighscoresCountryBox = setting('core.highscores_country_box');
-if(config('account_country') && $settingHighscoresCountryBox)
+if(config('account_country') && $settingHighscoresCountryBox) {
 	require SYSTEM . 'countries.conf.php';
 }
 $highscoresTTL = setting('core.highscores_cache_ttl');
 $list = urldecode($_GET['list'] ?? 'experience');
 $page = $_GET['page'] ?? 1;
@@ -140,7 +143,7 @@ $needReCache = true;
 $cacheKey = 'highscores_' . $skill . '_' . $vocation . '_' . $page . '_' . $configHighscoresPerPage;
 $cache = Cache::getInstance();
-if ($cache->enabled()) {
+if ($cache->enabled() && $highscoresTTL > 0) {
 	$tmp = '';
 	if ($cache->fetch($cacheKey, $tmp)) {
 		$highscores = unserialize($tmp);
@@ -214,8 +217,8 @@ if (empty($highscores)) {
 	})->toArray();
 }
-if ($cache->enabled() && $needReCache) {
+if ($highscoresTTL > 0 && $cache->enabled() && $needReCache) {
-	$cache->set($cacheKey, serialize($highscores), setting('core.highscores_cache_ttl') * 60);
+	$cache->set($cacheKey, serialize($highscores), $highscoresTTL * 60);
 }
 $show_link_to_next_page = false;
@@ -278,6 +281,10 @@ if(setting('core.highscores_frags')) {
 if(setting('core.highscores_balance'))
 	$types['balance'] = 'Balance';
 if ($highscoresTTL > 0 && $cache->enabled()) {
 	echo '<small>*Note: Highscores are updated every' . ($highscoresTTL > 1 ? ' ' . $highscoresTTL : '') . ' minute' . ($highscoresTTL > 1 ? 's' : '') . '.</small><br/><br/>';
 }
 /** @var Twig\Environment $twig */
 $twig->display('highscores.html.twig', [
 	'highscores' => $highscores,
--- a/system/pages/monsters.php
+++ b/system/pages/monsters.php
@@ -16,19 +16,23 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Monsters';
 if (empty($_REQUEST['name'])) {
 	// display list of monsters
 	$preview = setting('core.monsters_images_preview');
 	// display list of monsters
 	$monsters = MyAAC\Cache::remember('monsters', 30 * 60, function () use ($preview) {
 		$monsters = Monster::where('hide', '!=', 1)->when(!empty($_REQUEST['boss']), function ($query) {
 			$query->where('rewardboss', 1);
 		})->get()->toArray();
 		if ($preview) {
-		foreach($monsters as $key => &$monster)
+			foreach($monsters as &$monster) {
-		{
+				$monster['img_link'] = getMonsterImage($monster);
 			$monster['img_link'] = getMonsterImgPath($monster['name']);
 			}
 		}
 		return $monsters;
 	});
 	$twig->display('monsters.html.twig', array(
 		'monsters' => $monsters,
 		'preview' => $preview
@@ -45,7 +49,7 @@ if ($monsterModel && isset($monsterModel->name)) {
 	/** @var array $monster */
 	$monster = $monsterModel->toArray();
-	function sort_by_chance($a, $b)
+	function sort_by_chance($a, $b): int
 	{
 		if ($a['chance'] == $b['chance']) {
 			return 0;
@@ -55,7 +59,7 @@ if ($monsterModel && isset($monsterModel->name)) {
 	$title = $monster['name'] . " - Monsters";
-	$monster['img_link']= getMonsterImgPath($monster_name);
+	$monster['img_link']= getMonsterImage($monster);
 	$voices = json_decode($monster['voices'], true);
 	$summons = json_decode($monster['summons'], true);
@@ -89,3 +93,39 @@ if ($monsterModel && isset($monsterModel->name)) {
 // back button
 $twig->display('monsters.back_button.html.twig');
 function getMonsterImage($monster): string
 {
 	$outfit = json_decode($monster['look'], true);
 	if (!empty($outfit['typeEx'])) {
 		return setting('core.item_images_url') . $outfit['typeEx'] . setting('core.item_images_extension');
 	}
 	if (isset($outfit['type'])) {
 		$getValue = function ($val) use ($outfit) {
 			return (!empty($outfit[$val])
 				? '&' . $val . '=' . $outfit[$val] : '');
 		};
 		return setting('core.outfit_images_url') . '?id=' . $outfit['type'] . $getValue('addons') . $getValue('head') . $getValue('body') . $getValue('legs') . $getValue('feet');
 	}
 	return getMonsterImgPath($monster['name']);
 }
 function getMonsterImgPath($name): string
 {
 	$monster_path = setting('core.monsters_images_url');
 	$monster_gfx_name = trim(strtolower($name)) . setting('core.monsters_images_extension');
 	if (!file_exists($monster_path . $monster_gfx_name)) {
 		$monster_gfx_name = str_replace(" ", "", $monster_gfx_name);
 		if (file_exists($monster_path . $monster_gfx_name)) {
 			return $monster_path . $monster_gfx_name;
 		} else {
 			return $monster_path . 'nophoto.png';
 		}
 	} else {
 		return $monster_path . $monster_gfx_name;
 	}
 }
--- a/system/pages/ots-info.php
+++ b/system/pages/ots-info.php
@@ -0,0 +1,110 @@
 <?php
 /**
 * Server info
 *
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @author    whiteblXK
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Server info';
 if(isset($config['lua']['experience_stages']))
    $config['lua']['experienceStages'] = $config['lua']['experience_stages'];
 if(isset($config['lua']['min_pvp_level']))
    $config['lua']['protectionLevel'] = $config['lua']['min_pvp_level'];
 $rent = trim(strtolower($config['lua']['houseRentPeriod']));
 if($rent != 'yearly' && $rent != 'monthly' && $rent != 'weekly' && $rent != 'daily')
    $rent = 'never';
 if(isset($config['lua']['houseCleanOld']))
    $cleanOld = (int)(eval('return ' . $config['lua']['houseCleanOld'] . ';') / (24 * 60 * 60));
 if(isset($config['lua']['rate_exp']))
    $config['lua']['rateExp'] = $config['lua']['rate_exp'];
 if(isset($config['lua']['rateExperience']))
    $config['lua']['rateExp'] = $config['lua']['rateExperience'];
 if(isset($config['lua']['rate_mag']))
    $config['lua']['rateMagic'] = $config['lua']['rate_mag'];
 if(isset($config['lua']['rate_skill']))
    $config['lua']['rateSkill'] = $config['lua']['rate_skill'];
 if(isset($config['lua']['rate_loot']))
    $config['lua']['rateLoot'] = $config['lua']['rate_loot'];
 if(isset($config['lua']['rate_spawn']))
    $config['lua']['rateSpawn'] = $config['lua']['rate_spawn'];
 $house_level = NULL;
 if(isset($config['lua']['levelToBuyHouse']))
    $house_level = $config['lua']['levelToBuyHouse'];
 else if(isset($config['lua']['house_level']))
    $house_level = $config['lua']['house_level'];
 if(isset($config['lua']['in_fight_duration']))
    $config['lua']['pzLocked'] = $config['lua']['in_fight_duration'];
 $pzLocked = eval('return ' . $config['lua']['pzLocked'] . ';');
 $whiteSkullTime = isset($config['lua']['whiteSkullTime']) ? $config['lua']['whiteSkullTime'] : NULL;
 if(!isset($whiteSkullTime) && isset($config['lua']['unjust_skull_duration']))
    $whiteSkullTime = $config['lua']['unjust_skull_duration'];
 if(isset($whiteSkullTime))
    $whiteSkullTime = eval('return ' . $whiteSkullTime . ';');
 $redSkullLength = isset($config['lua']['redSkullLength']) ? $config['lua']['redSkullLength'] : NULL;
 if(!isset($redSkullLength) && isset($config['lua']['red_skull_duration']))
    $redSkullLength = $config['lua']['red_skull_duration'];
 if(isset($redSkullLength))
    $redSkullLength = eval('return ' . $redSkullLength . ';');
 $blackSkull = false;
 $blackSkullLength = NULL;
 if(isset($config['lua']['useBlackSkull']) && getBoolean($config['lua']['useBlackSkull']))
 {
    $blackSkullLength = $config['lua']['blackSkullLength'];
    $blackSkull = true;
 }
 else if(isset($config['lua']['black_skull_duration'])) {
    $blackSkullLength = eval('return ' . $config['lua']['blackSkullLength'] . ';');
    $blackSkull = true;
 }
 $clientVersion = NULL;
 if(isset($status['online']))
    $clientVersion = isset($status['clientVersion']) ? $status['clientVersion'] : null;
 $twig->display('serverinfo.html.twig', array(
    'experienceStages' => isset($config['lua']['experienceStages']) && getBoolean($config['lua']['experienceStages']) ? $config['lua']['experienceStages'] : null,
    'serverIp' => str_replace('/', '', str_replace('http://', '', $config['lua']['url'])),
    'clientVersion' => $clientVersion,
    'globalSaveHour' => isset($config['lua']['globalSaveEnabled']) && getBoolean($config['lua']['globalSaveEnabled']) ? $config['lua']['globalSaveHour'] : null,
    'protectionLevel' => $config['lua']['protectionLevel'],
    'houseRent' => $rent == 'never' ? 'disabled' : $rent,
    'houseOld' => isset($cleanOld) ? $cleanOld : null,
    'rateExp' => $config['lua']['rateExp'],
    'rateExpFromPlayers' => isset($config['lua']['rateExperienceFromPlayers']) ? $config['lua']['rateExperienceFromPlayers'] : null,
    'rateMagic' => $config['lua']['rateMagic'],
    'rateSkill' => $config['lua']['rateSkill'],
    'rateLoot' => $config['lua']['rateLoot'],
    'rateSpawn' => $config['lua']['rateSpawn'],
    'houseLevel' => $house_level,
    'pzLocked' => $pzLocked,
    'whiteSkullTime' => $whiteSkullTime,
    'redSkullLength' => $redSkullLength,
    'blackSkull' => $blackSkull,
    'blackSkullLength' => $blackSkullLength,
    'dailyFragsToRedSkull' => isset($config['lua']['dailyFragsToRedSkull']) ? $config['lua']['dailyFragsToRedSkull'] : (isset($config['lua']['kills_per_day_red_skull']) ? $config['lua']['kills_per_day_red_skull'] : null),
    'weeklyFragsToRedSkull' => isset($config['lua']['weeklyFragsToRedSkull']) ? $config['lua']['weeklyFragsToRedSkull'] : (isset($config['lua']['kills_per_week_red_skull']) ? $config['lua']['kills_per_week_red_skull'] : null),
    'monthlyFragsToRedSkull' => isset($config['lua']['monthlyFragsToRedSkull']) ? $config['lua']['monthlyFragsToRedSkull'] : (isset($config['lua']['kills_per_month_red_skull']) ? $config['lua']['kills_per_month_red_skull'] : null),
    'dailyFragsToBlackSkull' => isset($config['lua']['dailyFragsToBlackSkull']) ? $config['lua']['dailyFragsToBlackSkull'] : (isset($config['lua']['kills_per_day_black_skull']) ? $config['lua']['kills_per_day_black_skull'] : null),
    'weeklyFragsToBlackSkull' => isset($config['lua']['weeklyFragsToBlackSkull']) ? $config['lua']['weeklyFragsToBlackSkull'] : (isset($config['lua']['kills_per_week_black_skull']) ? $config['lua']['kills_per_week_black_skull'] : null),
    'monthlyFragsToBlackSkull' => isset($config['lua']['monthlyFragsToBlackSkull']) ? $config['lua']['monthlyFragsToBlackSkull'] : (isset($config['lua']['kills_per_month_black_skull']) ? $config['lua']['kills_per_month_black_skull'] : null),
    'banishmentLength' => isset($config['lua']['banishment_length']) ? eval('return (' . $config['lua']['banishment_length'] . ') / (24 * 60 * 60);') : null,
    'finalBanishmentLength' => isset($config['lua']['final_banishment_length']) ? eval('return (' . $config['lua']['final_banishment_length'] . ') / (24 * 60 * 60);') : null,
    'ipBanishmentLength' => isset($config['lua']['ip_banishment_length']) ? eval('return (' . $config['lua']['ip_banishment_length'] . ') / (24 * 60 * 60);') : null,
 ));
--- a/system/pages/rules.php
+++ b/system/pages/rules.php
@@ -1,14 +0,0 @@
 <?php
 /**
 * Rules
 *
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Server Rules';
 $twig->display('rules.html.twig');
--- a/system/pages/server-info.php
+++ b/system/pages/server-info.php
@@ -1,110 +1,3 @@
 <?php
 /**
 * Server info
 *
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @author    whiteblXK
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Server info';
-if(isset($config['lua']['experience_stages']))
+require 'ots-info.php';
    $config['lua']['experienceStages'] = $config['lua']['experience_stages'];
 if(isset($config['lua']['min_pvp_level']))
    $config['lua']['protectionLevel'] = $config['lua']['min_pvp_level'];
 $rent = trim(strtolower($config['lua']['houseRentPeriod']));
 if($rent != 'yearly' && $rent != 'monthly' && $rent != 'weekly' && $rent != 'daily')
    $rent = 'never';
 if(isset($config['lua']['houseCleanOld']))
    $cleanOld = (int)(eval('return ' . $config['lua']['houseCleanOld'] . ';') / (24 * 60 * 60));
 if(isset($config['lua']['rate_exp']))
    $config['lua']['rateExp'] = $config['lua']['rate_exp'];
 if(isset($config['lua']['rateExperience']))
    $config['lua']['rateExp'] = $config['lua']['rateExperience'];
 if(isset($config['lua']['rate_mag']))
    $config['lua']['rateMagic'] = $config['lua']['rate_mag'];
 if(isset($config['lua']['rate_skill']))
    $config['lua']['rateSkill'] = $config['lua']['rate_skill'];
 if(isset($config['lua']['rate_loot']))
    $config['lua']['rateLoot'] = $config['lua']['rate_loot'];
 if(isset($config['lua']['rate_spawn']))
    $config['lua']['rateSpawn'] = $config['lua']['rate_spawn'];
 $house_level = NULL;
 if(isset($config['lua']['levelToBuyHouse']))
    $house_level = $config['lua']['levelToBuyHouse'];
 else if(isset($config['lua']['house_level']))
    $house_level = $config['lua']['house_level'];
 if(isset($config['lua']['in_fight_duration']))
    $config['lua']['pzLocked'] = $config['lua']['in_fight_duration'];
 $pzLocked = eval('return ' . $config['lua']['pzLocked'] . ';');
 $whiteSkullTime = isset($config['lua']['whiteSkullTime']) ? $config['lua']['whiteSkullTime'] : NULL;
 if(!isset($whiteSkullTime) && isset($config['lua']['unjust_skull_duration']))
    $whiteSkullTime = $config['lua']['unjust_skull_duration'];
 if(isset($whiteSkullTime))
    $whiteSkullTime = eval('return ' . $whiteSkullTime . ';');
 $redSkullLength = isset($config['lua']['redSkullLength']) ? $config['lua']['redSkullLength'] : NULL;
 if(!isset($redSkullLength) && isset($config['lua']['red_skull_duration']))
    $redSkullLength = $config['lua']['red_skull_duration'];
 if(isset($redSkullLength))
    $redSkullLength = eval('return ' . $redSkullLength . ';');
 $blackSkull = false;
 $blackSkullLength = NULL;
 if(isset($config['lua']['useBlackSkull']) && getBoolean($config['lua']['useBlackSkull']))
 {
    $blackSkullLength = $config['lua']['blackSkullLength'];
    $blackSkull = true;
 }
 else if(isset($config['lua']['black_skull_duration'])) {
    $blackSkullLength = eval('return ' . $config['lua']['blackSkullLength'] . ';');
    $blackSkull = true;
 }
 $clientVersion = NULL;
 if(isset($status['online']))
    $clientVersion = isset($status['clientVersion']) ? $status['clientVersion'] : null;
 $twig->display('serverinfo.html.twig', array(
    'experienceStages' => isset($config['lua']['experienceStages']) && getBoolean($config['lua']['experienceStages']) ? $config['lua']['experienceStages'] : null,
    'serverIp' => str_replace('/', '', str_replace('http://', '', $config['lua']['url'])),
    'clientVersion' => $clientVersion,
    'globalSaveHour' => isset($config['lua']['globalSaveEnabled']) && getBoolean($config['lua']['globalSaveEnabled']) ? $config['lua']['globalSaveHour'] : null,
    'protectionLevel' => $config['lua']['protectionLevel'],
    'houseRent' => $rent == 'never' ? 'disabled' : $rent,
    'houseOld' => isset($cleanOld) ? $cleanOld : null,
    'rateExp' => $config['lua']['rateExp'],
    'rateExpFromPlayers' => isset($config['lua']['rateExperienceFromPlayers']) ? $config['lua']['rateExperienceFromPlayers'] : null,
    'rateMagic' => $config['lua']['rateMagic'],
    'rateSkill' => $config['lua']['rateSkill'],
    'rateLoot' => $config['lua']['rateLoot'],
    'rateSpawn' => $config['lua']['rateSpawn'],
    'houseLevel' => $house_level,
    'pzLocked' => $pzLocked,
    'whiteSkullTime' => $whiteSkullTime,
    'redSkullLength' => $redSkullLength,
    'blackSkull' => $blackSkull,
    'blackSkullLength' => $blackSkullLength,
    'dailyFragsToRedSkull' => isset($config['lua']['dailyFragsToRedSkull']) ? $config['lua']['dailyFragsToRedSkull'] : (isset($config['lua']['kills_per_day_red_skull']) ? $config['lua']['kills_per_day_red_skull'] : null),
    'weeklyFragsToRedSkull' => isset($config['lua']['weeklyFragsToRedSkull']) ? $config['lua']['weeklyFragsToRedSkull'] : (isset($config['lua']['kills_per_week_red_skull']) ? $config['lua']['kills_per_week_red_skull'] : null),
    'monthlyFragsToRedSkull' => isset($config['lua']['monthlyFragsToRedSkull']) ? $config['lua']['monthlyFragsToRedSkull'] : (isset($config['lua']['kills_per_month_red_skull']) ? $config['lua']['kills_per_month_red_skull'] : null),
    'dailyFragsToBlackSkull' => isset($config['lua']['dailyFragsToBlackSkull']) ? $config['lua']['dailyFragsToBlackSkull'] : (isset($config['lua']['kills_per_day_black_skull']) ? $config['lua']['kills_per_day_black_skull'] : null),
    'weeklyFragsToBlackSkull' => isset($config['lua']['weeklyFragsToBlackSkull']) ? $config['lua']['weeklyFragsToBlackSkull'] : (isset($config['lua']['kills_per_week_black_skull']) ? $config['lua']['kills_per_week_black_skull'] : null),
    'monthlyFragsToBlackSkull' => isset($config['lua']['monthlyFragsToBlackSkull']) ? $config['lua']['monthlyFragsToBlackSkull'] : (isset($config['lua']['kills_per_month_black_skull']) ? $config['lua']['kills_per_month_black_skull'] : null),
    'banishmentLength' => isset($config['lua']['banishment_length']) ? eval('return (' . $config['lua']['banishment_length'] . ') / (24 * 60 * 60);') : null,
    'finalBanishmentLength' => isset($config['lua']['final_banishment_length']) ? eval('return (' . $config['lua']['final_banishment_length'] . ') / (24 * 60 * 60);') : null,
    'ipBanishmentLength' => isset($config['lua']['ip_banishment_length']) ? eval('return (' . $config['lua']['ip_banishment_length'] . ') / (24 * 60 * 60);') : null,
 ));
--- a/system/router.php
+++ b/system/router.php
@@ -129,14 +129,14 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 		return ($a[3] < $b[3]) ? -1 : 1;
 	});
 	// remove duplicates
 	// if same route pattern, but different priority
 	$routesFinal = array_filter($routesFinal, function ($a) {
 	$aliases = [
 		[':int', ':string', ':alphanum'],
 		[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
 	];
 	// remove duplicates
 	// if same route pattern, but different priority
 	$routesFinal = array_filter($routesFinal, function ($a) use ($aliases) {
 		// apply aliases
 		$a[1] = str_replace($aliases[0], $aliases[1], $a[1]);
@@ -171,16 +171,16 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 			$route[0] = array_map($toUpperCase, $route[0]);
 		}
 		$aliases = [
 			[':int', ':string', ':alphanum'],
 			[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
 		];
 		// apply aliases
 		$route[1] = str_replace($aliases[0], $aliases[1], $route[1]);
 		try {
 			$r->addRoute($route[0], $route[1], $route[2]);
 		}
 		catch (\Exception $e) {
 			// duplicated route, just ignore
 		}
 	}
 	if (config('env') === 'dev') {
 		foreach(Plugins::getWarnings() as $warning) {
@@ -252,7 +252,7 @@ else {
 				$success = false;
 				$tmp_content = getCustomPage($pageName, $success);
-				if ($success) {
+				if ($success && $hooks->trigger(HOOK_BEFORE_PAGE_CUSTOM)) {
 					$content .= $tmp_content;
 					if (hasFlag(FLAG_CONTENT_PAGES) || superAdmin()) {
 						$pageInfo = getCustomPageInfo($pageName);
@@ -260,6 +260,8 @@ else {
 							) . $content;
 					}
 					$hooks->trigger(HOOK_AFTER_PAGE_CUSTOM);
 					$page = $pageName;
 					$file = false;
 				}
@@ -317,6 +319,11 @@ $content .= ob_get_contents();
 ob_end_clean();
 $hooks->trigger(HOOK_AFTER_PAGE);
 if (isset($_REQUEST['_page_only'])) {
 	echo $content;
 	die;
 }
 if(!isset($title)) {
 	$title = str_replace('index.php/', '', $page);
 	$title = ucfirst($title);
--- a/system/routes.php
+++ b/system/routes.php
@@ -22,11 +22,11 @@ return [
 	['GET', 'account/confirm-email/{hash:alphanum}', 'account/confirm-email.php'],
 	['GET', 'bans/{page:int}', 'bans.php'],
-	[['GET', 'POST'], 'characters[/{name:string}]', 'characters.php'],
+	[['GET', 'POST'], 'characters/{name:[A-Za-z0-9-_%+\' \[\]]+}', 'characters.php'],
-	['GET', 'changelog[/{page:int}]', 'changelog.php'],
+	['GET', 'changelog/{page:int}', 'changelog.php'],
-	[['GET', 'POST'], 'monsters[/{name:string}]', 'monsters.php'],
+	[['GET', 'POST'], 'monsters/{name:string}', 'monsters.php'],
-	[['GET', 'POST'], 'faq[/{action:string}]', 'faq.php'],
+	[['GET', 'POST'], 'faq/{action:string}', 'faq.php'],
 	[['GET', 'POST'], 'forum/{action:string}', 'forum.php'],
 	['GET', 'forum/board/{id:int}', 'forum/show_board.php'],
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
slawkens	524e982a0e	Release v1.6.1	2025-06-11 05:51:39 +02:00
slawkens	fffb427eae	Update account.generate_recovery_key.html.twig	2025-06-09 21:18:45 +02:00
slawkens	10cd71a663	Add missing csrf() into account manage actions	2025-06-09 21:18:42 +02:00
slawkens	0812fe025d	Update settings_save.php	2025-06-09 21:14:44 +02:00
slawkens	309c1fb715	Remove deprecated TinyMCE plugin - template	2025-06-09 14:24:36 +02:00
slawkens	8d29fdb98b	Set TinyMCE license key to gpl (Avoid warning message in browser console)	2025-06-09 14:24:22 +02:00
slawkens	f782850307	Move counter & visitors code before router In case someone wants to include that info on page	2025-06-06 22:10:13 +02:00
slawkens	835dda9659	Remove duplicated code - account redirect, already in account/manage	2025-06-05 19:08:53 +02:00
slawkens	dcc703b1eb	Remove optional param, make it required for few routes	2025-06-05 18:11:44 +02:00
slawkens	9d8e9d27bd	Ignore duplicated route exception	2025-06-05 18:11:31 +02:00
slawkens	db09980de1	Start v1.6.1-dev	2025-06-03 22:57:33 +02:00
slawkens	2dba778167	Update example.json	2025-06-03 18:38:02 +02:00
slawkens	ce2af2bb7a	Update CHANGELOG-1.x.md	2025-06-03 17:33:17 +02:00
slawkens	dc839abfbb	Release v1.6	2025-06-03 16:59:55 +02:00
slawkens	01d49692ed	Update CHANGELOG-1.x.md	2025-06-03 16:59:20 +02:00
slawkens	de6603a513	Allow [] in character name (again), example: [God] Test	2025-06-03 16:49:45 +02:00
slawkens	dd731fd49b	Revert previous commit partially	2025-06-03 16:43:43 +02:00
slawkens	064b929841	Allow [] in character name (for :string)	2025-06-03 16:39:02 +02:00
slawkens	c61747dc75	Update coins.html.twig	2025-06-03 10:17:08 +02:00
slawkens	207d6bc691	feat: AutoLoad plugins init.php, by default disabled	2025-06-03 08:52:33 +02:00
slawkens	8fdea94376	Add globals into $hooks->executeFIlter	2025-06-03 08:39:48 +02:00
slawkens	c961a1ebf8	Two new hooks for pages loaded from database (custom pages) HOOK_BEFORE_PAGE_CUSTOM, HOOK_AFTER_PAGE_CUSTOM	2025-06-03 06:21:44 +02:00
slawkens	770ffcfc52	Fix warnings in CLI (part 2)	2025-05-29 16:10:46 +02:00
slawkens	756d94bb3e	Fix warning from CLI	2025-05-29 16:08:23 +02:00
slawkens	6e0f591383	Do not allow access to tools/ folder after install	2025-05-29 12:22:16 +02:00
slawkens	fb91281140	Fix phpstan workflow	2025-05-29 09:35:20 +02:00
slawkens	d8a6090be3	Add new setting/configurable: site_url, prevents domain spoofing	2025-05-29 09:27:29 +02:00
slawkens	52109f5cca	Another solution	2025-05-28 14:13:04 +02:00
slawkens	4b7b121550	Try fix workflow	2025-05-28 14:08:50 +02:00
slawkens	28886551e8	feat: Add new account coins setting	2025-05-28 13:33:36 +02:00
slawkens	7d435ff643	Add getNPCsCount	2025-05-24 11:54:00 +02:00
slawkens	ae847ff9a6	Nothing important: tabs	2025-05-24 11:51:06 +02:00
slawkens	45ef390829	Nothing important	2025-05-24 11:42:59 +02:00
slawkens	84d502bf10	Fixes regarding csrf + refactor some parts of AAC (guilds + forum) Replace $account_logged->getPlayers() with getPlayersList() $_REQUEST['todo'] -> $_REQUEST['post'] $guild_errors -> $errors	2025-05-24 11:42:42 +02:00
slawkens	e776bd52be	Forum boards admin links: csrf + refactor	2025-05-24 11:28:56 +02:00
slawkens	6e793390c6	Remove unneeded enctype="multipart/form-data"	2025-05-24 11:20:36 +02:00
slawkens	6eda38603c	Protect against csrf in more places (accounts & guilds pages)	2025-05-24 09:52:56 +02:00
slawkens	72cdd290da	Fix link to Contributing	2025-05-23 17:38:14 +02:00
slawkens	40d65a6613	OTS_ServerInfo -> set timeout out of class Possibility to use the class without MyAAC	2025-05-23 16:11:57 +02:00
slawkens	43153b2b0c	Nothing important: tabs	2025-05-23 16:08:02 +02:00
slawkens	2ea549002a	Nothing important: tabs	2025-05-23 15:58:23 +02:00
slawkens	4a30fb495d	Fix CHANGELOG-1.x.md loading	2025-05-23 09:13:20 +02:00
slawkens	4d8f5f31ae	Update Plugins.php	2025-05-23 09:04:48 +02:00
slawkens	be7b27c31a	Fix links not working in admin dashboard modules	2025-05-23 09:04:45 +02:00
slawkens	7d213f479a	feat: autoload install.php	2025-05-23 08:50:38 +02:00
slawkens	e574943707	feat: autoload settings.php	2025-05-23 08:39:09 +02:00
slawkens	1e9b10d648	Fix twig variables: logged + account_logged being not set directly after login	2025-05-15 19:11:20 +02:00
slawkens	7c92d1c197	Start v1.5.1-dev	2025-05-14 15:11:20 +02:00
slawkens	3111d66df9	Fix install, where $twig is not present in tools	2025-05-14 14:09:28 +02:00
slawkens	e45dd88a93	Release v1.5	2025-05-14 14:03:03 +02:00
slawkens	5ed1aec28e	Add db variable to twig	2025-05-14 13:37:23 +02:00
slawkens	7e4d28c648	Fix more php 8.4 warnings	2025-05-14 13:23:34 +02:00
slawkens	3b2669fb3b	Update tables.headline.html.twig	2025-05-14 13:23:25 +02:00
slawkens	6fe3bff163	Update 45.php	2025-05-14 10:56:12 +02:00
slawkens	ae5be41e11	Separate migration 44 with 45	2025-05-14 10:52:06 +02:00
slawkens	83a6f4b61d	Add php 8.4 to phpstan	2025-05-14 10:42:18 +02:00
slawkens	ee360386d8	Addition to previous commit	2025-05-14 10:39:11 +02:00
slawkens	bf06bed385	Update schema.sql	2025-05-14 10:22:42 +02:00
slawkens	3949d84e5d	Rename server-info -> ots-info, changelog -> change-log + move rules to admin panel Due to conflict with apache2 server-info mod	2025-05-14 10:22:25 +02:00
slawkens	a161cff003	Add note about highscores being updated x minutes + allow ttl 0 to disable	2025-05-14 10:00:27 +02:00
slawkens	3befde2a1e	Do not return -1 in case of freePremium, makes things harder	2025-05-14 09:18:55 +02:00
slawkens	5367df2381	Add latest client versions (14.00 - 15.01)	2025-05-13 16:29:40 +02:00
slawkens	c48b800631	Fix login.php boosted creature & boss (not sure exact version, but should be 14.12 or around) Thanks @opentibiabr team	2025-05-13 16:29:19 +02:00
slawkens	ef6549c17c	nothing important: tabs & spaces	2025-05-13 15:20:25 +02:00
slawkens	629fd18ea1	Update cypress version to ^14.3.3	2025-05-12 17:36:50 +02:00
slawkens	da15105118	Fix typo, @gpedro I hate you! :PPP	2025-05-12 17:36:34 +02:00
slawkens	4ca58b4178	Fix PHP 8.4 deprecation warnings "Implicitly marking parameter $var as nullable is deprecated, the explicit nullable type must be used instead"	2025-05-09 13:45:46 +02:00
slawkens	03e2752139	Use optionally separate folder for views (thanks @Scrollog for idea)	2025-05-09 13:38:48 +02:00
slawkens	2fece725a4	Improve cypress workflow: add php 8.4 + ignore upload warnings	2025-05-09 13:23:04 +02:00
slawkens	c24c580796	Fix installMenus when theme/template was removed from disc	2025-05-09 13:09:44 +02:00
slawkens	620a47da72	Update Hooks.php	2025-05-08 20:05:27 +02:00
slawkens	9b75011224	New filter: HOOK_FILTER_ROUTES	2025-05-08 20:05:18 +02:00
slawkens	5b4b7b8a97	triggerFilter -> pass by reference (faster x5)	2025-05-08 20:05:08 +02:00
Slawomir Boczek	99997eb57d	Feature/twig hooks filters (#258 ) * feat: Hooks filters * Cleanup	2025-05-08 20:04:54 +02:00
slawkens	73a5829974	Better monster images (no image not found anymore) + use cache	2025-05-05 21:21:54 +02:00
slawkens	497338c2d6	Update robots.txt	2025-05-04 17:20:23 +02:00
slawkens	beb348fe27	testing something	2025-05-04 17:20:12 +02:00
slawkens	5b1bd4f005	Update robots.txt	2025-05-04 17:00:22 +02:00
slawkens	f09606d01b	Just testing something	2025-05-04 16:54:49 +02:00
slawkens	67ab425bb9	Add float & double types to the Settings	2025-05-04 09:14:30 +02:00
slawkens	113473f256	Add optional param _page_only for single-page apps etc.	2025-05-03 22:04:08 +02:00
slawkens	d6ac4e8d85	Update index.php	2025-05-03 21:04:13 +02:00
Slawomir Boczek	6845869838	Hoping for a better appear in search engines..	2025-04-27 17:50:57 +02:00
slawkens	0fbd4bf1be	nginx: block additionally *.sql	2025-04-24 13:44:38 +02:00
slawkens	1e45d5c393	Optimize .htaccess FilesMatch: Block access to *.md/json/dist/sql	2025-04-24 13:43:50 +02:00
slawkens	dbea69f314	Fix if user removes the menu category	2025-04-23 20:41:50 +02:00
slawkens	4e6aa0f262	Fix boostedCreature fetch on login.php	2025-04-23 18:05:14 +02:00
slawkens	fa1f927082	Update login.php	2025-04-23 18:04:54 +02:00
slawkens	de0512f11a	Start v1.4.1-dev	2025-04-22 15:57:23 +02:00
 ,
 ,
 ,
+,
+,
+,
+,
+,
+,
+,
 ];