[WIP] Use array with index instead of switch

CHANGELOG-1.x.md

@@ -1,39 +1,5 @@
 # Changelog
 
-## [1.6.1 - 11.06.2025]
-
-### Fixed
-* Fixed "Request has been cancelled due to security reasons", cause of missing csrf() in twig files (https://github.com/slawkens/myaac/commit/10cd71a6630ffec91b43a26a6d685b66c5836a6a)
-* Fix: Ignore duplicated route exception (https://github.com/slawkens/myaac/commit/9d8e9d27bd87167d8d4005942a6af62bfe4c0892)
-
-### Changed
-* Move counter & visitors code before router (In case someone wants to include that info on page) (https://github.com/slawkens/myaac/commit/f78285030708ad3c74ab048711f73bbf3ee5281e)
-* Set TinyMCE license key to gpl (Avoid warning message in browser console) (https://github.com/slawkens/myaac/commit/8d29fdb98b92dbc3d2853ef88a185c67036b4a77)
-
-### Removed
-* Remove deprecated TinyMCE plugin - template (https://github.com/slawkens/myaac/commit/309c1fb715b882e67cb673b1544a03befbf64a22)
-
-## [1.6 - 03.06.2025]
-
-### Added
-* Add new setting/configurable: site_url, prevents domain spoofing (https://github.com/slawkens/myaac/commit/d8a6090be382c35c19117cfef964b594ed02b8d4)
-* Add new account coins setting (https://github.com/slawkens/myaac/commit/28886551e86fe562172c4c7f2afb89a2e7672c2e)
-* autoload: settings/install/init.php (https://github.com/slawkens/myaac/commit/e5749437074c3b3556628a2aeb5bad2edf97bde0, https://github.com/slawkens/myaac/commit/7d213f479a7e40c6254069b5fc4e578dc32bf8d9, https://github.com/slawkens/myaac/commit/207d6bc69120aba1af2b51808f17e0059b571fed)
-* Protect against csrf in more places (accounts & guilds & forums pages) (https://github.com/slawkens/myaac/commit/6eda38603c8ed7e99b92a78a4600b1245377f74d, https://github.com/slawkens/myaac/commit/e776bd52beb3064a9e694efd1b9021ec972ee2f6, https://github.com/slawkens/myaac/commit/84d502bf105f2a789481fba1acc820d236b4de66)
-* Added two new hooks for pages loaded from database (custom pages): HOOK_BEFORE_PAGE_CUSTOM, HOOK_AFTER_PAGE_CUSTOM (https://github.com/slawkens/myaac/commit/c961a1ebf837f2ab1734a825ff2c57b4937610c9)
-* Add global variables into $hooks->executeFilter (https://github.com/slawkens/myaac/commit/8fdea943768b20193eede99d60313ee84511a0be)
-* Add getNPCsCount() to OTS_InfoRespond (https://github.com/slawkens/myaac/commit/7d435ff6433ef1fb2295ee79ed043ee10dc725e9)
-
-### Fixed
-* Allow [] in character name (https://github.com/slawkens/myaac/commit/de6603a51347b9e656c58637ed9971fffdd7cedd)
-* Do not allow access to tools/ folder after install (https://github.com/slawkens/myaac/commit/6e0f5913831f8dba69fd2d1505be3e2a303c6324)
-* Fix CHANGELOG-1.x.md loading in admin panel (https://github.com/slawkens/myaac/commit/4a30fb495dbfbe1d434e8d52419eaf44fe517aee)
-* Fix links not working in admin dashboard modules (https://github.com/slawkens/myaac/commit/be7b27c31aa3bbd6c0289c34d1e61139a3fe015c)
-* Fix twig variables: logged + account_logged being not set directly after login (https://github.com/slawkens/myaac/commit/1e9b10d6489c488cadf7f6ed17b42f1ea6c767a8)
-
-### Changed
-* OTS_ServerInfo -> move setTimeout out of class - Possibility to use the class without MyAAC (https://github.com/slawkens/myaac/commit/40d65a6613149fda51bdceb82c807e5301a3388b)
-
 ## [1.5 - 14.05.2025]
 
 ### Added

README.md

@@ -80,7 +80,7 @@ Pull requests should be made to the *develop* branch as that is the working bran
 
 Bug fixes to current release should be done to master branch.
 
-Look: [Contributing](https://docs.my-aac.org/misc/contributing) in our wiki.
+Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our wiki.
 
 ### Other Notes
 
@@ -95,4 +95,4 @@ Many thanks to Jetbrains for kindly providing a license for me to work on this a
 ### License
 
 This program and all associated files are released under the GNU Public License.  
-See [LICENSE](https://github.com/slawkens/myaac/blob/main/LICENSE) for details.
+See [LICENSE](https://github.com/slawkens/myaac/blob/master/LICENSE) for details.

admin/pages/clmd.php

@@ -11,12 +11,12 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'MyAAC Changelog';
 
-if (!file_exists(BASE . 'CHANGELOG-1.x.md')) {
+if (!file_exists(BASE . 'CHANGELOG.md')) {
 	echo 'File CHANGELOG.md doesn\'t exist.';
 	return;
 }
 
-$changelog = file_get_contents(BASE . 'CHANGELOG-1.x.md');
+$changelog = file_get_contents(BASE . 'CHANGELOG.md');
 
 $Parsedown = new Parsedown();
 

admin/pages/modules/balance.php

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $balance = 0;
 
 if ($db->hasColumn('players', 'balance')) {
-	$balance = Player::orderByDesc('balance')->limit(10)->get(['id', 'name', 'balance'])->toArray();
+	$balance = Player::orderByDesc('balance')->limit(10)->get(['balance', 'id','name', 'level'])->toArray();
 }
 
 $twig->display('balance.html.twig', array(

admin/pages/modules/coins.php

@@ -7,12 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $coins = 0;
 
 if ($db->hasColumn('accounts', 'coins')) {
-	$whatToGet = ['id', 'coins'];
+	$coins = Account::orderByDesc('coins')->limit(10)->get(['coins', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
-	if (USE_ACCOUNT_NAME) {
-		$whatToGet[] = 'name';
-	}
-
-	$coins = Account::orderByDesc('coins')->limit(10)->get($whatToGet)->toArray();
 }
 
 $twig->display('coins.html.twig', array(

admin/pages/modules/lastlogin.php

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $players = 0;
 
 if ($db->hasColumn('players', 'lastlogin')) {
-	$players = Player::orderByDesc('lastlogin')->limit(10)->get(['id', 'name', 'level', 'lastlogin'])->toArray();
+	$players = Player::orderByDesc('lastlogin')->limit(10)->get(['name', 'level', 'lastlogin'])->toArray();
 }
 
 $twig->display('lastlogin.html.twig', array(

admin/pages/modules/templates/balance.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
+							<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
 							<td>{{ result.balance }}</td>
 						</tr>
 					{% endfor %}

admin/pages/modules/templates/coins.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&id={{ result.id }}">{{ result.name ?? result.id }}</a></td>
+							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
 							<td>{{ result.coins }}</td>
 						</tr>
 					{% endfor %}

admin/pages/modules/templates/lastlogin.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
+							<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
 							<td>{{ result.lastlogin|date("M d Y, H:i:s") }}</td>
 						</tr>
 					{% endfor %}

admin/pages/modules/templates/points.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&id={{ result.id }}">{{ result.name }}</a></td>
+							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
 							<td>{{ result.premium_points }}</td>
 						</tr>
 					{% endfor %}

admin/tools/settings_save.php

@@ -1,5 +1,6 @@
 <?php
 
+use MyAAC\Hooks;
 use MyAAC\Settings;
 
 const MYAAC_ADMIN = true;

common.php

@@ -26,7 +26,7 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.6.1';
+const MYAAC_VERSION = '1.5.1-dev';
 const DATABASE_VERSION = 45;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
@@ -122,28 +122,36 @@ if (!IS_CLI) {
 	session_start();
 }
 
-if (file_exists(BASE . 'config.local.php')) {
+// basedir
-	require BASE . 'config.local.php';
+$basedir = '';
-}
+$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
+$size = count($tmp) - 1;
+for($i = 1; $i < $size; $i++)
+	$basedir .= '/' . $tmp[$i];
 
-require SYSTEM . 'base.php';
+$basedir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $basedir);
-define('BASE_DIR', $baseDir);
+define('BASE_DIR', $basedir);
 
 if(!IS_CLI) {
-	if (isset($config['site_url'])) {
+	if (isset($_SERVER['HTTP_HOST'][0])) {
-		$hasSlashAtEnd = ($config['site_url'][strlen($config['site_url']) - 1] == '/');
+		$baseHost = $_SERVER['HTTP_HOST'];
-
+	} else {
-		define('SERVER_URL', $config['site_url']);
+		if (isset($_SERVER['SERVER_NAME'][0])) {
-		define('BASE_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/'));
+			$baseHost = $_SERVER['SERVER_NAME'];
-		define('ADMIN_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/') . ADMIN_PANEL_FOLDER . '/');
+		} else {
+			$baseHost = $_SERVER['SERVER_ADDR'];
+		}
 	}
-	else {
-		define('SERVER_URL', 'http' . (isHttps() ? 's' : '') . '://' . $baseHost);
-		define('BASE_URL', SERVER_URL . BASE_DIR . '/');
-		define('ADMIN_URL', SERVER_URL . BASE_DIR . '/' . ADMIN_PANEL_FOLDER . '/');
 
-		//define('CURRENT_URL', BASE_URL . $_SERVER['REQUEST_URI']);
+	define('SERVER_URL', 'http' . (isHttps() ? 's' : '') . '://' . $baseHost);
-	}
+	define('BASE_URL', SERVER_URL . BASE_DIR . '/');
+	define('ADMIN_URL', SERVER_URL . BASE_DIR . '/' . ADMIN_PANEL_FOLDER . '/');
+
+	//define('CURRENT_URL', BASE_URL . $_SERVER['REQUEST_URI']);
+}
+
+if (file_exists(BASE . 'config.local.php')) {
+	require BASE . 'config.local.php';
 }
 
 /** @var array $config */

index.php

@@ -117,14 +117,6 @@ if(setting('core.backward_support')) {
 		$config['status']['serverStatus_' . $key] = $value;
 }
 
-if(setting('core.views_counter')) {
-	require_once SYSTEM . 'counter.php';
-}
-
-if(setting('core.visitors_counter')) {
-	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
-}
-
 require_once SYSTEM . 'router.php';
 
 // anonymous usage statistics
@@ -161,6 +153,13 @@ if(setting('core.anonymous_usage_statistics')) {
 	}
 }
 
+if(setting('core.views_counter'))
+	require_once SYSTEM . 'counter.php';
+
+if(setting('core.visitors_counter')) {
+	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
+}
+
 /**
  * @var OTS_Account $account_logged
  */

install/steps/4-config.php

@@ -10,14 +10,6 @@ foreach($config['clients'] as $client) {
 	$clients[$client] = $client_version;
 }
 
-if (empty($_SESSION['var_site_url'])) {
-	//require SYSTEM . 'base.php';
-	$serverUrl = 'http' . (isHttps() ? 's' : '') . '://' . $baseHost;
-	$siteURL = $serverUrl . $baseDir;
-
-	$_SESSION['var_site_url'] = $siteURL;
-}
-
 $twig->display('install.config.html.twig', array(
 	'clients' => $clients,
 	'timezones' => DateTimeZone::listIdentifiers(),

install/steps/7-finish.php

@@ -195,4 +195,13 @@ if(!isset($_SESSION['installed'])) {
 	$_SESSION['installed'] = true;
 }
 
+foreach($_SESSION as $key => $value) {
+	if(strpos($key, 'var_') !== false)
+		unset($_SESSION[$key]);
+}
+unset($_SESSION['saved']);
+if(file_exists(CACHE . 'install.txt')) {
+	unlink(CACHE . 'install.txt');
+}
+
 $hooks->trigger(HOOK_INSTALL_FINISH_END);

install/tools/5-database.php

@@ -7,11 +7,6 @@ require SYSTEM . 'functions.php';
 require BASE . 'install/includes/functions.php';
 require BASE . 'install/includes/locale.php';
 
-if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
-	warning($locale['already_installed']);
-	return;
-}
-
 $error = false;
 require BASE . 'install/includes/config.php';
 

install/tools/7-finish.php

@@ -17,11 +17,11 @@ ini_set('max_execution_time', 300);
 ob_implicit_flush();
 
 header('X-Accel-Buffering: no');
-
+/*
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
 	return;
-}
+}*/
 
 require SYSTEM . 'init.php';
 
@@ -94,17 +94,6 @@ $hooks->trigger(HOOK_INSTALL_FINISH);
 
 $db->setClearCacheAfter(true);
 
-// cleanup
-foreach($_SESSION as $key => $value) {
-	if(str_contains($key, 'var_')) {
-		unset($_SESSION[$key]);
-	}
-}
-unset($_SESSION['saved']);
-if(file_exists(CACHE . 'install.txt')) {
-	unlink(CACHE . 'install.txt');
-}
-
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);

plugins/example.json

@@ -51,8 +51,5 @@
 		"themes": true,
 		"admin-pages": true,
 		"admin-pages-sub-folders": true,
-		"settings": true,
-		"install": true,
-		"init": false
 	}
  }

system/base.php

@@ -1,21 +0,0 @@
-<?php
-
-$baseDir = '';
-$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
-$size = count($tmp) - 1;
-for($i = 1; $i < $size; $i++)
-	$baseDir .= '/' . $tmp[$i];
-
-$baseDir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $baseDir);
-
-if(!IS_CLI) {
-	if (isset($_SERVER['HTTP_HOST'][0])) {
-		$baseHost = $_SERVER['HTTP_HOST'];
-	} else {
-		if (isset($_SERVER['SERVER_NAME'][0])) {
-			$baseHost = $_SERVER['SERVER_NAME'];
-		} else {
-			$baseHost = $_SERVER['SERVER_ADDR'];
-		}
-	}
-}

system/init.php

@@ -12,7 +12,6 @@ use DebugBar\StandardDebugBar;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Hooks;
-use MyAAC\Plugins;
 use MyAAC\Models\Town;
 use MyAAC\Settings;
 
@@ -47,11 +46,6 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
 global $cache;
 $cache = Cache::getInstance();
 
-// load plugins init.php
-foreach (Plugins::getInits() as $init) {
-	require $init;
-}
-
 // event system
 global $hooks;
 $hooks = new Hooks();

system/libs/pot/OTS_InfoRespond.php

@@ -15,11 +15,11 @@
 
 /**
  * Wrapper for 'info' respond's DOMDocument.
- *
+ * 
  * <p>
  * Note: as this class extends DOMDocument class and contains exacly respond XML tree you can work on it as on normal DOM tree.
  * </p>
- *
+ * 
  * @package POT
  * @version 0.1.0
  * @property-read string $tspqVersion Root element version.
@@ -48,257 +48,252 @@ class OTS_InfoRespond extends DOMDocument
 {
 /**
  * Returns version of root element.
- *
+ * 
  * @return string TSPQ version.
  * @throws DOMException On DOM operation error.
  */
-	public function getTSPQVersion()
+    public function getTSPQVersion()
-	{
+    {
-		return $this->documentElement->getAttribute('version');
+        return $this->documentElement->getAttribute('version');
-	}
+    }
 
 /**
  * Returns server uptime.
- *
+ * 
  * @return int Uptime.
  * @throws DOMException On DOM operation error.
  */
-	public function getUptime()
+    public function getUptime()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('uptime');
+        return (int) $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('uptime');
-	}
+    }
 
 /**
  * Returns server IP.
- *
+ * 
  * @return string IP.
  * @throws DOMException On DOM operation error.
  */
-	public function getIP()
+    public function getIP()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('ip');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('ip');
-	}
+    }
 
 /**
  * Returns server name.
- *
+ * 
  * @return string Name.
  * @throws DOMException On DOM operation error.
  */
-	public function getName()
+    public function getName()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('servername');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('servername');
-	}
+    }
 
 /**
  * Returns server port.
- *
+ * 
  * @return int Port.
  * @throws DOMException On DOM operation error.
  */
-	public function getPort()
+    public function getPort()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('port');
+        return (int) $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('port');
-	}
+    }
 
 /**
  * Returns server location.
- *
+ * 
  * @return string Location.
  * @throws DOMException On DOM operation error.
  */
-	public function getLocation()
+    public function getLocation()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('location');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('location');
-	}
+    }
 
 /**
  * Returns server website.
- *
+ * 
  * @return string Website URL.
  * @throws DOMException On DOM operation error.
  */
-	public function getURL()
+    public function getURL()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('url');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('url');
-	}
+    }
 
 /**
  * Returns server attribute.
- *
+ * 
  * I have no idea what the hell is it representing :P.
- *
+ * 
  * @return string Attribute value.
  * @throws DOMException On DOM operation error.
  */
-	public function getServer()
+    public function getServer()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('server');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('server');
-	}
+    }
 
 /**
  * Returns server version.
- *
+ * 
  * @return string Version.
  * @throws DOMException On DOM operation error.
  */
-	public function getServerVersion()
+    public function getServerVersion()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('version');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('version');
-	}
+    }
 
 /**
  * Returns dedicated version of client.
- *
+ * 
  * @return string Version.
  * @throws DOMException On DOM operation error.
  */
-	public function getClientVersion()
+    public function getClientVersion()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('client');
+        return $this->documentElement->getElementsByTagName('serverinfo')->item(0)->getAttribute('client');
-	}
+    }
 
 /**
  * Returns owner name.
- *
+ * 
  * @return string Owner name.
  * @throws DOMException On DOM operation error.
  */
-	public function getOwner()
+    public function getOwner()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('owner')->item(0)->getAttribute('name');
+        return $this->documentElement->getElementsByTagName('owner')->item(0)->getAttribute('name');
-	}
+    }
 
 /**
  * Returns owner e-mail.
- *
+ * 
  * @return string Owner e-mail.
  * @throws DOMException On DOM operation error.
  */
-	public function getEMail()
+    public function getEMail()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('owner')->item(0)->getAttribute('email');
+        return $this->documentElement->getElementsByTagName('owner')->item(0)->getAttribute('email');
-	}
+    }
 
 /**
  * Returns current amount of players online.
- *
+ * 
  * @return int Count of players.
  * @throws DOMException On DOM operation error.
  */
-	public function getOnlinePlayers()
+    public function getOnlinePlayers()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('players')->item(0)->getAttribute('online');
+        return (int) $this->documentElement->getElementsByTagName('players')->item(0)->getAttribute('online');
-	}
+    }
 
 /**
  * Returns maximum amount of players online.
- *
+ * 
  * @return int Maximum allowed count of players.
  * @throws DOMException On DOM operation error.
  */
-	public function getMaxPlayers()
+    public function getMaxPlayers()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('players')->item(0)->getAttribute('max');
+        return (int) $this->documentElement->getElementsByTagName('players')->item(0)->getAttribute('max');
-	}
+    }
 
 /**
  * Returns record of online players.
- *
+ * 
  * @return int Players online record.
  * @throws DOMException On DOM operation error.
  */
-	public function getPlayersPeak()
+    public function getPlayersPeak()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('players')->item(0)->getAttribute('peak');
+        return (int) $this->documentElement->getElementsByTagName('players')->item(0)->getAttribute('peak');
-	}
+    }
 
 /**
  * Returns number of all monsters on map.
- *
+ * 
  * @return int Count of monsters.
  * @throws DOMException On DOM operation error.
  */
-	public function getMonstersCount(): int
+    public function getMonstersCount()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('monsters')->item(0)->getAttribute('total');
+        return (int) $this->documentElement->getElementsByTagName('monsters')->item(0)->getAttribute('total');
-	}
+    }
-
-	public function getNPCsCount(): int
-	{
-		return (int) $this->documentElement->getElementsByTagName('npcs')->item(0)->getAttribute('total');
-	}
 
 /**
  * Returns map name.
- *
+ * 
  * @return string Map name.
  * @throws DOMException On DOM operation error.
  */
-	public function getMapName()
+    public function getMapName()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('name');
+        return $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('name');
-	}
+    }
 
 /**
  * Returns map author.
- *
+ * 
  * @return string Mapper name.
  * @throws DOMException On DOM operation error.
  */
-	public function getMapAuthor()
+    public function getMapAuthor()
-	{
+    {
-		return $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('author');
+        return $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('author');
-	}
+    }
 
 /**
  * Returns map width.
- *
+ * 
  * @return int Map width.
  * @throws DOMException On DOM operation error.
  */
-	public function getMapWidth()
+    public function getMapWidth()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('width');
+        return (int) $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('width');
-	}
+    }
 
 /**
  * Returns map height.
- *
+ * 
  * @return int Map height.
  * @throws DOMException On DOM operation error.
  */
-	public function getMapHeight()
+    public function getMapHeight()
-	{
+    {
-		return (int) $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('height');
+        return (int) $this->documentElement->getElementsByTagName('map')->item(0)->getAttribute('height');
-	}
+    }
 
 /**
  * Returns server's Message Of The Day
- *
+ * 
  * @version 0.1.0
  * @return string Server MOTD.
  * @throws DOMException On DOM operation error.
  */
-	public function getMOTD()
+    public function getMOTD()
-	{
+    {
-		// look for text node child
+        // look for text node child
-		foreach( $this->documentElement->getElementsByTagName('motd')->item(0)->childNodes as $child)
+        foreach( $this->documentElement->getElementsByTagName('motd')->item(0)->childNodes as $child)
-		{
+        {
-			if($child->nodeType == XML_TEXT_NODE)
+            if($child->nodeType == XML_TEXT_NODE)
-			{
+            {
-				// found
+                // found
-				return $child->nodeValue;
+                return $child->nodeValue;
-			}
+            }
-		}
+        }
 
-		// strange...
+        // strange...
-		return '';
+        return '';
-	}
+    }
 
 /**
  * Magic PHP5 method.
- *
+ * 
  * @version 0.1.0
  * @since 0.1.0
  * @param string $name Property name.
@@ -306,89 +301,89 @@ class OTS_InfoRespond extends DOMDocument
  * @throws OutOfBoundsException For non-supported properties.
  * @throws DOMException On DOM operation error.
  */
-	public function __get($name)
+    public function __get($name)
-	{
+    {
-		switch($name)
+        switch($name)
-		{
+        {
-			case 'tspqVersion':
+            case 'tspqVersion':
-				return $this->getTSPQVersion();
+                return $this->getTSPQVersion();
 
-			case 'uptime':
+            case 'uptime':
-				return $this->getUptime();
+                return $this->getUptime();
 
-			case 'ip':
+            case 'ip':
-				return $this->getIP();
+                return $this->getIP();
 
-			case 'name':
+            case 'name':
-				return $this->getName();
+                return $this->getName();
 
-			case 'port':
+            case 'port':
-				return $this->getPort();
+                return $this->getPort();
 
-			case 'location':
+            case 'location':
-				return $this->getLocation();
+                return $this->getLocation();
 
-			case 'url':
+            case 'url':
-				return $this->getURL();
+                return $this->getURL();
 
-			case 'server':
+            case 'server':
-				return $this->getServer();
+                return $this->getServer();
 
-			case 'serverVersion':
+            case 'serverVersion':
-				return $this->getServerVersion();
+                return $this->getServerVersion();
 
-			case 'clientVersion':
+            case 'clientVersion':
-				return $this->getClientVersion();
+                return $this->getClientVersion();
 
-			case 'owner':
+            case 'owner':
-				return $this->getOwner();
+                return $this->getOwner();
 
-			case 'eMail':
+            case 'eMail':
-				return $this->getEMail();
+                return $this->getEMail();
 
-			case 'onlinePlayers':
+            case 'onlinePlayers':
-				return $this->getOnlinePlayers();
+                return $this->getOnlinePlayers();
 
-			case 'maxPlayers':
+            case 'maxPlayers':
-				return $this->getMaxPlayers();
+                return $this->getMaxPlayers();
 
-			case 'playersPeak':
+            case 'playersPeak':
-				return $this->getPlayersPeak();
+                return $this->getPlayersPeak();
 
-			case 'monstersCount':
+            case 'monstersCount':
-				return $this->getMonstersCount();
+                return $this->getMonstersCount();
 
-			case 'mapName':
+            case 'mapName':
-				return $this->getMapName();
+                return $this->getMapName();
 
-			case 'mapAuthor':
+            case 'mapAuthor':
-				return $this->getMapAuthor();
+                return $this->getMapAuthor();
 
-			case 'mapWidth':
+            case 'mapWidth':
-				return $this->getMapWidth();
+                return $this->getMapWidth();
 
-			case 'mapHeight':
+            case 'mapHeight':
-				return $this->getMapHeight();
+                return $this->getMapHeight();
 
-			case 'motd':
+            case 'motd':
-				return $this->getMOTD();
+                return $this->getMOTD();
 
-			default:
+            default:
-				throw new OutOfBoundsException();
+                throw new OutOfBoundsException();
-		}
+        }
-	}
+    }
 
 /**
  * Returns string representation of XML.
- *
+ * 
  * @version 0.1.0
  * @since 0.1.0
  * @return string String representation of object.
  */
-	public function __toString()
+    public function __toString()
-	{
+    {
-		return $this->saveXML();
+        return $this->saveXML();
-	}
+    }
 }
 
 /**#@-*/

system/libs/pot/OTS_ServerInfo.php

@@ -26,19 +26,14 @@ class OTS_ServerInfo
  *
  * @var string
  */
-	private string $server;
+    private $server;
 
 /**
  * Connection port.
  *
  * @var int
  */
-	private int $port;
+    private $port;
-
-	/**
-	 * Status timeout
-	 */
-	private float $timeout = 2.0;
 
 /**
  * Creates handler for new server.
@@ -46,11 +41,11 @@ class OTS_ServerInfo
  * @param string $server Server IP/domain.
  * @param int $port OTServ port.
  */
-	public function __construct($server, $port)
+    public function __construct($server, $port)
-	{
+    {
-		$this->server = $server;
+        $this->server = $server;
-		$this->port = $port;
+        $this->port = $port;
-	}
+    }
 
 /**
  * Sends packet to server.
@@ -59,46 +54,46 @@ class OTS_ServerInfo
  * @return OTS_Buffer|null Respond buffer (null if server is offline).
  * @throws E_OTS_OutOfBuffer When there is read attemp after end of packet stream.
  */
-	private function send(OTS_Buffer $packet)
+    private function send(OTS_Buffer $packet)
-	{
+    {
-		// connects to server
+        // connects to server
-		$socket = @fsockopen($this->server, $this->port, $error, $message, $this->timeout);
+        $socket = @fsockopen($this->server, $this->port, $error, $message, setting('core.status_timeout'));
 
-		// if connected then checking statistics
+        // if connected then checking statistics
-		if($socket)
+        if($socket)
-		{
+        {
-			// sets 5 second timeout for reading and writing
+            // sets 5 second timeout for reading and writing
-			stream_set_timeout($socket, 5);
+            stream_set_timeout($socket, 5);
 
-			// creates real packet
+            // creates real packet
-			$packet = $packet->getBuffer();
+            $packet = $packet->getBuffer();
-			$packet = pack('v', strlen($packet) ) . $packet;
+            $packet = pack('v', strlen($packet) ) . $packet;
 
-			// sends packet with request
+            // sends packet with request
-			// 06 - length of packet, 255, 255 is the comamnd identifier, 'info' is a request
+            // 06 - length of packet, 255, 255 is the comamnd identifier, 'info' is a request
-			fwrite($socket, $packet);
+            fwrite($socket, $packet);
 
-			// reads respond
+            // reads respond
-			//$data = stream_get_contents($socket);
+            //$data = stream_get_contents($socket);
 			$data = '';
 			while (!feof($socket))
 				$data .= fgets($socket, 1024);
 
-			// closing connection to current server
+            // closing connection to current server
-			fclose($socket);
+            fclose($socket);
 
-			// sometimes server returns empty info
+            // sometimes server returns empty info
-			if( empty($data) )
+            if( empty($data) )
-			{
+            {
-				// returns offline state
+                // returns offline state
-				return false;
+                return false;
-			}
+            }
 
-			return new OTS_Buffer($data);
+            return new OTS_Buffer($data);
-		}
+        }
 
-		return false;
+        return false;
-	}
+    }
 
 /**
  * Queries server status.
@@ -113,30 +108,30 @@ class OTS_ServerInfo
  * @example examples/info.php info.php
  * @tutorial POT/Server_status.pkg
  */
-	public function status()
+    public function status()
-	{
+    {
-		// request packet
+        // request packet
-		$request = new OTS_Buffer();
+        $request = new OTS_Buffer();
-		$request->putChar(255);
+        $request->putChar(255);
-		$request->putChar(255);
+        $request->putChar(255);
-		$request->putString('info', false);
+        $request->putString('info', false);
 
-		$status = $this->send($request);
+        $status = $this->send($request);
 
-		// checks if server is online
+        // checks if server is online
-		if($status)
+        if($status)
-		{
+        {
-			// loads respond XML
+            // loads respond XML
-			$info = new OTS_InfoRespond();
+            $info = new OTS_InfoRespond();
-			if(!$info->loadXML( $status->getBuffer()))
+            if(!$info->loadXML( $status->getBuffer()))
 				return false;
 
-			return $info;
+            return $info;
-		}
+        }
 
-		// offline
+        // offline
-		return false;
+        return false;
-	}
+    }
 
 /**
  * Queries server information.
@@ -151,26 +146,26 @@ class OTS_ServerInfo
  * @example examples/server.php info.php
  * @tutorial POT/Server_status.pkg
  */
-	public function info($flags)
+    public function info($flags)
-	{
+    {
-		// request packet
+        // request packet
-		$request = new OTS_Buffer();
+        $request = new OTS_Buffer();
-		$request->putChar(255);
+        $request->putChar(255);
-		$request->putChar(1);
+        $request->putChar(1);
-		$request->putShort($flags);
+        $request->putShort($flags);
 
-		$status = $this->send($request);
+        $status = $this->send($request);
 
-		// checks if server is online
+        // checks if server is online
-		if($status)
+        if($status)
-		{
+        {
-			// loads respond
+            // loads respond
-			return new OTS_ServerStatus($status);
+            return new OTS_ServerStatus($status);
-		}
+        }
 
-		// offline
+        // offline
-		return false;
+        return false;
-	}
+    }
 
 /**
  * Checks player online status.
@@ -185,27 +180,27 @@ class OTS_ServerInfo
  * @example examples/server.php info.php
  * @tutorial POT/Server_status.pkg
  */
-	public function playerStatus($name)
+    public function playerStatus($name)
-	{
+    {
-		// request packet
+        // request packet
-		$request = new OTS_Buffer();
+        $request = new OTS_Buffer();
-		$request->putChar(255);
+        $request->putChar(255);
-		$request->putChar(1);
+        $request->putChar(1);
-		$request->putShort(OTS_ServerStatus::REQUEST_PLAYER_STATUS_INFO);
+        $request->putShort(OTS_ServerStatus::REQUEST_PLAYER_STATUS_INFO);
-		$request->putString($name);
+        $request->putString($name);
 
-		$status = $this->send($request);
+        $status = $this->send($request);
 
-		// checks if server is online
+        // checks if server is online
-		if($status)
+        if($status)
-		{
+        {
-			$status->getChar();
+            $status->getChar();
-			return (bool) $status->getChar();
+            return (bool) $status->getChar();
-		}
+        }
 
-		// offline
+        // offline
-		return false;
+        return false;
-	}
+    }
 
 /**
  * Magic PHP5 method.
@@ -215,24 +210,20 @@ class OTS_ServerInfo
  * @throws OutOfBoundsException For non-supported properties.
  * @throws E_OTS_OutOfBuffer When there is read attemp after end of packet stream.
  */
-	public function __get($name)
+    public function __get($name)
-	{
+    {
-		switch($name)
+        switch($name)
-		{
+        {
-			case 'status':
+            case 'status':
-				return $this->status();
+                return $this->status();
 
-			case 'info':
+            case 'info':
-				return $this->info(OTS_ServerStatus::REQUEST_BASIC_SERVER_INFO | OTS_ServerStatus::REQUEST_OWNER_SERVER_INFO | OTS_ServerStatus::REQUEST_MISC_SERVER_INFO | OTS_ServerStatus::REQUEST_PLAYERS_INFO | OTS_ServerStatus::REQUEST_MAP_INFO | OTS_ServerStatus::REQUEST_PLAYER_STATUS_INFO);
+                return $this->info(OTS_ServerStatus::REQUEST_BASIC_SERVER_INFO | OTS_ServerStatus::REQUEST_OWNER_SERVER_INFO | OTS_ServerStatus::REQUEST_MISC_SERVER_INFO | OTS_ServerStatus::REQUEST_PLAYERS_INFO | OTS_ServerStatus::REQUEST_MAP_INFO | OTS_ServerStatus::REQUEST_PLAYER_STATUS_INFO);
 
-			default:
+            default:
-				throw new OutOfBoundsException();
+                throw new OutOfBoundsException();
-		}
+        }
-	}
+    }
-
-	public function setTimeout($timeout) {
-		$this->timeout = $timeout;
-	}
 }
 
 /**#@-*/

system/libs/pot/OTS_ServerStatus.php

@@ -40,175 +40,175 @@ class OTS_ServerStatus
 /**
  * Basic server info.
  */
-	const REQUEST_BASIC_SERVER_INFO = 1;
+    const REQUEST_BASIC_SERVER_INFO = 1;
 /**
  * Server owner info.
  */
-	const REQUEST_OWNER_SERVER_INFO = 2;
+    const REQUEST_OWNER_SERVER_INFO = 2;
 /**
  * Server extra info.
  */
-	const REQUEST_MISC_SERVER_INFO = 4;
+    const REQUEST_MISC_SERVER_INFO = 4;
 /**
  * Players stats info.
  */
-	const REQUEST_PLAYERS_INFO = 8;
+    const REQUEST_PLAYERS_INFO = 8;
 /**
  * Map info.
  */
-	const REQUEST_MAP_INFO = 16;
+    const REQUEST_MAP_INFO = 16;
 /**
  * Extended players info.
  */
-	const REQUEST_EXT_PLAYERS_INFO = 32;
+    const REQUEST_EXT_PLAYERS_INFO = 32;
 /**
  * Player status info.
  */
-	const REQUEST_PLAYER_STATUS_INFO = 64;
+    const REQUEST_PLAYER_STATUS_INFO = 64;
 /**
  * Server software info.
  */
-	const REQUEST_SERVER_SOFTWARE_INFO = 128;
+    const REQUEST_SERVER_SOFTWARE_INFO = 128;
 /**
  * Basic server respond.
  */
-	const RESPOND_BASIC_SERVER_INFO = 0x10;
+    const RESPOND_BASIC_SERVER_INFO = 0x10;
 /**
  * Server owner respond.
  */
-	const RESPOND_OWNER_SERVER_INFO = 0x11;
+    const RESPOND_OWNER_SERVER_INFO = 0x11;
 /**
  * Server extra respond.
  */
-	const RESPOND_MISC_SERVER_INFO = 0x12;
+    const RESPOND_MISC_SERVER_INFO = 0x12;
 /**
  * Players stats respond.
  */
-	const RESPOND_PLAYERS_INFO = 0x20;
+    const RESPOND_PLAYERS_INFO = 0x20;
 /**
  * Map respond.
  */
-	const RESPOND_MAP_INFO = 0x30;
+    const RESPOND_MAP_INFO = 0x30;
 /**
  * Extended players info.
  */
-	const RESPOND_EXT_PLAYERS_INFO = 0x21;
+    const RESPOND_EXT_PLAYERS_INFO = 0x21;
 /**
  * Player status info.
  */
-	const RESPOND_PLAYER_STATUS_INFO = 0x22;
+    const RESPOND_PLAYER_STATUS_INFO = 0x22;
 /**
  * Server software info.
  */
-	const RESPOND_SERVER_SOFTWARE_INFO = 0x23;
+    const RESPOND_SERVER_SOFTWARE_INFO = 0x23;
 /**
  * Server name.
  *
  * @var string
  */
-	private $name;
+    private $name;
 /**
  * Server IP.
  *
  * @var string
  */
-	private $ip;
+    private $ip;
 /**
  * Server port.
  *
  * @var string
  */
-	private $port;
+    private $port;
 /**
  * Owner name.
  *
  * @var string
  */
-	private $owner;
+    private $owner;
 /**
  * Owner's e-mail.
  *
  * @var string
  */
-	private $eMail;
+    private $eMail;
 /**
  * Message of the day.
  *
  * @var string
  */
-	private $motd;
+    private $motd;
 /**
  * Server location.
  *
  * @var string
  */
-	private $location;
+    private $location;
 /**
  * Website URL.
  *
  * @var string
  */
-	private $url;
+    private $url;
 /**
  * Uptime.
  *
  * @var int
  */
-	private $uptime;
+    private $uptime;
 /**
  * Status version.
  *
  * @var string
  */
-	private $version;
+    private $version;
 /**
  * Players online.
  *
  * @var int
  */
-	private $online;
+    private $online;
 /**
  * Maximum players.
  *
  * @var int
  */
-	private $max;
+    private $max;
 /**
  * Players peak.
  *
  * @var int
  */
-	private $peak;
+    private $peak;
 /**
  * Map name.
  *
  * @var string
  */
-	private $map;
+    private $map;
 /**
  * Map author.
  *
  * @var string
  */
-	private $author;
+    private $author;
 /**
  * Map width.
  *
  * @var int
  */
-	private $width;
+    private $width;
 /**
  * Map height.
  *
  * @var int
  */
-	private $height;
+    private $height;
 /**
  * Players online list.
  *
  * @var array
  */
-	private $players = array();
+    private $players = array();
 
 /**
  * Server software.
@@ -224,277 +224,277 @@ class OTS_ServerStatus
  *
  * @param OTS_Buffer $info Information packet.
  */
-	public function __construct(OTS_Buffer $info)
+    public function __construct(OTS_Buffer $info)
-	{
+    {
-		// skips packet length
+        // skips packet length
-		$info->getShort();
+        $info->getShort();
 
-		while( $info->isValid() )
+        while( $info->isValid() )
-		{
+        {
-			switch( $info->getChar() )
+            switch( $info->getChar() )
-			{
+            {
-				case self::RESPOND_BASIC_SERVER_INFO:
+                case self::RESPOND_BASIC_SERVER_INFO:
-					$this->name = $info->getString();
+                    $this->name = $info->getString();
-					$this->ip = $info->getString();
+                    $this->ip = $info->getString();
-					$this->port = (int) $info->getString();
+                    $this->port = (int) $info->getString();
-					break;
+                    break;
 
-				case self::RESPOND_OWNER_SERVER_INFO:
+                case self::RESPOND_OWNER_SERVER_INFO:
-					$this->owner = $info->getString();
+                    $this->owner = $info->getString();
-					$this->eMail = $info->getString();
+                    $this->eMail = $info->getString();
-					break;
+                    break;
 
-				case self::RESPOND_MISC_SERVER_INFO:
+                case self::RESPOND_MISC_SERVER_INFO:
-					$this->motd = $info->getString();
+                    $this->motd = $info->getString();
-					$this->location = $info->getString();
+                    $this->location = $info->getString();
-					$this->url = $info->getString();
+                    $this->url = $info->getString();
 
-					$uptime = $info->getLong() << 32;
+                    $uptime = $info->getLong() << 32;
 
-					$this->uptime += $info->getLong() + $uptime;
+                    $this->uptime += $info->getLong() + $uptime;
-					$this->version = $info->getString();
+                    $this->version = $info->getString();
-					break;
+                    break;
 
-				case self::RESPOND_PLAYERS_INFO:
+                case self::RESPOND_PLAYERS_INFO:
-					$this->online = $info->getLong();
+                    $this->online = $info->getLong();
-					$this->max = $info->getLong();
+                    $this->max = $info->getLong();
-					$this->peak = $info->getLong();
+                    $this->peak = $info->getLong();
-					break;
+                    break;
 
-				case self::RESPOND_MAP_INFO:
+                case self::RESPOND_MAP_INFO:
-					$this->map = $info->getString();
+                    $this->map = $info->getString();
-					$this->author = $info->getString();
+                    $this->author = $info->getString();
-					$this->width = $info->getShort();
+                    $this->width = $info->getShort();
-					$this->height = $info->getShort();
+                    $this->height = $info->getShort();
-					break;
+                    break;
 
-				case self::RESPOND_EXT_PLAYERS_INFO:
+                case self::RESPOND_EXT_PLAYERS_INFO:
-					$count = $info->getLong();
+                    $count = $info->getLong();
 
-					for($i = 0; $i < $count; $i++)
+                    for($i = 0; $i < $count; $i++)
-					{
+                    {
-						$name = $info->getString();
+                        $name = $info->getString();
-						$this->players[$name] = $info->getLong();
+                        $this->players[$name] = $info->getLong();
-					}
+                    }
-					break;
+                    break;
 
 				case self::RESPOND_SERVER_SOFTWARE_INFO:
 					$this->softwareName = $info->getString();
 					$this->softwareVersion = $info->getString();
 					$this->softwareProtocol = $info->getString();
 					break;
-			}
+            }
-		}
+        }
-	}
+    }
 
 /**
  * Returns server uptime.
  *
  * @return int Uptime.
  */
-	public function getUptime()
+    public function getUptime()
-	{
+    {
-		return $this->uptime;
+        return $this->uptime;
-	}
+    }
 
 /**
  * Returns server IP.
  *
  * @return string IP.
  */
-	public function getIP()
+    public function getIP()
-	{
+    {
-		return $this->ip;
+        return $this->ip;
-	}
+    }
 
 /**
  * Returns server name.
  *
  * @return string Name.
  */
-	public function getName()
+    public function getName()
-	{
+    {
-		return $this->name;
+        return $this->name;
-	}
+    }
 
 /**
  * Returns server port.
  *
  * @return int Port.
  */
-	public function getPort()
+    public function getPort()
-	{
+    {
-		return $this->port;
+        return $this->port;
-	}
+    }
 
 /**
  * Returns server location.
  *
  * @return string Location.
  */
-	public function getLocation()
+    public function getLocation()
-	{
+    {
-		return $this->location;
+        return $this->location;
-	}
+    }
 
 /**
  * Returns server website.
  *
  * @return string Website URL.
  */
-	public function getURL()
+    public function getURL()
-	{
+    {
-		return $this->url;
+        return $this->url;
-	}
+    }
 
 /**
  * Returns server version.
  *
  * @return string Version.
  */
-	public function getServerVersion()
+    public function getServerVersion()
-	{
+    {
-		return $this->version;
+        return $this->version;
-	}
+    }
 
 /**
  * Returns owner name.
  *
  * @return string Owner name.
  */
-	public function getOwner()
+    public function getOwner()
-	{
+    {
-		return $this->owner;
+        return $this->owner;
-	}
+    }
 
 /**
  * Returns owner e-mail.
  *
  * @return string Owner e-mail.
  */
-	public function getEMail()
+    public function getEMail()
-	{
+    {
-		return $this->eMail;
+        return $this->eMail;
-	}
+    }
 
 /**
  * Returns current amount of players online.
  *
  * @return int Count of players.
  */
-	public function getOnlinePlayers()
+    public function getOnlinePlayers()
-	{
+    {
-		return $this->online;
+        return $this->online;
-	}
+    }
 
 /**
  * Returns maximum amount of players online.
  *
  * @return int Maximum allowed count of players.
  */
-	public function getMaxPlayers()
+    public function getMaxPlayers()
-	{
+    {
-		return $this->max;
+        return $this->max;
-	}
+    }
 
 /**
  * Returns record of online players.
  *
  * @return int Players online record.
  */
-	public function getPlayersPeak()
+    public function getPlayersPeak()
-	{
+    {
-		return $this->peak;
+        return $this->peak;
-	}
+    }
 
 /**
  * Returns map name.
  *
  * @return string Map name.
  */
-	public function getMapName()
+    public function getMapName()
-	{
+    {
-		return $this->map;
+        return $this->map;
-	}
+    }
 
 /**
  * Returns map author.
  *
  * @return string Mapper name.
  */
-	public function getMapAuthor()
+    public function getMapAuthor()
-	{
+    {
-		return $this->author;
+        return $this->author;
-	}
+    }
 
 /**
  * Returns map width.
  *
  * @return int Map width.
  */
-	public function getMapWidth()
+    public function getMapWidth()
-	{
+    {
-		return $this->width;
+        return $this->width;
-	}
+    }
 
 /**
  * Returns map height.
  *
  * @return int Map height.
  */
-	public function getMapHeight()
+    public function getMapHeight()
-	{
+    {
-		return $this->height;
+        return $this->height;
-	}
+    }
 
 /**
  * Returns server's Message Of The Day
  *
  * @return string Server MOTD.
  */
-	public function getMOTD()
+    public function getMOTD()
-	{
+    {
-		return $this->motd;
+        return $this->motd;
-	}
+    }
 
 /**
  * Returns list of players currently online.
  *
  * @return array List of players in format 'name' => level.
  */
-	public function getPlayers()
+    public function getPlayers()
-	{
+    {
-	}
+    }
 
 /**
  * Returns software name.
  *
  * @return string Software name.
  */
-	public function getSoftwareName()
+    public function getSoftwareName()
-	{
+    {
-		return $this->softwareName;
+        return $this->softwareName;
-	}
+    }
 
 /**
  * Returns software version.
  *
  * @return string Software version.
  */
-	public function getSoftwareVersion()
+    public function getSoftwareVersion()
-	{
+    {
-		return $this->softwareVersion;
+        return $this->softwareVersion;
-	}
+    }
 
 /**
  * Returns software protocol.
  *
  * @return string Software protocol.
  */
-	public function getSoftwareProtocol()
+    public function getSoftwareProtocol()
-	{
+    {
-		return $this->softwareProtocol;
+        return $this->softwareProtocol;
-	}
+    }
 
 /**
  * Magic PHP5 method.
@@ -503,68 +503,68 @@ class OTS_ServerStatus
  * @return mixed Property value.
  * @throws OutOfBoundsException For non-supported properties.
  */
-	public function __get($name)
+    public function __get($name)
-	{
+    {
-		switch($name)
+        switch($name)
-		{
+        {
-			case 'uptime':
+            case 'uptime':
-				return $this->getUptime();
+                return $this->getUptime();
 
-			case 'ip':
+            case 'ip':
-				return $this->getIP();
+                return $this->getIP();
 
-			case 'name':
+            case 'name':
-				return $this->getName();
+                return $this->getName();
 
-			case 'port':
+            case 'port':
-				return $this->getPort();
+                return $this->getPort();
 
-			case 'location':
+            case 'location':
-				return $this->getLocation();
+                return $this->getLocation();
 
-			case 'url':
+            case 'url':
-				return $this->getURL();
+                return $this->getURL();
 
-			case 'serverVersion':
+            case 'serverVersion':
-				return $this->getServerVersion();
+                return $this->getServerVersion();
 
-			case 'owner':
+            case 'owner':
-				return $this->getOwner();
+                return $this->getOwner();
 
-			case 'eMail':
+            case 'eMail':
-				return $this->getEMail();
+                return $this->getEMail();
 
-			case 'onlinePlayers':
+            case 'onlinePlayers':
-				return $this->getOnlinePlayers();
+                return $this->getOnlinePlayers();
 
-			case 'maxPlayers':
+            case 'maxPlayers':
-				return $this->getMaxPlayers();
+                return $this->getMaxPlayers();
 
-			case 'playersPeak':
+            case 'playersPeak':
-				return $this->getPlayersPeak();
+                return $this->getPlayersPeak();
 
-			case 'mapName':
+            case 'mapName':
-				return $this->getMapName();
+                return $this->getMapName();
 
-			case 'mapAuthor':
+            case 'mapAuthor':
-				return $this->getMapAuthor();
+                return $this->getMapAuthor();
 
-			case 'mapWidth':
+            case 'mapWidth':
-				return $this->getMapWidth();
+                return $this->getMapWidth();
 
-			case 'mapHeight':
+            case 'mapHeight':
-				return $this->getMapHeight();
+                return $this->getMapHeight();
 
-			case 'motd':
+            case 'motd':
-				return $this->getMOTD();
+                return $this->getMOTD();
 
-			case 'players':
+            case 'players':
-				return $this->getPlayers();
+                return $this->getPlayers();
 
-			default:
+            default:
-				throw new OutOfBoundsException();
+                throw new OutOfBoundsException();
-		}
+        }
-	}
+    }
 }
 
 /**#@-*/

system/locale/de/install.php

@@ -48,8 +48,6 @@ $locale['step_config'] = 'Konfiguration';
 $locale['step_config_title'] = 'Grundkonfiguration';
 $locale['step_config_server_path'] = 'Serverpfad';
 $locale['step_config_server_path_desc'] = 'Pfad zu Ihrem TFS-Hauptverzeichnis, in dem sich die config.lua befinden.';
-$locale['step_config_site_url'] = 'Website URL';
-$locale['step_config_site_url_desc'] = 'Ihre Website-Adresse.';
 $locale['step_config_mail_admin'] = 'Admin E-Mail';
 $locale['step_config_mail_admin_desc'] = 'Adresse, an die E-Mails aus dem Kontaktformular gesendet werden, z. B. admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'Admin E-Mail ist nicht korrekt.';

system/locale/en/install.php

@@ -52,8 +52,6 @@ $locale['step_config'] = 'Configuration';
 $locale['step_config_title'] = 'Basic configuration';
 $locale['step_config_server_path'] = 'Server path';
 $locale['step_config_server_path_desc'] = 'Path to your TFS main directory, where you have config.lua located.';
-$locale['step_config_site_url'] = 'Website URL';
-$locale['step_config_site_url_desc'] = 'Your website address.';
 $locale['step_config_mail_admin'] = 'Admin Email';
 $locale['step_config_mail_admin_desc'] = 'Address where emails from contact form will be delivered, for example admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'Admin Email is not correct.';

system/locale/pl/install.php

@@ -52,8 +52,6 @@ $locale['step_config'] = 'Konfiguracja';
 $locale['step_config_title'] = 'Podstawowa konfiguracja';
 $locale['step_config_server_path'] = 'Ścieżka do serwera';
 $locale['step_config_server_path_desc'] = 'Ścieżka do Twojego folderu z TFS, gdzie znajduje się plik config.lua.';
-$locale['step_config_server_url'] = 'Adres strony';
-$locale['step_config_server_url_desc'] = 'Adres tej strony www.';
 $locale['step_config_mail_admin'] = 'E-Mail admina';
 $locale['step_config_mail_admin_desc'] = 'Na ten adres będą dostarczane E-Maile z formularza kontaktowego, przykładowo admin@gmail.com';
 $locale['step_config_mail_admin_error'] = 'E-Mail admina jest niepoprawny.';

system/pages/account/change-email.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $email_new_time = $account_logged->getCustomField("email_new_time");
 
 if($email_new_time > 10) {

system/pages/account/change-info.php

@@ -20,8 +20,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 if(setting('core.account_country'))
 	require SYSTEM . 'countries.conf.php';
 

system/pages/account/change-password.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $new_password = $_POST['newpassword'] ?? NULL;
 $new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
 $old_password = $_POST['oldpassword'] ?? NULL;

system/pages/account/characters/change-comment.php

@@ -20,8 +20,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $player = null;
 $player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
 $new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;

system/pages/account/characters/change-name.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
 $name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL;
 if((!setting('core.account_change_character_name')))

system/pages/account/characters/change-sex.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $sex_changed = false;
 $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
 $new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;

system/pages/account/characters/create.php

@@ -20,8 +20,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $character_name = isset($_POST['name']) ? stripslashes($_POST['name']) : null;
 $character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null;
 $character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null;

system/pages/account/characters/delete.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null;
 $password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null;
 $password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify);

system/pages/account/create.php

@@ -23,8 +23,6 @@ if($logged)
 	return;
 }
 
-csrfProtect();
-
 if(setting('core.account_create_character_create')) {
 	$createCharacter = new CreateCharacter();
 }
@@ -221,14 +219,8 @@ if($save)
 			}
 		}
 
-		$accountDefaultPremiumPoints = setting('core.account_premium_points');
+		if(setting('core.account_premium_points') && setting('core.account_premium_points') > 0) {
-		if($accountDefaultPremiumPoints > 0) {
+			$new_account->setCustomField('premium_points', setting('core.account_premium_points'));
-			$new_account->setCustomField('premium_points', $accountDefaultPremiumPoints);
-		}
-
-		$accountDefaultCoins = setting('core.account_coins');
-		if($db->hasColumn('accounts', 'coins') && $accountDefaultCoins > 0) {
-			$new_account->setCustomField('coins', $accountDefaultCoins);
 		}
 
 		$tmp_account = $email;

system/pages/account/login.php

@@ -18,8 +18,6 @@ if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login']
 	return;
 }
 
-csrfProtect();
-
 $login_account = $_POST['account_login'];
 $login_password = $_POST['password_login'];
 $remember_me = isset($_POST['remember_me']);

system/pages/account/manage.php

@@ -34,8 +34,6 @@ if(isset($_REQUEST['redirect']))
 	return;
 }
 
-csrfProtect();
-
 $groups = new OTS_Groups_List();
 
 $freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;

system/pages/account/redirect.php

@@ -0,0 +1,23 @@
+<?php
+/**
+ * Change comment
+ *
+ * @package   MyAAC
+ * @author    Gesior <jerzyskalski@wp.pl>
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2019 MyAAC
+ * @link      https://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+$redirect = urldecode($_REQUEST['redirect']);
+
+// should never happen, unless hacker modify the URL
+if (!str_contains($redirect, BASE_URL)) {
+	error('Fatal error: Cannot redirect outside the website.');
+	return;
+}
+
+$twig->display('account.redirect.html.twig', array(
+	'redirect' => $redirect
+));

system/pages/account/register-new.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 if(isset($_POST['reg_password']))
 	$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
 

system/pages/account/register.php

@@ -17,8 +17,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 $_POST['reg_password'] = $_POST['reg_password'] ?? '';
 $reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
 $old_key = $account_logged->getCustomField("key");

system/pages/forum/admin.php

@@ -17,8 +17,6 @@ if(!$canEdit) {
 	return;
 }
 
-csrfProtect();
-
 $groupsList = new OTS_Groups_List();
 $groups = [
 	['id' => 0, 'name' => 'Guest'],
@@ -32,24 +30,23 @@ foreach ($groupsList as $group) {
 }
 
 if(!empty($action)) {
-	if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') {
+	if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
 		$id = $_REQUEST['id'];
+
+	if(isset($_REQUEST['access'])) {
+		$access = $_REQUEST['access'];
 	}
 
-	if(isset($_POST['access'])) {
+	if(isset($_REQUEST['guild'])) {
-		$access = $_POST['access'];
+		$guild = $_REQUEST['guild'];
 	}
 
-	if(isset($_POST['guild'])) {
+	if(isset($_REQUEST['name'])) {
-		$guild = $_POST['guild'];
+		$name = $_REQUEST['name'];
 	}
 
-	if(isset($_POST['name'])) {
+	if(isset($_REQUEST['description'])) {
-		$name = $_POST['name'];
+		$description = stripslashes($_REQUEST['description']);
-	}
-
-	if(isset($_POST['description'])) {
-		$description = stripslashes($_POST['description']);
 	}
 
 	$errors = [];
@@ -58,13 +55,12 @@ if(!empty($action)) {
 		if(Forum::add_board($name, $description, $access, $guild, $errors)) {
 			$action = $name = $description = '';
 			header('Location: ' . getLink('forum'));
-			exit;
 		}
 	}
 	else if($action == 'delete_board') {
 		Forum::delete_board($id, $errors);
 		header('Location: ' . getLink('forum'));
-		exit;
+		$action = '';
 	}
 	else if($action == 'edit_board')
 	{
@@ -78,27 +74,28 @@ if(!empty($action)) {
 		else {
 			Forum::update_board($id, $name, $access, $guild, $description);
 			header('Location: ' . getLink('forum'));
-			exit;
+			$action = $name = $description = '';
+			$access = $guild = 0;
 		}
 	}
 	else if($action == 'hide_board') {
 		Forum::toggleHide_board($id, $errors);
 		header('Location: ' . getLink('forum'));
-		exit;
+		$action = '';
 	}
 	else if($action == 'moveup_board') {
 		Forum::move_board($id, -1, $errors);
 		header('Location: ' . getLink('forum'));
-		exit;
+		$action = '';
 	}
 	else if($action == 'movedown_board') {
 		Forum::move_board($id, 1, $errors);
 		header('Location: ' . getLink('forum'));
-		exit;
+		$action = '';
 	}
 
 	if(!empty($errors)) {
-		$twig->display('error_box.html.twig', ['errors' => $errors]);
+		$twig->display('error_box.html.twig', array('errors' => $errors));
 		$action = '';
 	}
 }

system/pages/forum/edit_post.php

@@ -23,9 +23,8 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
+if(Forum::canPost($account_logged))
-
+{
-if(Forum::canPost($account_logged)) {
 	$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
 	if(!$post_id) {
 		$errors[] = 'Please enter post id.';
@@ -42,12 +41,12 @@ if(Forum::canPost($account_logged)) {
 			$char_id = $post_topic = $text = $smile = $html = null;
 			$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 			$saved = false;
-			if(isset($_POST['save'])) {
+			if(isset($_REQUEST['save'])) {
-				$text = stripslashes(trim($_POST['text']));
+				$text = stripslashes(trim($_REQUEST['text']));
-				$char_id = (int) $_POST['char_id'];
+				$char_id = (int) $_REQUEST['char_id'];
-				$post_topic = stripslashes(trim($_POST['topic']));
+				$post_topic = stripslashes(trim($_REQUEST['topic']));
-				$smile = isset($_POST['smile']) ? (int)$_POST['smile'] : 0;
+				$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
-				$html = isset($_POST['html']) ? (int)$_POST['html'] : 0;
+				$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
 
 				if (!superAdmin()) {
 					$html = 0;

system/pages/forum/move_thread.php

@@ -23,17 +23,15 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 if(!Forum::isModerator()) {
 	echo 'You are not logged in or you are not moderator.';
 	return;
 }
 
-$save = isset($_POST['save']) && (int)$_POST['save'] == 1;
+$save = isset($_REQUEST['save']) && (int)$_REQUEST['save'] == 1;
 if($save) {
-	$post_id = (int)$_POST['id'];
+	$post_id = (int)$_REQUEST['id'];
-	$board = (int)$_POST['section'];
+	$board = (int)$_REQUEST['section'];
 	if(!Forum::hasAccess($board)) {
 		$errors[] = "You don't have access to this board.";
 		displayErrorBoxWithBackButton($errors, getLink('forum'));

system/pages/forum/new_post.php

@@ -28,8 +28,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 	$thread_id = isset($_REQUEST['thread_id']) ? (int) $_REQUEST['thread_id'] : 0;
@@ -45,11 +43,11 @@ if(Forum::canPost($account_logged)) {
 		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
 
 		$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
-		$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;
+		$text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL;
-		$char_id = (int) ($_POST['char_id'] ?? 0);
+		$char_id = (int) ($_REQUEST['char_id'] ?? 0);
-		$post_topic = isset($_POST['topic']) ? stripslashes(trim($_POST['topic'])) : '';
+		$post_topic = isset($_REQUEST['topic']) ? stripslashes(trim($_REQUEST['topic'])) : '';
-		$smile = (int)($_POST['smile'] ?? 0);
+		$smile = (int)($_REQUEST['smile'] ?? 0);
-		$html = (int)($_POST['html'] ?? 0);
+		$html = (int)($_REQUEST['html'] ?? 0);
 		$saved = false;
 
 		if (!superAdmin()) {
@@ -62,10 +60,10 @@ if(Forum::canPost($account_logged)) {
 				$text = '[i]Originally posted by ' . $quoted_post[0]['name'] . ' on ' . date('d.m.y H:i:s', $quoted_post[0]['post_date']) . ':[/i][quote]' . $quoted_post[0]['post_text'] . '[/quote]';
 			}
 		}
-		elseif(isset($_POST['save'])) {
+		elseif(isset($_REQUEST['save'])) {
 			$length = strlen($text);
 			if($length < 1 || strlen($text) > 15000) {
-				$errors[] = "Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.";
+				$errors[] = 'Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.';
 			}
 
 			if($char_id == 0) {
@@ -81,14 +79,15 @@ if(Forum::canPost($account_logged)) {
 				}
 
 				if(!$player_on_account) {
-					$errors[] = "Player with selected ID $char_id doesn't exist or isn't on your account";
+					$errors[] = 'Player with selected ID ' . $char_id . ' doesn\'t exist or isn\'t on your account';
 				}
 			}
 
 			if(count($errors) == 0) {
 				$last_post = 0;
 				$query = $db->query('SELECT post_date FROM ' . FORUM_TABLE_PREFIX . 'forum ORDER BY post_date DESC LIMIT 1');
-				if($query->rowCount() > 0) {
+				if($query->rowCount() > 0)
+				{
 					$query = $query->fetch();
 					$last_post = $query['post_date'];
 				}

system/pages/forum/new_thread.php

@@ -28,8 +28,6 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
 	$section_id = $_REQUEST['section_id'] ?? null;
@@ -40,18 +38,19 @@ if(Forum::canPost($account_logged)) {
 			if ($sections[$section_id]['closed'] && !Forum::isModerator())
 				$errors[] = 'You cannot create topic on this board.';
 
-			$text = isset($_POST['text']) ? stripslashes($_POST['text']) : '';
+			$quote = (int)(isset($_REQUEST['quote']) ? $_REQUEST['quote'] : 0);
-			$char_id = (int)(isset($_POST['char_id']) ? $_POST['char_id'] : 0);
+			$text = isset($_REQUEST['text']) ? stripslashes($_REQUEST['text']) : '';
-			$post_topic = isset($_POST['topic']) ? stripslashes($_POST['topic']) : '';
+			$char_id = (int)(isset($_REQUEST['char_id']) ? $_REQUEST['char_id'] : 0);
-			$smile = (isset($_POST['smile']) ? (int)$_POST['smile'] : 0);
+			$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
-			$html = (isset($_POST['html']) ? (int)$_POST['html'] : 0);
+			$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
+			$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
 
 			if (!superAdmin()) {
 				$html = 0;
 			}
 
 			$saved = false;
-			if (isset($_POST['save'])) {
+			if (isset($_REQUEST['save'])) {
 				$length = strlen($post_topic);
 				if ($length < 1 || $length > 60) {
 					$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";

system/pages/forum/remove_post.php

@@ -23,13 +23,11 @@ if(!$logged) {
 	return;
 }
 
-csrfProtect();
-
 if(Forum::isModerator()) {
-	$id = (int) ($_POST['id'] ?? 0);
+	$id = (int) $_REQUEST['id'];
 	$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();
 
-	if($post && $post['id'] == $id && Forum::hasAccess($post['section'])) {
+	if($post['id'] == $id && Forum::hasAccess($post['section'])) {
 		if($post['id'] == $post['first_post']) {
 			$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `first_post` = ".$post['id']);
 			header('Location: ' . getForumBoardLink($post['section']));
@@ -38,7 +36,7 @@ if(Forum::isModerator()) {
 			$post_page = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`id` < ".$id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $post['first_post'])->fetch();
 			$_page = (int) ceil($post_page['posts_count'] / setting('core.forum_threads_per_page')) - 1;
 			$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post['id']);
-			header('Location: ' . getForumThreadLink($post['first_post'], $_page));
+			header('Location: ' . getForumThreadLink($post['first_post'], (int) $_page));
 		}
 	}
 	else {

system/pages/forum/show_board.php

@@ -33,7 +33,7 @@ if(!Forum::hasAccess($section_id)) {
 	return;
 }
 
-$_page = (int) ($_REQUEST['page'] ?? 0);
+$_page = (int) (isset($_REQUEST['page']) ? $_REQUEST['page'] : 0);
 $threads_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS threads_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id`")->fetch();
 for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_per_page'); $i++) {
 	if($i != $_page)
@@ -50,7 +50,7 @@ if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 }
 
 echo '<br /><br />Page: '.$links_to_pages.'<br />';
-$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll(PDO::FETCH_ASSOC);
+$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll();
 
 if(isset($last_threads[0])) {
 	echo '<table width="100%">
@@ -67,8 +67,8 @@ if(isset($last_threads[0])) {
 	foreach($last_threads as $thread) {
 		echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
 		if(Forum::isModerator()) {
-			echo '<a href="' . getLink('forum') . '?action=move_thread&id=' . $thread['id'] . '" title="Move Thread"><img src="images/icons/arrow_right.gif"/></a>';
+			echo '<a href="' . getLink('forum') . '?action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
-			$twig->display('forum.remove_post.html.twig', ['post' => $thread]);
+			echo '<a href="' . getLink('forum') . '?action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.htmlspecialchars($thread['post_topic']).' <?\')"><span style="color: red">[REMOVE]</span></a>  ';
 		}
 
 		$player->load($thread['player_id']);
@@ -82,13 +82,10 @@ if(isset($last_threads[0])) {
 		echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']). '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
 		if($thread['last_post'] > 0) {
 			$last_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
-
+			if(isset($last_post['name']))
-			if(isset($last_post['name'])) {
+				echo date('d.m.y H:i:s', $last_post['post_date']).'<br />by ' . getPlayerLink($last_post['name']);
-				echo date('d.m.y H:i:s', $last_post['post_date']) . '<br />by ' . getPlayerLink($last_post['name']);
+			else
-			}
-			else {
 				echo 'No posts.';
-			}
 		}
 		else {
 			echo date('d.m.y H:i:s', $thread['post_date']) . '<br />by ' . getPlayerLink($thread['name']);

system/pages/forum/show_thread.php

@@ -35,7 +35,7 @@ if(!Forum::hasAccess($thread_starter['section'])) {
 	return;
 }
 
-$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id)->fetch();
+$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id)->fetch();
 for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_page'); $i++) {
 	if($i != $_page)
 		$links_to_pages .= '<a href="' . getForumThreadLink($thread_id, $i) . '">'.($i + 1).'</a> ';
@@ -46,7 +46,7 @@ for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_p
 $posts = $db->query("SELECT `players`.`id` as `player_id`, `" . FORUM_TABLE_PREFIX . "forum`.`id`,`" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`section`,`" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` AS `date`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`post_html`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`last_edit_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`post_date` LIMIT " . setting('core.forum_posts_per_page') . " OFFSET ".($_page * setting('core.forum_posts_per_page')))->fetchAll();
 
 if(isset($posts[0]['player_id'])) {
-	$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = " . $thread_id);
+	$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
 }
 
 $lookaddons = $db->hasColumn('players', 'lookaddons');

system/pages/guilds/accept_invite.php

@@ -12,11 +12,11 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 require __DIR__ . '/base.php';
 
-// set rights in guild
+//set rights in guild
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
 if(!$logged) {
-	$errors[] = "You are not logged in. You can't accept invitations.";
+	$errors[] = 'You are not logged in. You can\'t accept invitations.';
 }
 
 if(!Validator::guildName($guild_name)) {
@@ -27,11 +27,11 @@ if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
+		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 	}
 }
 
-if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 	if(!Validator::characterName($name)) {
 		$errors[] = 'Invalid name format.';
 	}
@@ -51,7 +51,7 @@ if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 	}
 }
 
-if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 	if(empty($errors)) {
 		$is_invited = false;
 		include(SYSTEM . 'libs/pot/InvitesDriver.php');
@@ -104,7 +104,7 @@ if(!empty($errors)) {
 	));
 }
 else {
-	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		$guild->acceptInvite($player);
 		$twig->display('success.html.twig', array(
 			'title' => 'Accept invitation',

system/pages/guilds/add_rank.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
 
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-$rank_name = $_POST['rank_name'] ?? null;
+$rank_name = isset($_REQUEST['rank_name']) ? $_REQUEST['rank_name'] : null;
 if(!Validator::guildName($guild_name)) {
 	$errors[] = Validator::getLastError();
 }
@@ -35,7 +35,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
 				$guild_vice = true;

system/pages/guilds/base.php

@@ -15,5 +15,3 @@ else
 	define('GUILD_MEMBERS_TABLE', 'guild_membership');
 
 define('MOTD_EXISTS', $db->hasColumn('guilds', 'motd'));
-
-csrfProtect();

system/pages/guilds/change_description.php

@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -42,8 +42,8 @@ if(empty($errors)) {
 
 		$saved = false;
 		if($guild_leader) {
-			if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+			if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
-				$description = htmlspecialchars(stripslashes(substr(trim($_POST['description']),0, setting('core.guild_description_chars_limit'))));
+				$description = htmlspecialchars(stripslashes(substr(trim($_REQUEST['description']),0, setting('core.guild_description_chars_limit'))));
 				$guild->setCustomField('description', $description);
 				$saved = true;
 			}

system/pages/guilds/change_logo.php

@@ -30,7 +30,7 @@ if(empty($errors)) {
 	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
@@ -40,13 +40,14 @@ if(empty($errors)) {
 			}
 		}
 
-		if($guild_leader) {
+		if($guild_leader)
+		{
 			$max_image_size_b = setting('core.guild_image_size_kb') * 1024;
 			$allowed_ext = array('image/gif', 'image/jpg', 'image/pjpeg', 'image/jpeg', 'image/bmp', 'image/png', 'image/x-png');
 			$ext_name = array('image/gif' => 'gif', 'image/jpg' => 'jpg', 'image/jpeg' => 'jpg', 'image/pjpeg' => 'jpg', 'image/bmp' => 'bmp', 'image/png' => 'png', 'image/x-png' => 'png');
 			$save_file_name = str_replace(' ', '_', strtolower($guild->getName()));
 			$save_path = GUILD_IMAGES_DIR . $save_file_name;
-			if(isset($_POST['todo']) && $_POST['todo'] == 'save')
+			if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
 			{
 				$file = $_FILES['newlogo'];
 				if(is_uploaded_file($file['tmp_name']))
@@ -96,13 +97,13 @@ if(empty($errors)) {
 
 			$guild_logo = $guild->getCustomField('logo_name');
 			if(empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
-				$guild_logo = 'default.gif';
+				$guild_logo = "default.gif";
 			}
 
 			$twig->display('guilds.change_logo.html.twig', array(
 				'guild_logo' => $guild_logo,
 				'guild' => $guild,
-				//'max_image_size_b' => $max_image_size_b
+				'max_image_size_b' => $max_image_size_b
 			));
 
 		}

system/pages/guilds/change_motd.php

@@ -34,7 +34,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -45,8 +45,8 @@ if(empty($errors)) {
 
 		$saved = false;
 		if($guild_leader) {
-			if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+			if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
-				$motd = htmlspecialchars(stripslashes(substr($_POST['motd'],0, setting('core.guild_motd_chars_limit'))));
+				$motd = htmlspecialchars(stripslashes(substr($_REQUEST['motd'],0, setting('core.guild_motd_chars_limit'))));
 				$guild->setCustomField('motd', $motd);
 				$saved = true;
 			}

system/pages/guilds/change_nick.php

@@ -20,15 +20,17 @@ if(!$logged) {
 }
 
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
-$new_nick = isset($_POST['nick']) ? stripslashes($_POST['nick']) : null;
+$new_nick = isset($_REQUEST['nick']) ? stripslashes($_REQUEST['nick']) : null;
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 
 if(!$name) {
 	$errors[] = 'Please enter new name.';
+	return;
 }
 
 if(!$new_nick) {
 	$errors[] = 'Please enter new nick.';
+	return;
 }
 
 if(empty($errors))

system/pages/guilds/change_rank.php

@@ -17,9 +17,8 @@ if(!$logged) {
 }
 else {
 	$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-	if(!Validator::guildName($guild_name)) {
+	if(!Validator::guildName($guild_name))
 		$errors[] = Validator::getLastError();
-	}
 }
 
 if(empty($errors))
@@ -43,7 +42,7 @@ $rank_list = $guild->getGuildRanksList();
 $rank_list->orderBy('level', POT::ORDER_DESC);
 $guild_leader = false;
 $guild_vice = false;
-$account_players = $account_logged->getPlayersList();
+$account_players = $account_logged->getPlayers();
 foreach($account_players as $player)
 {
 	$player_rank = $player->getRank();
@@ -66,23 +65,22 @@ foreach($account_players as $player)
 	}
 }
 
-if($guild_vice) {
+if($guild_vice)
-	if(isset($_POST['todo']) && $_POST['todo'] === 'save') {
+{
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] === 'save')
+	{
 		$player_name = stripslashes($_REQUEST['name']);
-		$new_rank = (int) $_POST['rankid'];
+		$new_rank = (int) $_REQUEST['rankid'];
-
+		if(!Validator::characterName($player_name))
-		if(!Validator::characterName($player_name)) {
 			$errors[] = 'Invalid player name format.';
-		}
-
 		$rank = new OTS_GuildRank();
 		$rank->load($new_rank);
 		if(!$rank->isLoaded())
 			$errors[] = "Rank with this ID doesn't exist.";
 		if($level_in_guild <= $rank->getLevel() && !$guild_leader)
 			$errors[] = "You can't set ranks with equal or higher level than your.";
-
+		if(empty($errors))
-		if(empty($errors)) {
+		{
 			$player_to_change = new OTS_Player();
 			$player_to_change->find($player_name);
 			if(!$player_to_change->isLoaded())
@@ -110,7 +108,8 @@ if($guild_vice) {
 				$errors[] = 'This player has higher rank in guild than you. You can\'t change his/her rank.';
 		}
 
-		if(empty($errors)) {
+		if(empty($errors))
+		{
 			$player_to_change->setRank($rank);
 			$twig->display('success.html.twig', array(
 				'title' => 'Rank Changed',
@@ -126,7 +125,7 @@ if($guild_vice) {
 	$result = getPlayersWithLowerRank($rank_list, $guild_leader, $db, $level_in_guild, $guild);
 
 	$twig->display('guilds.change_rank.html.twig', array(
-		'players' => $result['players'] ?? [],
+		'players' => isset($result['players']) ? $result['players'] : array(),
 		'guild_name' => $guild->getName(),
 		'ranks' => $result['ranks']
 	));

system/pages/guilds/cleanup_players.php

@@ -12,27 +12,33 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 require __DIR__ . '/base.php';
 
-if(!$logged) {
+if(!$logged)
+{
 	echo "You are not logged in.";
 	$twig->display('guilds.back_button.html.twig');
 	return;
 }
 
-if(admin()) {
+if(admin())
+{
 	$players_list = new OTS_Players_List();
 	$players_list->init();
 }
-else {
+else
 	$players_list = $account_logged->getPlayersList();
-}
 
-if(count($players_list) > 0) {
+if(count($players_list) > 0)
-	foreach($players_list as $player) {
+{
+	foreach($players_list as $player)
+	{
 		$player_rank = $player->getRank();
-		if($player_rank->isLoaded()) {
+		if($player_rank->isLoaded())
-			if($player_rank->isLoaded()) {
+		{
+			if($player_rank->isLoaded())
+			{
 				$rank_guild = $player_rank->getGuild();
-				if(!$rank_guild->isLoaded()) {
+				if(!$rank_guild->isLoaded())
+				{
 					$player->setRank();
 					$player->setGuildNick('');
 					$changed_ranks_of[] = $player->getName();
@@ -40,7 +46,8 @@ if(count($players_list) > 0) {
 					$player_rank->delete();
 				}
 			}
-			else {
+			else
+			{
 				$player->setRank();
 				$player->setGuildNick('');
 				$changed_ranks_of[] = $player->getName();
@@ -48,20 +55,14 @@ if(count($players_list) > 0) {
 
 		}
 	}
-
 	echo "<b>Deleted ranks (this ranks guilds doesn't exist [bug fix]):</b>";
-	if(!empty($deleted_ranks)) {
+	if(!empty($deleted_ranks))
-		foreach ($deleted_ranks as $rank) {
+		foreach($deleted_ranks as $rank)
-			echo "<li>" . $rank;
+			echo "<li>".$rank;
-		}
-	}
 	echo "<BR /><BR /><b>Changed ranks of players (rank or guild of rank doesn't exist [bug fix]):</b>";
-
+	if(!empty($changed_ranks_of))
-	if(!empty($changed_ranks_of)) {
+		foreach($changed_ranks_of as $name)
-		foreach ($changed_ranks_of as $name) {
+			echo "<li>".$name;
-			echo "<li>" . $name;
-		}
-	}
 }
 else
 	echo "0 players found.";

system/pages/guilds/create.php

@@ -14,15 +14,15 @@ use MyAAC\Models\GuildRank;
 
 require __DIR__ . '/base.php';
 
-$guild_name = isset($_POST['guild']) ? urldecode($_POST['guild']) : NULL;
+$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
-$name = isset($_POST['name']) ? stripslashes($_POST['name']) : NULL;
+$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : NULL;
-$todo = isset($_POST['todo']) ? $_POST['todo'] : NULL;
+$todo = isset($_REQUEST['todo']) ? $_REQUEST['todo'] : NULL;
 if(!$logged) {
-	$errors[] = 'You are not logged in. You can\'t create guild.';
+	$guild_errors[] = 'You are not logged in. You can\'t create guild.';
 }
 
 $array_of_player_nig = array();
-if(empty($errors))
+if(empty($guild_errors))
 {
 	$account_players = $account_logged->getPlayersList(false);
 	foreach($account_players as $player)
@@ -41,44 +41,45 @@ if(empty($errors))
 
 if(empty($todo)) {
 	if(count($array_of_player_nig) == 0) {
-		$errors[] = 'On your account all characters are in guilds, have too low level to create new guild' . (setting('core.guild_need_premium') ? ' or you don\' have a premium account' : '') . '.';
+		$guild_errors[] = 'On your account all characters are in guilds, have too low level to create new guild' . (setting('core.guild_need_premium') ? ' or you don\' have a premium account' : '') . '.';
 	}
 }
 
 if($todo == 'save')
 {
 	if(!Validator::guildName($guild_name)) {
-		$errors[] = Validator::getLastError();
+		$guild_errors[] = Validator::getLastError();
 		$guild_name = '';
 	}
 
 	if(!Validator::characterName($name)) {
-		$errors[] = 'Invalid character name format.';
+		$guild_errors[] = 'Invalid character name format.';
 		$name = '';
 	}
 
-	if(empty($errors)) {
+	if(empty($guild_errors)) {
 		$player = new OTS_Player();
 		$player->find($name);
 		if(!$player->isLoaded()) {
-			$errors[] = 'Character <b>'.$name.'</b> doesn\'t exist.';
+			$guild_errors[] = 'Character <b>'.$name.'</b> doesn\'t exist.';
 		}
 	}
 
-	if(empty($errors))
+
+	if(empty($guild_errors))
 	{
 		$guild = new OTS_Guild();
 		$guild->find($guild_name);
 		if($guild->isLoaded()) {
-			$errors[] = 'Guild <b>'.$guild_name.'</b> already exist. Select other name.';
+			$guild_errors[] = 'Guild <b>'.$guild_name.'</b> already exist. Select other name.';
 		}
 	}
 
-	if(empty($errors) && $player->isDeleted()) {
+	if(empty($guild_errors) && $player->isDeleted()) {
-		$errors[] = "Character <b>$name</b> has been deleted.";
+		$guild_errors[] = "Character <b>$name</b> has been deleted.";
 	}
 
-	if(empty($errors))
+	if(empty($guild_errors))
 	{
 		$bad_char = true;
 		foreach($array_of_player_nig as $nick_from_list) {
@@ -87,22 +88,22 @@ if($todo == 'save')
 			}
 		}
 		if($bad_char) {
-			$errors[] = 'Character <b>'.$name.'</b> isn\'t on your account or is already in guild.';
+			$guild_errors[] = 'Character <b>'.$name.'</b> isn\'t on your account or is already in guild.';
 		}
 	}
 
-	if(empty($errors)) {
+	if(empty($guild_errors)) {
 		if($player->getLevel() < setting('core.guild_need_level')) {
-			$errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
+			$guild_errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
 		}
 		if(setting('core.guild_need_premium') && !$account_logged->isPremium()) {
-			$errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
+			$guild_errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
 		}
 	}
 }
 
-if(!empty($errors)) {
+if(!empty($guild_errors)) {
-	$twig->display('error_box.html.twig', array('errors' => $errors));
+	$twig->display('error_box.html.twig', array('errors' => $guild_errors));
 	unset($todo);
 }
 

system/pages/guilds/delete_by_admin.php

@@ -45,10 +45,7 @@ if(empty($errors)) {
 				$twig->display('success.html.twig', array(
 					'title' => 'Delete Guild',
 					'description' => 'Are you sure you want delete guild <b>' . $guild_name . '</b>?<br/>
-				<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post">
+				<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post"><input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete"></form>',
-					' . csrf(true) . '
-					<input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete">
-				</form>',
 					'custom_buttons' => $twig->render('guilds.back_button.html.twig')
 				));
 			}

system/pages/guilds/delete_guild.php

@@ -21,7 +21,7 @@ if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
+		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 	}
 }
 
@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {

system/pages/guilds/delete_invite.php

@@ -15,43 +15,47 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = stripslashes($_REQUEST['name']);
 
-if(!$logged) {
+if(!$logged)
 	$errors[] = 'You are not logged in. You can\'t delete invitations.';
-}
 
-if(!Validator::guildName($guild_name)) {
+if(!Validator::guildName($guild_name))
 	$errors[] = Validator::getLastError();
-}
 
-if(!Validator::characterName($name)) {
+if(!Validator::characterName($name))
 	$errors[] = 'Invalid name format.';
-}
 
-if(empty($errors)) {
+if(empty($errors))
+{
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded())
 		$errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
 }
 
-if(empty($errors)) {
+if(empty($errors))
+{
 	$rank_list = $guild->getGuildRanksList();
 	$rank_list->orderBy('level', POT::ORDER_DESC);
 	$guild_leader = false;
 	$guild_vice = false;
-	$account_players = $account_logged->getPlayersList();
+	$account_players = $account_logged->getPlayers();
-	foreach($account_players as $player) {
+	foreach($account_players as $player)
+	{
 		$player_rank = $player->getRank();
-		if($player_rank->isLoaded()) {
+		if($player_rank->isLoaded())
-			foreach($rank_list as $rank_in_guild) {
+		{
-				if($rank_in_guild->getId() == $player_rank->getId()) {
+			foreach($rank_list as $rank_in_guild)
+			{
+				if($rank_in_guild->getId() == $player_rank->getId())
+				{
 					$players_from_account_in_guild[] = $player->getName();
-					if($player_rank->getLevel() > 1) {
+					if($player_rank->getLevel() > 1)
+					{
 						$guild_vice = true;
 						$level_in_guild = $player_rank->getLevel();
 					}
-
+					if($guild->getOwner()->getId() == $player->getId())
-					if($guild->getOwner()->getId() == $player->getId()) {
+					{
 						$guild_vice = true;
 						$guild_leader = true;
 					}
@@ -60,46 +64,44 @@ if(empty($errors)) {
 		}
 	}
 
-	if(!$guild_vice) {
+	if(!$guild_vice)
 		$errors[] = 'You are not a leader or vice leader of guild <b>' . $guild_name . '</b>.';
-	}
 }
-
+if(empty($errors))
-if(empty($errors)) {
+{
 	$player = new OTS_Player();
 	$player->find($name);
-	if(!$player->isLoaded()) {
+	if(!$player->isLoaded())
-		$errors[] = "Player with name <b>$name</b> doesn't exist.";
+		$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
-	}
 }
 
-if(empty($errors)) {
+if(empty($errors))
+{
 	include(SYSTEM . 'libs/pot/InvitesDriver.php');
 	new InvitesDriver($guild);
 	$invited_list = $guild->listInvites();
-	if(count($invited_list) > 0) {
+	if(count($invited_list) > 0)
+	{
 		$is_invited = false;
-		foreach($invited_list as $invited) {
+		foreach($invited_list as $invited)
-			if ($invited->getName() == $player->getName()) {
+			if($invited->getName() == $player->getName())
 				$is_invited = true;
-			}
+		if(!$is_invited)
-		}
+			$errors[] = '<b>'.$player->getName().'</b> isn\'t invited to your guild.';
-		if(!$is_invited) {
-			$errors[] = '<b>' . $player->getName() . '</b> isn\'t invited to your guild.';
-		}
 	}
-	else {
+	else
 		$errors[] = 'No one is invited to your guild.';
-	}
 }
-
+if(!empty($errors))
-if(!empty($errors)) {
+{
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 
 	$twig->display('guilds.back_button.html.twig', array('action' => getLink('guilds') . '?action=show&guild=' . $guild_name));
 }
-else {
+else
-	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+{
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
+	{
 		$guild->deleteInvite($player);
 		$twig->display('success.html.twig', array(
 			'title' => 'Deleted player invitation',

system/pages/guilds/delete_rank.php

@@ -13,27 +13,25 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
 
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-$rank_to_delete = isset($_POST['rankid']) ? (int) $_POST['rankid'] : null;
+$rank_to_delete = isset($_REQUEST['rankid']) ? (int) $_REQUEST['rankid'] : null;
 
 if(!Validator::guildName($guild_name)) {
-	$errors[] = Validator::getLastError();
+	$guild_errors[] = Validator::getLastError();
 }
-
+if(empty($guild_errors)) {
-if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
+		$guild_errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 	}
 }
-
+if(empty($guild_errors)) {
-if(empty($errors)) {
 	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player) {
 			if($guild->getOwner()->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -41,21 +39,21 @@ if(empty($errors)) {
 				$level_in_guild = 3;
 			}
 		}
-
 		if($guild_leader) {
 			$rank = new OTS_GuildRank();
 			$rank->load($rank_to_delete);
 			if(!$rank->isLoaded()) {
-				$errors2[] = 'Rank with ID '.$rank_to_delete.' doesn\'t exist.';
+				$guild_errors2[] = 'Rank with ID '.$rank_to_delete.' doesn\'t exist.';
 			}
-			else {
+			else
+			{
 				if($rank->getGuild()->getId() != $guild->getId()) {
-					$errors2[] = 'Rank with ID '.$rank_to_delete.' isn\'t from your guild.';
+					$guild_errors2[] = 'Rank with ID '.$rank_to_delete.' isn\'t from your guild.';
 				}
 				else
 				{
 					if(count($rank_list) < 2) {
-						$errors2[] = 'You have only 1 rank in your guild. You can\'t delete this rank.';
+						$guild_errors2[] = 'You have only 1 rank in your guild. You can\'t delete this rank.';
 					}
 					else
 					{
@@ -89,21 +87,19 @@ if(empty($errors)) {
 									$player->setRank($new_rank);
 							}
 						}
-
 						$rank->delete();
 						$saved = true;
 					}
 				}
 			}
-
+			if($saved) {
-			if(isset($saved) && $saved) {
 				$twig->display('success.html.twig', array(
 					'title' => 'Rank Deleted',
 					'description' => 'Rank <b>'.$rank->getName().'</b> has been deleted. Players with this rank has now other rank.',
 					'custom_buttons' => ''
 				));
 			} else {
-				$twig->display('error_box.html.twig', array('errors' => $errors2));
+				$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
 			}
 
 			$twig->display('guilds.back_button.html.twig', array(
@@ -111,16 +107,18 @@ if(empty($errors)) {
 				'action' => getLink('guilds') . '?guild='.$guild->getName().'&action=manager'
 			));
 		}
-		else {
+		else
-			$errors[] = 'You are not a leader of guild!';
+		{
+			$guild_errors[] = 'You are not a leader of guild!';
 		}
 	}
-	else {
+	else
-		$errors[] = 'You are not logged. You can\'t manage guild.';
+	{
+		$guild_errors[] = 'You are not logged. You can\'t manage guild.';
 	}
 }
-if(!empty($errors)) {
+if(!empty($guild_errors)) {
-	$twig->display('error_box.html.twig', array('errors' => $errors));
+	$twig->display('error_box.html.twig', array('errors' => $guild_errors));
 
 	$twig->display('guilds.back_button.html.twig', array(
 		'new_line' => true,

system/pages/guilds/invite.php

@@ -36,7 +36,7 @@ if(empty($errors)) {
 	$rank_list->orderBy('level', POT::ORDER_DESC);
 	$guild_leader = false;
 	$guild_vice = false;
-	$account_players = $account_logged->getPlayersList();
+	$account_players = $account_logged->getPlayers();
 	foreach($account_players as $player) {
 		$player_rank = $player->getRank();
 		if($player_rank->isLoaded()) {
@@ -62,7 +62,7 @@ if(!$guild_vice) {
 	$errors[] = 'You are not a leader or vice leader of guild <b>'.$guild_name.'</b>.'.$level_in_guild;
 }
 
-if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 	if(!Validator::characterName($name)) {
 		$errors[] = 'Invalid name format.';
 	}
@@ -71,7 +71,7 @@ if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		$player = new OTS_Player();
 		$player->find($name);
 		if(!$player->isLoaded()) {
-			$errors[] = "Player with name <b>$name</b> doesn't exist.";
+			$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
 		} else if ($player->isDeleted()) {
 			$errors[] = "Character with name <b>$name</b> has been deleted.";
 		}
@@ -102,7 +102,7 @@ if(!empty($errors)) {
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 }
 else {
-	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		$guild->invite($player);
 		$twig->display('success.html.twig', array(
 			'title' => 'Invite player',

system/pages/guilds/kick_player.php

@@ -41,7 +41,7 @@ if(empty($errors)) {
 	$rank_list->orderBy('level', POT::ORDER_DESC);
 	$guild_leader = false;
 	$guild_vice = false;
-	$account_players = $account_logged->getPlayersList();
+	$account_players = $account_logged->getPlayers();
 	foreach($account_players as $player) {
 		$player_rank = $player->getRank();
 		if($player_rank->isLoaded()) {
@@ -102,7 +102,7 @@ if(!empty($errors)) {
 }
 else
 {
-	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		$player->setRank();
 
 		$twig->display('success.html.twig', array(

system/pages/guilds/leave.php

@@ -34,7 +34,7 @@ if(empty($errors)) {
 $array_of_player_ig = array();
 if(empty($errors)) {
 	$guild_owner_name = $guild->getOwner()->getName();
-	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		if(!Validator::characterName($name)) {
 			$errors[] = 'Invalid name format.';
 		}
@@ -72,7 +72,7 @@ if(empty($errors)) {
 	}
 	else
 	{
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player_fac) {
 			$player_rank = $player_fac->getRank();
 			if($player_rank->isLoaded()) {
@@ -94,7 +94,7 @@ if(!empty($errors)) {
 }
 else
 {
-	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
+	if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
 		$player->setRank();
 		$twig->display('success.html.twig', array(
 			'title' => 'Leave guild',

system/pages/guilds/list.php

@@ -14,24 +14,23 @@ defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/base.php';
 
 $guilds_list = new OTS_Guilds_List();
-$guilds_list->orderBy('name');
+$guilds_list->orderBy("name");
 
 $guilds = array();
-if(count($guilds_list) > 0) {
+if(count($guilds_list) > 0)
+{
 	/**
 	 * @var OTS_Guild $guild
 	 */
 	foreach ($guilds_list as $guild) {
 		$guild_logo = $guild->getCustomField('logo_name');
-		if (empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
+		if (empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo))
-			$guild_logo = 'default.gif';
+			$guild_logo = "default.gif";
-		}
 
 		$description = $guild->getCustomField('description');
 		$description_with_lines = str_replace(array("\r\n", "\n", "\r"), '<br />', $description, $count);
-		if ($count < setting('core.guild_description_lines_limit')) {
+		if ($count < setting('core.guild_description_lines_limit'))
 			$description = nl2br($description);
-		}
 
 		$guildName = $guild->getName();
 		$guilds[] = array('name' => $guildName, 'logo' => $guild_logo, 'link' => getGuildLink($guildName, false), 'description' => $description);
@@ -40,6 +39,6 @@ if(count($guilds_list) > 0) {
 
 $twig->display('guilds.list.html.twig', array(
 	'guilds' => $guilds,
-	'logged' => $logged ?? false,
+	'logged' => isset($logged) ? $logged : false,
 	'isAdmin' => admin(),
 ));

system/pages/guilds/manager.php

@@ -21,7 +21,7 @@ if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
+		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 	}
 }
 
@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -39,22 +39,22 @@ if(empty($errors)) {
 				$level_in_guild = 3;
 			}
 		}
-
 		if($guild_leader) {
 			$twig->display('guilds.manager.html.twig', array(
 				'guild' => $guild,
 				'rank_list' => $rank_list
 			));
 		}
-		else {
+		else
+		{
 			$errors[] = 'You are not a leader of guild!';
 		}
 	}
-	else {
+	else
-		$errors[] = "You are not logged. You can't manage guild.";
+	{
+		$errors[] = 'You are not logged. You can\'t manage guild.';
 	}
 }
-
 if(!empty($errors)) {
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 }

system/pages/guilds/pass_leadership.php

@@ -15,52 +15,51 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
 $pass_to = isset($_REQUEST['player']) ? stripslashes($_REQUEST['player']) : NULL;
 if(!Validator::guildName($guild_name)) {
-	$errors[] = Validator::getLastError();
+	$guild_errors[] = Validator::getLastError();
 }
 
-if(empty($errors)) {
+if(empty($guild_errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded()) {
-		$errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
+		$guild_errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
 	}
 }
-
+if(empty($guild_errors)) {
-if(empty($errors)) {
 	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		if(!Validator::characterName($pass_to)) {
-			$errors2[] = 'Invalid player name format.';
+			$guild_errors2[] = 'Invalid player name format.';
 		}
 
-		if(empty($errors2)) {
+		if(empty($guild_errors2)) {
 			$to_player = new OTS_Player();
 			$to_player->find($pass_to);
 			if(!$to_player->isLoaded()) {
-				$errors2[] = 'Player with name <b>'.$pass_to.'</b> doesn\'t exist.';
+				$guild_errors2[] = 'Player with name <b>'.$pass_to.'</b> doesn\'t exist.';
 			} else if ($to_player->isDeleted()) {
-				$errors2[] = "Character with name <b>$pass_to</b> has been deleted.";
+				$guild_errors2[] = "Character with name <b>$pass_to</b> has been deleted.";
 			}
 
-			if(empty($errors2)) {
+			if(empty($guild_errors2)) {
 				$to_player_rank = $to_player->getRank();
 				if($to_player_rank->isLoaded()) {
 					$to_player_guild = $to_player_rank->getGuild();
 					if($to_player_guild->getId() != $guild->getId()) {
-						$errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
+						$guild_errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
 					}
 				}
 				else {
-					$errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
+					$guild_errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
 				}
 			}
 		}
 	}
 }
-if(empty($errors) && empty($errors2)) {
+if(empty($guild_errors) && empty($guild_errors2)) {
 	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
 				$guild_vice = true;
@@ -100,23 +99,23 @@ if(empty($errors) && empty($errors2)) {
 			}
 		}
 		else {
-			$errors[] = 'You are not a leader of guild!';
+			$guild_errors[] = 'You are not a leader of guild!';
 		}
 	}
 	else {
-		$errors[] = "You are not logged. You can't manage guild.";
+		$guild_errors[] = "You are not logged. You can't manage guild.";
 	}
 }
-if(empty($errors) && !empty($errors2)) {
+if(empty($guild_errors) && !empty($guild_errors2)) {
-	$twig->display('error_box.html.twig', array('errors' => $errors2));
+	$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
 
 	echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '?guild='.$guild->getName().'&action=pass_leadership" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
 }
-if(!empty($errors)) {
+if(!empty($guild_errors)) {
-	if(!empty($errors2)) {
+	if(!empty($guild_errors2)) {
-		$errors = array_merge($errors, $errors2);
+		$guild_errors = array_merge($guild_errors, $guild_errors2);
 	}
-	$twig->display('error_box.html.twig', array('errors' => $errors));
+	$twig->display('error_box.html.twig', array('errors' => $guild_errors));
 
 	echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
 }

system/pages/guilds/save_ranks.php

@@ -31,7 +31,7 @@ if(empty($errors)) {
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);
 		$guild_leader = false;
-		$account_players = $account_logged->getPlayersList();
+		$account_players = $account_logged->getPlayers();
 
 		foreach($account_players as $player) {
 			if($guild_leader_char->getId() == $player->getId()) {
@@ -61,7 +61,6 @@ if(empty($errors)) {
 
 				$rank->save();
 			}
-
 			//show errors or redirect
 			if(empty($errors)) {
 				header("Location: " . getLink('guilds') . "?action=manager&guild=".$guild->getName());
@@ -74,10 +73,10 @@ if(empty($errors)) {
 	}
 	else
 	{
-		$errors[] = "You are not logged. You can't manage guild.";
+		$errors[] = 'You are not logged. You can\'t manage guild.';
 	}
 }
 
 if(!empty($errors)) {
-	$twig->display('error_box.html.twig', ['errors' => $errors]);
+	$twig->display('error_box.html.twig', array('errors' => $errors));
 }

system/pages/guilds/show.php

@@ -16,18 +16,19 @@ $title = 'Guilds';
 require __DIR__ . '/base.php';
 
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
-if(!Validator::guildName($guild_name)) {
+if(!Validator::guildName($guild_name))
 	$errors[] = Validator::getLastError();
-}
 
-if(empty($errors)) {
+if(empty($errors))
+{
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
 	if(!$guild->isLoaded())
 		$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
 }
 
-if(!empty($errors)) {
+if(!empty($errors))
+{
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 	$twig->display('guilds.back_button.html.twig');
 	return;
@@ -46,8 +47,9 @@ $level_in_guild = 0;
 
 $players_from_account_in_guild = array();
 $players_from_account_ids = array();
-if($logged) {
+if($logged)
-	$account_players = $account_logged->getPlayersList();
+{
+	$account_players = $account_logged->getPlayers();
 	foreach($account_players as $player)
 	{
 		$players_from_account_ids[] = $player->getId();

system/pages/highscores.php

@@ -58,64 +58,57 @@ if($vocation !== 'all') {
 	}
 }
 
-$skill = POT::SKILL__LEVEL;
+$categories = [
-if(is_numeric($list))
+	'experience' => 'Experience',
-{
+	'magic' => 'Magic',
-	$list = (int) $list;
+	'shield' => 'Shielding',
-	if($list >= POT::SKILL_FIRST && $list <= POT::SKILL__LAST)
+	'distance' => 'Distance',
-		$skill = $list;
+	'club' => 'Club',
+	'sword' => 'Sword',
+	'axe' => 'Axe',
+	'fist' => 'Fist',
+	'fishing' => 'Fishing',
+];
+
+if(setting('core.highscores_frags')) {
+	$categories['frags'] = 'Frags';
 }
-else
-{
-	switch($list)
-	{
-		case 'fist':
-			$skill = POT::SKILL_FIST;
-			break;
 
-		case 'club':
+if(setting('core.highscores_balance'))
-			$skill = POT::SKILL_CLUB;
+	$categories['balance'] = 'Balance';
-			break;
 
-		case 'sword':
+$skill = POT::SKILL__LEVEL;
-			$skill = POT::SKILL_SWORD;
-			break;
 
-		case 'axe':
+$skillNameToId = [
-			$skill = POT::SKILL_AXE;
+	'fist' => POT::SKILL_FIST,
-			break;
+	'club' => POT::SKILL_CLUB,
+	'sword' => POT::SKILL_SWORD,
+	'axe' => POT::SKILL_AXE,
+	'distance' => POT::SKILL_DIST,
+	'shield' => POT::SKILL_SHIELD,
+	'fishing' => POT::SKILL_FISH,
+	'magic' => POT::SKILL__MAGLEVEL,
+];
 
-		case 'distance':
+if(setting('core.highscores_frags')) {
-			$skill = POT::SKILL_DIST;
+	$skillNameToId['frags'] = SKILL_FRAGS;
-			break;
+}
 
-		case 'shield':
+if(setting('core.highscores_balance')) {
-			$skill = POT::SKILL_SHIELD;
+	$skillNameToId['balance'] = SKILL_BALANCE;
-			break;
+}
 
-		case 'fishing':
+$skill = $skillNameToId[$list];
-			$skill = POT::SKILL_FISH;
-			break;
 
-		case 'level':
+$args = ['list' => $list, 'skill' => $skill, 'categories' => $categories];
-		case 'experience':
+$hooks->triggerFilter(HOOK_FILTER_HIGHSCORES_LIST, $args);
-			$skill = POT::SKILL_LEVEL;
-			break;
 
-		case 'magic':
+$list = $args['list'];
-			$skill = POT::SKILL__MAGLEVEL;
+$skill = $args['skill'];
-			break;
+$categories = $args['categories'];
 
-		case 'frags':
+if (!isset($categories[$list])) {
-			if(setting('core.highscores_frags'))
+	$skill = null;
-				$skill = SKILL_FRAGS;
-			break;
-
-		case 'balance':
-			if(setting('core.highscores_balance'))
-				$skill = SKILL_BALANCE;
-			break;
-	}
 }
 
 $promotion = '';
@@ -162,8 +155,18 @@ $query->join('accounts', 'accounts.id', '=', 'players.account_id')
 	->selectRaw('accounts.country, players.id, players.name, players.account_id, players.level, players.vocation' . $outfit . $promotion)
 	->orderByDesc('value');
 
+if ($skill == SKILL_FRAGS) {
+	$skillName = 'Frags';
+}
+else if($skill == SKILL_BALANCE) {
+	$skillName = 'Balance';
+}
+else {
+	$skillName = getSkillName($skill);
+}
+
 if (empty($highscores)) {
-	if ($skill >= POT::SKILL_FIRST && $skill <= POT::SKILL_LAST) { // skills
+	if ($skill && $skill >= POT::SKILL_FIRST && $skill <= POT::SKILL_LAST) { // skills
 		if ($db->hasColumn('players', 'skill_fist')) {// tfs 1.0
 			$skill_ids = array(
 				POT::SKILL_FIST => 'skill_fist',
@@ -193,20 +196,37 @@ if (empty($highscores)) {
 	{
 		$query
 			->addSelect('players.balance as value');
-	} else {
+	}
-		if ($skill == POT::SKILL__MAGLEVEL) {
+	else if ($skill == POT::SKILL__MAGLEVEL) {
-			$query
+		$query
-				->addSelect('players.maglevel as value', 'players.maglevel')
+			->addSelect('players.maglevel as value', 'players.maglevel')
-				->orderBy('manaspent');
+			->orderBy('manaspent');
-		} else { // level
+	} else if ($skill == POT::SKILL__LEVEL) {
-			$query
+		$query
-				->addSelect('players.level as value', 'players.experience')
+			->addSelect('players.level as value', 'players.experience')
-				->orderBy('experience');
+			->orderBy('experience', 'desc');
-			$list = 'experience';
+		$list = 'experience';
-		}
+	}
+	else if ($skill) {
+		$args = [
+			'list' => $list,
+			'skill' => $skill,
+			'skillName' => $skillName,
+			'query' => $query
+		];
+
+		$hooks->triggerFilter(HOOK_FILTER_HIGHSCORES, $args);
+
+		$list = $args['list'];
+		$skill = $args['skill'];
+		$skillName = $args['skillName'];
+		$query = $args['query'];
+	}
+	else {
+		$query = null;
 	}
 
-	$highscores = $query->get()->map(function($row) {
+	$highscores = ($query ? $query->get()->map(function($row) {
 		$tmp = $row->toArray();
 		$tmp['online'] = $row->online_status;
 		$tmp['vocation'] = $row->vocation_name;
@@ -214,7 +234,7 @@ if (empty($highscores)) {
 		unset($tmp['online_table']);
 
 		return $tmp;
-	})->toArray();
+	})->toArray() : []);
 }
 
 if ($highscoresTTL > 0 && $cache->enabled() && $needReCache) {
@@ -239,9 +259,11 @@ foreach($highscores as $id => &$player)
 
 		$player['link'] = getPlayerLink($player['name'], false);
 		$player['flag'] = getFlagImage($player['country']);
+
 		if($settingHighscoresOutfit) {
 			$player['outfit'] = '<img style="position:absolute;margin-top:' . (in_array($player['looktype'], setting('core.outfit_images_wrong_looktypes')) ? '-15px;margin-left:5px' : '-45px;margin-left:-25px') . ';" src="' . $player['outfit_url'] . '" alt="" />';
 		}
+
 		$player['rank'] = $offset + $i;
 	}
 	else {
@@ -263,24 +285,6 @@ if($show_link_to_next_page) {
 	$linkNextPage = getLink('highscores') . '/' . $list . ($vocation !== 'all' ? '/' . $vocation : '') . '/' . ($page + 1);
 }
 
-$types = array(
-	'experience' => 'Experience',
-	'magic' => 'Magic',
-	'shield' => 'Shielding',
-	'distance' => 'Distance',
-	'club' => 'Club',
-	'sword' => 'Sword',
-	'axe' => 'Axe',
-	'fist' => 'Fist',
-	'fishing' => 'Fishing',
-);
-
-if(setting('core.highscores_frags')) {
-	$types['frags'] = 'Frags';
-}
-if(setting('core.highscores_balance'))
-	$types['balance'] = 'Balance';
-
 if ($highscoresTTL > 0 && $cache->enabled()) {
 	echo '<small>*Note: Highscores are updated every' . ($highscoresTTL > 1 ? ' ' . $highscoresTTL : '') . ' minute' . ($highscoresTTL > 1 ? 's' : '') . '.</small><br/><br/>';
 }
@@ -290,11 +294,12 @@ $twig->display('highscores.html.twig', [
 	'highscores' => $highscores,
 	'list' => $list,
 	'skill' => $skill,
-	'skillName' => ($skill == SKILL_FRAGS ? 'Frags' : ($skill == SKILL_BALANCE ? 'Balance' : getSkillName($skill))),
+	'skillName' => $skillName,
 	'levelName' => ($skill != SKILL_FRAGS && $skill != SKILL_BALANCE ? 'Level' : ($skill == SKILL_BALANCE ? 'Balance' : 'Frags')),
 	'vocation' => $vocation !== 'all' ? $vocation :  null,
 	'vocationId' => $vocationId,
-	'types' => $types,
+	'categories' => $categories,
+	'types' => $categories, // leave for compatibility with outdated twigs
 	'linkPreviousPage' => $linkPreviousPage,
 	'linkNextPage' => $linkNextPage,
 ]);

system/router.php

@@ -129,14 +129,14 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 		return ($a[3] < $b[3]) ? -1 : 1;
 	});
 
-	$aliases = [
-		[':int', ':string', ':alphanum'],
-		[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
-	];
-
 	// remove duplicates
 	// if same route pattern, but different priority
-	$routesFinal = array_filter($routesFinal, function ($a) use ($aliases) {
+	$routesFinal = array_filter($routesFinal, function ($a) {
+		$aliases = [
+			[':int', ':string', ':alphanum'],
+			[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
+		];
+
 		// apply aliases
 		$a[1] = str_replace($aliases[0], $aliases[1], $a[1]);
 
@@ -171,15 +171,15 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 			$route[0] = array_map($toUpperCase, $route[0]);
 		}
 
+		$aliases = [
+			[':int', ':string', ':alphanum'],
+			[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
+		];
+
 		// apply aliases
 		$route[1] = str_replace($aliases[0], $aliases[1], $route[1]);
 
-		try {
+		$r->addRoute($route[0], $route[1], $route[2]);
-			$r->addRoute($route[0], $route[1], $route[2]);
-		}
-		catch (\Exception $e) {
-			// duplicated route, just ignore
-		}
 	}
 
 	if (config('env') === 'dev') {
@@ -252,7 +252,7 @@ else {
 
 				$success = false;
 				$tmp_content = getCustomPage($pageName, $success);
-				if ($success && $hooks->trigger(HOOK_BEFORE_PAGE_CUSTOM)) {
+				if ($success) {
 					$content .= $tmp_content;
 					if (hasFlag(FLAG_CONTENT_PAGES) || superAdmin()) {
 						$pageInfo = getCustomPageInfo($pageName);
@@ -260,8 +260,6 @@ else {
 							) . $content;
 					}
 
-					$hooks->trigger(HOOK_AFTER_PAGE_CUSTOM);
-
 					$page = $pageName;
 					$file = false;
 				}

system/routes.php

@@ -22,11 +22,11 @@ return [
 	['GET', 'account/confirm-email/{hash:alphanum}', 'account/confirm-email.php'],
 
 	['GET', 'bans/{page:int}', 'bans.php'],
-	[['GET', 'POST'], 'characters/{name:[A-Za-z0-9-_%+\' \[\]]+}', 'characters.php'],
+	[['GET', 'POST'], 'characters[/{name:string}]', 'characters.php'],
-	['GET', 'changelog/{page:int}', 'changelog.php'],
+	['GET', 'changelog[/{page:int}]', 'changelog.php'],
-	[['GET', 'POST'], 'monsters/{name:string}', 'monsters.php'],
+	[['GET', 'POST'], 'monsters[/{name:string}]', 'monsters.php'],
 
-	[['GET', 'POST'], 'faq/{action:string}', 'faq.php'],
+	[['GET', 'POST'], 'faq[/{action:string}]', 'faq.php'],
 
 	[['GET', 'POST'], 'forum/{action:string}', 'forum.php'],
 	['GET', 'forum/board/{id:int}', 'forum/show_board.php'],

system/settings.php

@@ -19,15 +19,6 @@ $templates = Cache::remember('templates', 5 * 60, function () {
 });
 $defaultTemplate = in_array('kathrine', $templates) ? 'kathrine' : $templates[0];
 
-global $db;
-
-if (!IS_CLI) {
-	require SYSTEM . 'base.php';
-
-	$serverUrl = 'http' . (isHttps() ? 's' : '') . '://' . $baseHost;
-	$siteURL = $serverUrl . $baseDir;
-}
-
 return [
 	'name' => 'MyAAC',
 	'settings' => [
@@ -39,13 +30,6 @@ return [
 			'type' => 'section',
 			'title' => 'General'
 		],
-		'site_url' => [
-			'name' => 'Website URL',
-			'type' => 'text',
-			'desc' => 'Website address of this MyAAC instance',
-			'default' => IS_CLI ? '' : $siteURL,
-			'is_config' => true,
-		],
 		'env' => [
 			'name' => 'App Environment',
 			'type' => 'options',
@@ -690,13 +674,6 @@ Sent by MyAAC,<br/>
 			'desc' => 'Default premium points on new account',
 			'default' => 0,
 		],
-		'account_coins' => [
-			'name' => 'Default Account Coins',
-			'type' => 'number',
-			'desc' => 'Default coins on new account',
-			'hidden' => ($db && !$db->hasColumn('accounts', 'coins')),
-			'default' => 0,
-		],
 		'account_mail_change' => [
 			'name' => 'Account Mail Change Days',
 			'type' => 'number',

system/src/CsrfToken.php

@@ -25,9 +25,8 @@ class CsrfToken
 	 *
 	 * @access public
 	 * @static true
-	 * @param bool $return
 	 * @return string
-	 */
+	 **/
 	public static function create(bool $return = false): string {
 		$input = '<input type="hidden" name="csrf_token" value="' . self::get() . '" />';
 		if ($return) {
@@ -59,7 +58,7 @@ class CsrfToken
 	 * @static true
 	 * @return boolean
 	 **/
-	public static function isValid(string|null $post): bool
+	public static function isValid($post): bool
 	{
 		if (!setting('core.csrf_protection')) {
 			return true;

system/src/Hook.php

@@ -38,8 +38,6 @@ class Hook
 	}
 
 	public function executeFilter(&$args) {
-		global $db, $config, $template_path, $ots, $content, $twig;
-
 		return include BASE . $this->_file;
 	}
 

system/src/Plugins.php

@@ -11,25 +11,6 @@ class Plugins {
 	private static $error = null;
 	private static $plugin_json = [];
 
-	public static function getInits()
-	{
-		return Cache::remember('plugins_inits', 10 * 60, function () {
-			$inits = [];
-			foreach(self::getAllPluginsJson() as $plugin) {
-				if (!self::getAutoLoadOption($plugin, 'init', false)) {
-					continue;
-				}
-
-				$pluginInits = glob(PLUGINS . $plugin['filename'] . '/init.php');
-				foreach ($pluginInits as $path) {
-					$inits[] = $path;
-				}
-			}
-
-			return $inits;
-		});
-	}
-
 	public static function getAdminPages()
 	{
 		return Cache::remember('plugins_admin_pages', 10 * 60, function () {
@@ -365,25 +346,6 @@ class Plugins {
 		}
 
 		$settings = [];
-		foreach (self::getAllPluginsJson() as $plugin) {
-			if (!self::getAutoLoadOption($plugin, 'settings', true)) {
-				continue;
-			}
-
-			$settingsFileName = PLUGINS . $plugin['filename'] . '/settings.php';
-			if (!is_file($settingsFileName)) {
-				continue;
-			}
-
-			$settingsFile = require $settingsFileName;
-			if (!isset($settingsFile['key'])) {
-				warning("Settings file for plugin - {$plugin['name']} does not contain 'key' field");
-				continue;
-			}
-
-			$settings[$settingsFile['key']] = ['pluginFilename' => $plugin['filename'], 'settingsFilename' => 'plugins/' . $plugin['filename'] . '/settings.php'];
-		}
-
 		foreach (self::getAllPluginsJson() as $plugin) {
 			if (isset($plugin['settings'])) {
 				$settingsFile = require BASE . $plugin['settings'];
@@ -439,14 +401,8 @@ class Plugins {
 			return false;
 		}
 
-		$settingsFileName = PLUGINS . $plugin_json['filename'] . '/settings.php';
+		if (!isset($plugin_json['settings']) || !file_exists(BASE . $plugin_json['settings'])) {
-		if (!is_file($settingsFileName)) {
+			return false;
-			if (!isset($plugin_json['settings']) || !is_file(BASE . $plugin_json['settings'])) {
-				return false;
-			}
-		}
-		else {
-			return 'plugins/' . $plugin_json['filename'] . '/settings.php';
 		}
 
 		return $plugin_json['settings'];
@@ -476,8 +432,6 @@ class Plugins {
 			return false;
 		}
 
-		$plugin_json['filename'] = $filename;
-
 		return $plugin_json;
 	}
 
@@ -696,20 +650,14 @@ class Plugins {
 					return false;
 				}
 
-				$install = $plugin_json['install'] ?? '';
+				if (isset($plugin_json['install'])) {
-				if (self::getAutoLoadOption($plugin_json, 'install', true) && is_file(PLUGINS . $pluginFilename . '/install.php')) {
+					if (file_exists(BASE . $plugin_json['install'])) {
-					$install = 'plugins/' . $pluginFilename . '/install.php';
-				}
-
-				if (!empty($install)) {
-					if (file_exists(BASE . $install)) {
 						$db->revalidateCache();
-						require BASE . $install;
+						require BASE . $plugin_json['install'];
 						$db->revalidateCache();
 					}
-					else {
+					else
 						self::$warnings[] = 'Cannot load install script. Your plugin might be not working correctly.';
-					}
 				}
 
 				clearCache();

system/src/Settings.php

@@ -560,8 +560,8 @@ class Settings implements \ArrayAccess
 				$settingsFilePath = BASE . $settings[$pluginKeyName]['settingsFilename'];
 			}
 
-			if (!is_file($settingsFilePath)) {
+			if (!file_exists($settingsFilePath)) {
-				throw new \RuntimeException('Failed to load settings file for plugin: ' . $pluginKeyName . ' (Tried: ' . $settingsFilePath . ')');
+				throw new \RuntimeException('Failed to load settings file for plugin: ' . $pluginKeyName);
 			}
 
 			$this->settingsFile[$pluginKeyName] = require $settingsFilePath;

system/src/global.php

@@ -8,9 +8,7 @@ $i = 0;
 define('HOOK_INIT', ++$i);
 define('HOOK_STARTUP', ++$i);
 define('HOOK_BEFORE_PAGE', ++$i);
-define('HOOK_BEFORE_PAGE_CUSTOM', ++$i);
 define('HOOK_AFTER_PAGE', ++$i);
-define('HOOK_AFTER_PAGE_CUSTOM', ++$i);
 define('HOOK_FINISH', ++$i);
 define('HOOK_TIBIACOM_ARTICLE', ++$i);
 define('HOOK_TIBIACOM_BORDER_3', ++$i);
@@ -100,6 +98,8 @@ define('HOOK_INSTALL_FINISH', ++$i);
 define('HOOK_INSTALL_FINISH_END', ++$i);
 
 // hook filters
+define('HOOK_FILTER_HIGHSCORES_LIST', ++$i);
+define('HOOK_FILTER_HIGHSCORES', ++$i);
 define('HOOK_FILTER_ROUTES', ++$i);
 define('HOOK_FILTER_TWIG_DISPLAY', ++$i);
 define('HOOK_FILTER_TWIG_RENDER', ++$i);

system/status.php

@@ -114,8 +114,6 @@ function updateStatus() {
 
 	// get server status and save it to database
 	$serverInfo = new OTS_ServerInfo($status_ip, $status_port);
-	$serverInfo->setTimeout(setting('core.status_timeout'));
-
 	$serverStatus = $serverInfo->status();
 	if(!$serverStatus)
 	{

system/templates/account.change-password.html.twig

@@ -37,7 +37,7 @@ Please enter your current password and a new password. For your security, please
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/change-password') }}" method="post">
 							{{ csrf() }}
 							{{ include('buttons.submit.html.twig') }}

system/templates/account.characters.change-name.html.twig

@@ -35,7 +35,7 @@ To change a name of character select player and choose a new name.<br/>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form id="form" action="{{ getLink('account/characters/change-name') }}" method="post">
 							{{ csrf() }}
 							<input type="hidden" name="changenamesave" value="1">
@@ -48,7 +48,7 @@ To change a name of character select player and choose a new name.<br/>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
-					<td style="border:0;">
+					<td style="border:0px;">
 						<form action="{{ getLink('account/manage') }}" method="post">
 							{{ csrf() }}
 							{{ include('buttons.back.html.twig') }}

system/templates/account.generate_recovery_key.html.twig

@@ -32,14 +32,14 @@ To generate recovery key for your account please enter your password.<br/><br/>
 		</td>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
-				<tr>
+				<form action="{{ getLink('account/manage') }}" method="post">
-					<td style="border: 0;">
+					{{ csrf() }}
-						<form action="{{ getLink('account/manage') }}" method="post">
+					<tr>
-							{{ csrf() }}
+						<td style="border: 0px;">
 							{{ include('buttons.back.html.twig') }}
-						</form>
+						</td>
-					</td>
+					</tr>
-				</tr>
+				</form>
 			</table>
 		</td>
 	</tr>

system/templates/account.login.html.twig

@@ -2,11 +2,9 @@
 Please enter your account {{ account|lower }} and your password.<br/><a href="{{ getLink('account/create') }}">Create an account</a> if you do not have one yet.<br/><br/>
 <form action="{{ getLink('account/manage') }}" method="post">
 	{{ csrf() }}
-
 	{% if redirect is not null %}
 		<input type="hidden" name="redirect" value="{{ redirect }}" />
 	{% endif %}
-
 	<div class="TableContainer" >
 		<table class="Table1" cellpadding="0" cellspacing="0" >
 			<div class="CaptionContainer" >
@@ -66,7 +64,7 @@ Please enter your account {{ account|lower }} and your password.<br/><a href="{{
 			<td>
 				<table border="0" cellspacing="0" cellpadding="0">
 					<tr>
-						<td style="border:0;">
+						<td style="border:0px;">
 							{{ include('buttons.submit.html.twig') }}
 						</td>
 					<tr>
@@ -75,7 +73,7 @@ Please enter your account {{ account|lower }} and your password.<br/><a href="{{
 			<td>
 				<table border="0" cellspacing="0" cellpadding="0">
 					<tr>
-						<td style="border:0;">
+						<td style="border:0px;">
 							<a href="{{ getLink('account/lost') }}">
 								{{ include('buttons.account_lost.html.twig') }}
 							</a>

system/templates/forum.admin.links.html.twig

@@ -1,43 +0,0 @@
-<table>
-	<tr>
-		<td>
-			<form action="{{ getLink('forum') }}" method="post" style="float: left">
-				{{ csrf() }}
-				<input type="hidden" name="action" value="edit_board" />
-				<input type="hidden" name="id" value="{{ id }}" />
-				<button type="submit" title="Edit"><img src="images/edit.png"/> Edit</button>
-			</form>
-
-			<form action="{{ getLink('forum') }}" method="post" style="float: left">
-				{{ csrf() }}
-				<input type="hidden" name="action" value="delete_board" />
-				<input type="hidden" name="id" value="{{ id }}" />
-				<button type="submit" onclick="return confirm('Are you sure?');" title="Delete"><img src="images/del.png"/>Delete</button>
-			</form>
-
-			<form action="{{ getLink('forum') }}" method="post" style="float: left">
-				{{ csrf() }}
-				<input type="hidden" name="action" value="hide_board" />
-				<input type="hidden" name="id" value="{{ id }}" />
-				<button type="submit" title="{% if hide != 1 %}Hide{% else %}Show{% endif %}"><img src="images/{{ hide != 1 ? 'success' : 'error' }}.png"/>{{ hide != 1 ? 'Hide' : 'Show' }}</button>
-			</form>
-
-			{% if i != 1 %}
-				<form action="{{ getLink('forum') }}" method="post" style="float: left">
-					{{ csrf() }}
-					<input type="hidden" name="action" value="moveup_board" />
-					<input type="hidden" name="id" value="{{ id }}" />
-					<button type="submit" title="Move up"><img src="images/icons/arrow_up.gif"/>Move up</button>
-				</form>
-			{% endif %}
-			{% if i != loop.last %}
-				<form action="{{ getLink('forum') }}" method="post" style="float: left">
-					{{ csrf() }}
-					<input type="hidden" name="action" value="movedown_board" />
-					<input type="hidden" name="id" value="{{ id }}" />
-					<button type="submit" title="Move down"><img src="images/icons/arrow_down.gif"/>Move down</button>
-				</form>
-			{% endif %}
-		</td>
-	</tr>
-</table>

system/templates/forum.boards.html.twig

@@ -39,7 +39,25 @@
 		</td>
 		{% if canEdit %}
 			<td>
-				{{ include('forum.admin.links.html.twig', {id: board.id, hide: board.hide, i: i }) }}
+				<a href="{{ getLink('forum') }}?action=edit_board&id={{ board.id }}" title="Edit">
+					<img src="images/edit.png"/>Edit
+				</a>
+				<a id="delete" href="{{ getLink('forum') }}?action=delete_board&id={{ board.id }}" onclick="return confirm('Are you sure?');" title="Delete">
+					<img src="images/del.png"/>Delete
+				</a>
+				<a href="{{ getLink('forum') }}?action=hide_board&id={{ board.id }}" title="{% if board.hide != 1 %}Hide{% else %}Show{% endif %}">
+					<img src="images/{% if board.hide != 1 %}success{% else %}error{% endif %}.png"/>{% if board.hide != 1 %}Hide{% else %}Show{% endif %}
+				</a>
+				{% if i != 1 %}
+					<a href="{{ getLink('forum') }}?action=moveup_board&id={{ board.id }}" title="Move up">
+						<img src="images/icons/arrow_up.gif"/>Move up
+					</a>
+				{% endif %}
+				{% if i != last %}
+					<a href="{{ getLink('forum') }}?action=movedown_board&id={{ board.id }}" title="Move down">
+						<img src="images/icons/arrow_down.gif"/>Move down
+					</a>
+				{% endif %}
 			</td>
 		{% endif %}
 	</tr>

system/templates/forum.move_thread.html.twig

@@ -8,8 +8,7 @@
 			<table border="0" cellpadding="3" cellspacing="1" width="100%">
 				<tr bgcolor="{{ config.lightborder }}">
 					<td>
-						<form method="post">
+						<form action="" method="get">
-							{{ csrf() }}
 							<input type="hidden" name="subtopic" value="forum" />
 							<input type="hidden" name="action" value="move_thread" />
 							<input type="hidden" name="save" value="1" />
@@ -26,6 +25,7 @@
 							<input type="submit" value="Move Thread">
 						</form>
 						<form action="{{ section_link }}">
+							{{ csrf() }}
 							<input type="submit" value="Cancel">
 						</form>
 					</td>

system/templates/forum.new_thread.html.twig

@@ -1,4 +1,4 @@
-<form method="post">
+<form action="?" method="post">
 	{{ csrf() }}
 	<input type="hidden" name="action" value="new_thread" />
 	<input type="hidden" name="section_id" value="{{ section_id }}" />

system/templates/forum.remove_post.html.twig

@@ -1,12 +0,0 @@
-<form action="{{ getLink('forum') }}" method="post" style="display: inline"
-	{% if post.first_post != post.id %}
-		onclick="return confirm('Are you sure you want remove post of {{ post.player.getName() }}?')"
-	{% else %}
-		onclick="return confirm('Are you sure you want remove thread > {{ post.post_topic}} <?')"
-	{% endif %}
->
-	{{ csrf() }}
-	<input type="hidden" name="action" value="remove_post" />
-	<input type="hidden" name="id" value="{{ post.id }}" />
-	<input type="image" src="/images/del.png" border="0" alt="Delete" title="{% if post.first_post != post.id %}Remove Post{% else %}Remove Thread{% endif %}" />
-</form>

system/templates/forum.show_thread.html.twig

@@ -53,16 +53,15 @@ Page: {{ links_to_pages|raw }}<br/>
 			<td>
 				{% if is_moderator %}
 					{% if post.first_post != post.id %}
-						{{ include('forum.remove_post.html.twig') }}
+						<a href="{{ getLink('forum') }}?action=remove_post&id={{ post.id }}" title="Remove Post" onclick="return confirm('Are you sure you want remove post of {{ post.player.getName() }}?')"><img src="images/del.png"/></a>
 					{% else %}
 						<a href="{{ getLink('forum') }}?action=move_thread&id={{ post.id }}" title="Move Thread"><img src="images/icons/arrow_right.gif"/></a>
-						{{ include('forum.remove_post.html.twig') }}
+						<a href="{{ getLink('forum') }}?action=remove_post&id={{ post.id }}" title="Remove Thread" target="_blank" onclick="return confirm('Are you sure you want remove thread > {{ post.post_topic}} <?')"><img src="images/del.png"/></a>
 					{% endif %}
 				{% endif %}
 					{% if logged and (post.player.getAccount().getId() == account_logged.getId() or is_moderator) %}
 						<a href="{{ getLink('forum') }}?action=edit_post&id={{ post.id }}" title="Edit Post" target="_blank">
-							<img src="images/edit.png"/>
+							<img src="images/edit.png"/></a>
-						</a>
 					{% endif %}
 					{% if logged %}
 						<a href="{{ getLink('forum') }}?action=new_post&thread_id={{ thread_id }}&quote={{ post.id }}" title="Quote Post"><img src="images/icons/comment_add.png"/></a>

system/templates/guilds.accept_invite.html.twig

@@ -7,15 +7,12 @@
 	</tr>
 	<tr bgcolor="{{ config.darkborder }}">
 		<td>
-			<form action="{{ getLink('guilds') }}?action=accept_invite&guild={{ guild_name }}" method="post">
+			<form action="{{ getLink('guilds') }}?action=accept_invite&guild={{ guild_name }}&todo=save" method="post">
 				{{ csrf() }}
-
-				<input type="hidden" name="todo" value="save" />
-
 				{% set i = 0 %}
 				{% for player in invited_players %}
-					<input type="radio" name="name" id="name_{{ i }}" value="{{ player }}" /><label for="name_{{ i }}">{{ player }}</label>
+				<input type="radio" name="name" id="name_{{ i }}" value="{{ player }}" /><label for="name_{{ i }}">{{ player }}</label>
-					{% set i = i + 1 %}
+				{% set i = i + 1 %}
 				{% endfor %}
 				{{ include('buttons.submit.html.twig') }}
 			</form>

system/templates/guilds.change_description.html.twig

@@ -5,7 +5,7 @@
 	<tr>
 		<td>
 			Here you can change description of your guild.<br/>
-			<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_description" method="post">
+			<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_description" method="post">
 				{{ csrf() }}
 				<input type="hidden" name="todo" value="save"/>
 				<textarea name="description" cols="60" rows="{{ setting('core.guild_description_lines_limit') - 1 }}">{{ guild.getCustomField('description')|raw }}</textarea><br>

system/templates/guilds.change_logo.html.twig

@@ -8,7 +8,7 @@
 			<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_logo" method="post" id="upload_form">
 				{{ csrf() }}
 				<input type="hidden" name="todo" value="save" />
-				<!--input type="hidden" name="MAX_FILE_SIZE" value="{{ max_image_size_b }}" /-->
+				<input type="hidden" name="MAX_FILE_SIZE" value="{{ max_image_size_b }}" />
 				Select new logo: <input name="newlogo" id="newlogo" type="file" />
 				<input type="submit" value="Send new logo" />
 			</form>

system/templates/guilds.change_motd.html.twig

@@ -5,7 +5,7 @@
 	<tr>
 		<td>
 			Here you can change MOTD (Message of the Day, showed in game!) of your guild.<br/>
-			<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_motd" method="post">
+			<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_motd" method="post">
 				{{ csrf() }}
 				<input type="hidden" name="todo" value="save"/>
 				<textarea name="motd" cols="60" rows="3">{{ guild.getCustomField('motd')|raw }}</textarea><br/>

system/templates/guilds.change_rank.html.twig

@@ -1,6 +1,5 @@
-<form action="{{ getLink('guilds') }}?action=change_rank&guild={{ guild_name }}" method="post">
+<form action="{{ getLink('guilds') }}?action=change_rank&guild={{ guild_name }}&todo=save" method="post">
 	{{ csrf() }}
-	<input type="hidden" name="todo" value="save" />
 	<table border="0" cellspacing="1" cellpadding="4" width="100%">
 		<tr bgcolor="{{ config.vdarkborder }}"><td class="white"><b>Change Rank</b></td></tr>
 		<tr bgcolor="{{ config.darkborder }}">

system/templates/guilds.create.html.twig

@@ -1,6 +1,5 @@
-<form action="{{ getLink('guilds') }}?action=create" method="post">
+<form action="{{ getLink('guilds') }}?action=create&todo=save" method="post">
 	{{ csrf() }}
-	<input type="hidden" name="todo" value="save" />
 	<table width="100%" border="0" cellspacing="1" cellpadding="4">
 		<tr>
 			<td bgcolor="{{ config.vdarkborder }}" class="white"><B>Create a {{ config.lua.serverName }} Guild</b></td>

system/templates/guilds.delete_invite.html.twig

@@ -7,10 +7,9 @@
 	<table border="0" cellspacing="0" cellpadding="0" width="100%">
 		<tr>
 			<td align="right" width="50%">
-				<form action="{{ getLink('guilds') }}?action=delete_invite&guild={{ guild_name }}&name={{ player_name }}" method="post">
+				<form action="{{ getLink('guilds') }}?action=delete_invite&guild={{ guild_name }}&name={{ player_name }}&todo=save" method="post">
-					{{ csrf() }}
+				{{ csrf() }}
-					<input type="hidden" name="todo" value="save" />
+				{{ include('buttons.submit.html.twig') }}
-					{{ include('buttons.submit.html.twig') }}
 				</form>
 			</td>
 			<td style="width: 10px; "></td>

system/templates/guilds.invite.html.twig

@@ -1,6 +1,5 @@
-<form action="{{ getLink('guilds') }}?action=invite&guild={{ guild_name }}" method="post">
+<form action="{{ getLink('guilds') }}?action=invite&guild={{ guild_name }}&todo=save" method="post">
 	{{ csrf() }}
-	<input type="hidden" name="todo" value="save" />
 	Invite player with name:&nbsp;&nbsp;<input type="text" name="name">&nbsp;&nbsp;&nbsp;&nbsp;
 	{{ include('buttons.submit.html.twig') }}
 </form>

system/templates/guilds.kick_player.html.twig

@@ -7,9 +7,8 @@
 	<table border="0" cellspacing="0" cellpadding="0" width="100%">
 		<tr>
 			<td align="right" width="50%">
-				<form action="{{ getLink('guilds') }}?action=kick_player&guild={{ guild_name }}&name={{ player_name }}" method="post">
+				<form action="{{ getLink('guilds') }}?action=kick_player&guild={{ guild_name }}&name={{ player_name }}&todo=save" method="post">
 					{{ csrf() }}
-					<input type="hidden" name="todo" value="save" />
 					{{ include('buttons.submit.html.twig') }}
 				</form>
 			</td>