Set $title to 'Lost Account'

No need to define routes in plugin.json anymore

CHANGELOG-1.x.md

@@ -1,6 +1,22 @@
 # Changelog
 
-## [1.8 - 01.08.2025]
+## [1.8.1 - 05.09.2025]
+
+### Added
+* New Commands: plugin:enable/disable/uninstall {plugin-name} (https://github.com/slawkens/myaac/commit/7a08f91d3fc0897c1ff76089ef3c649a2c6d2003, https://github.com/slawkens/myaac/commit/fec773ba4b740f35c0a3ef92ca8444a4c7d02082)
+* Gifts: Added Transferable Coins to the store dropdown menu in the admin area (by @andreoam, #321) (https://github.com/slawkens/myaac/commit/42671c5c199dd9e91c774d8c9d30da9e12f1b695)
+
+### Changed
+* Commands: Allow settings to be changed/reset by plugin name (https://github.com/slawkens/myaac/commit/f8c4332e03e838d285ea0afb4b72b7c23e324d45, https://github.com/slawkens/myaac/commit/4b948e9510f7ba69d00f84d7fdaea8b3bf05b630)
+* Templates: Menus should be saved for each template separately (https://github.com/slawkens/myaac/commit/482f4067b2a2e7513d9ba214274a361ffaf123d8)
+
+### Fixed
+* Online: Fix skulls display (#320) (https://github.com/slawkens/myaac/commit/98073a110ae13f9592ec9d2c4d1d1aace87587a9)
+* Online: Fix if there is no world_id in the server_record table (https://github.com/slawkens/myaac/commit/b6e1620f14c20eecfc9001a7d86dfb67942985c6) (Reported by @gesior in #318)
+* tibiacom: some fixes to menus (https://github.com/slawkens/myaac/commit/20f99903ae80c74ad66c1cf5a5ea8d0b0fc2fd70, https://github.com/slawkens/myaac/commit/11dae90fa94fbbf47447017db5e5847c33d6aadf)
+* Guilds: Fix for some servers that don't have guild_invites table (https://github.com/slawkens/myaac/commit/9725a3c2bdb7003f5cb48febb77604c31a9b805b)
+
+## [1.8 - 02.08.2025]
 
 ### Added
 * Templates - Kathrine: Possibility to add custom menu categories (https://github.com/slawkens/myaac/commit/ec11c1402417c25980582467546d1c1e9bb8267f)

common.php

@@ -26,7 +26,7 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.8';
+const MYAAC_VERSION = '1.8.2-dev';
 const DATABASE_VERSION = 45;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));

install/steps/5-database.php

@@ -42,45 +42,44 @@ if(!$error) {
 	$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
 	$configToSave['database_auto_migrate'] = true;
 
-	if(!$error) {
-		$content = '';
-		$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
-		if ($saved) {
-			success($locale['step_database_config_saved']);
-			$_SESSION['saved'] = true;
+	$content = '';
+	$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
+	if ($saved || file_exists(BASE . 'config.local.php')) {
+		success($locale['step_database_config_saved']);
+		$_SESSION['saved'] = true;
 
-			require BASE . 'config.local.php';
-			require BASE . 'install/includes/config.php';
+		require BASE . 'config.local.php';
+		require BASE . 'install/includes/config.php';
 
-			if (!$error) {
-				require BASE . 'install/includes/database.php';
+		if (!$error) {
+			require BASE . 'install/includes/database.php';
 
-				if (isset($database_error)) { // we failed connect to the database
-					error($database_error);
+			if (isset($database_error)) { // we failed connect to the database
+				error($database_error);
+			}
+			else {
+				if (!$db->hasTable('accounts')) {
+					$tmp = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
+					error($tmp);
+					$error = true;
 				}
-				else {
-					if (!$db->hasTable('accounts')) {
-						$tmp = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
-						error($tmp);
-						$error = true;
-					}
 
-					if (!$error) {
-						$twig->display('install.installer.html.twig', array(
-							'url' => 'tools/5-database.php',
-							'message' => $locale['loading_spinner']
-						));
-					}
+				if (!$error) {
+					$twig->display('install.installer.html.twig', array(
+						'url' => 'tools/5-database.php',
+						'message' => $locale['loading_spinner']
+					));
 				}
 			}
-		} else {
-			$_SESSION['config_content'] = $content;
-			unset($_SESSION['saved']);
-
-			$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.php</b>', $locale['step_database_error_file']);
-			error($locale['step_database_error_file'] . '<br/>
-				<textarea cols="70" rows="10">' . $content . '</textarea>');
 		}
+	} else {
+		$error = true;
+		$_SESSION['config_content'] = $content;
+		unset($_SESSION['saved']);
+
+		$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.local.php</b>', $locale['step_database_error_file']);
+		error($locale['step_database_error_file'] . '<br/>
+			<textarea cols="70" rows="10">' . $content . '</textarea>');
 	}
 }
 ?>

package-lock.json

@@ -976,15 +976,16 @@
       }
     },
     "node_modules/form-data": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.2.tgz",
-      "integrity": "sha512-hGfm/slu0ZabnNt4oaRZ6uREyfCj6P4fT/n6A1rGV+Z0VdGXjfOhVUpkn6qVQONHGIFwmveGXyDs75+nr6FM8w==",
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz",
+      "integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "asynckit": "^0.4.0",
         "combined-stream": "^1.0.8",
         "es-set-tostringtag": "^2.1.0",
+        "hasown": "^2.0.2",
         "mime-types": "^2.1.12"
       },
       "engines": {
@@ -2084,9 +2085,9 @@
       "license": "MIT"
     },
     "node_modules/tmp": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz",
-      "integrity": "sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==",
+      "version": "0.2.4",
+      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.4.tgz",
+      "integrity": "sha512-UdiSoX6ypifLmrfQ/XfiawN6hkjSBpCjhKxxZcWlUUmoXLaCKQU0bx4HF/tdDK2uzRuchf1txGvrWBzYREssoQ==",
       "dev": true,
       "license": "MIT",
       "engines": {

system/pages/account/lost.php

@@ -9,540 +9,11 @@
  * @link      https://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Lost Account Interface';
+$title = 'Lost Account';
 
-if(!setting('core.mail_enabled'))
-{
-	echo '<b>Account maker is not configured to send e-mails, you can\'t use Lost Account Interface. Contact with admin to get help.</b>';
+if(!setting('core.mail_enabled')) {
+	echo "<b>Account maker is not configured to send e-mails, you can't use Lost Account Interface. Contact with admin to get help.</b>";
 	return;
 }
 
-$action_type = isset($_REQUEST['action_type']) ? $_REQUEST['action_type'] : '';
-if($action == '')
-{
-	$twig->display('account.lost.form.html.twig');
-}
-else if($action == 'step1' && $action_type == '') {
-	$twig->display('account.lost.noaction.html.twig');
-}
-elseif($action == 'step1' && $action_type == 'email')
-{
-	$nick = stripslashes($_REQUEST['nick']);
-	if(Validator::characterName($nick))
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($nick);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-
-		if($account->isLoaded())
-		{
-			if($account->getCustomField('email_next') < time())
-				echo 'Please enter e-mail to account with this character.<BR>
-				<form action="' . getLink('account/lost') . '?action=sendcode" method=post>
-				<input type=hidden name="character">
-				<table cellspacing=1 cellpadding=4 border=0 width=100%>
-				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter e-mail to account</B></TD></TR>
-				<TR><TD BGCOLOR="'.$config['darkborder'].'">
-				Character: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR>
-				E-mail to account:<INPUT TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
-				</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				' . $twig->render('buttons.submit.html.twig') . '</div>
-				</TD></TR></FORM></TABLE></TABLE>';
-			else
-			{
-				$insec = (int)$account->getCustomField('email_next') - time();
-				$minutesleft = floor($insec / 60);
-				$secondsleft = $insec - ($minutesleft * 60);
-				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
-				echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
-			}
-		}
-		else
-			echo 'Player or account of player <b>' . $nick . '</b> doesn\'t exist.';
-	}
-	else
-		echo 'Invalid player name format. If you have other characters on account try with other name.';
-	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
-elseif($action == 'sendcode')
-{
-	$email = $_REQUEST['email'];
-	$nick = stripslashes($_REQUEST['nick']);
-	if(Validator::characterName($nick))
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($nick);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-
-		if($account->isLoaded())
-		{
-			if($account->getCustomField('email_next') < time())
-			{
-				if($account->getEMail() == $email)
-				{
-					$newcode = generateRandomString(30, true, false, true);
-					$mailBody = '
-					You asked to reset your ' . $config['lua']['serverName'] . ' password.<br/>
-					<p>Account name: '.$account->getName().'</p>
-					<br />
-					To do so, please click this link:
-					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
-					<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
-					<br/>
-						<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
-
-					$account_mail = $account->getCustomField('email');
-					if(_mail($account_mail, $config['lua']['serverName'].' - Recover your account', $mailBody))
-					{
-						$account->setCustomField('email_code', $newcode);
-						$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
-						echo '<br />Details about steps required to recover your account has been sent to <b>' . $account_mail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
-					}
-					else
-					{
-						$account->setCustomField('email_next', (time() + 60));
-						echo '<br /><p class="error">An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>';
-					}
-				}
-				else
-					echo 'Invalid e-mail to account of character <b>'.$nick.'</b>. Try again.';
-			}
-			else
-			{
-				$insec = (int)$account->getCustomField('email_next') - time();
-				$minutesleft = floor($insec / 60);
-				$secondsleft = $insec - ($minutesleft * 60);
-				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
-				echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
-			}
-		}
-		else
-			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
-	}
-	else
-		echo 'Invalid player name format. If you have other characters on account try with other name.';
-	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="' . getLink('account/lost') . '?action=step1&action_type=email&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
-elseif($action == 'step1' && $action_type == 'reckey')
-{
-	$nick = stripslashes($_REQUEST['nick']);
-	if(Validator::characterName($nick))
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($nick);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-		if($account->isLoaded())
-		{
-			$account_key = $account->getCustomField('key');
-			if(!empty($account_key))
-			{
-						echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
-						<FORM ACTION="' . getLink('account/lost') . '?action=step2" METHOD=post>
-						<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-						<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter your recovery key</B></TD></TR>
-						<TR><TD BGCOLOR="'.$config['darkborder'].'">
-						Character name:&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
-						Recovery key:&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=text NAME="key" VALUE="" SIZE="40"><BR>
-						</TD></TR>
-						</TABLE>
-						<BR>
-						<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-						' . $twig->render('buttons.submit.html.twig') . '</div>
-						</TD></TR></FORM></TABLE></TABLE>';
-			}
-			else
-				echo 'Account of this character has no recovery key!';
-		}
-		else
-			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
-	}
-	else
-		echo 'Invalid player name format. If you have other characters on account try with other name.';
-	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
-elseif($action == 'step2')
-{
-	$rec_key = trim($_REQUEST['key']);
-	$nick = stripslashes($_REQUEST['nick']);
-	if(Validator::characterName($nick))
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($nick);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-		if($account->isLoaded())
-		{
-			$account_key = $account->getCustomField('key');
-			if(!empty($account_key))
-			{
-				if($account_key == $rec_key)
-				{
-					echo '<script type="text/javascript">
-					function validate_required(field,alerttxt)
-					{
-					with (field)
-					{
-					if (value==null||value==""||value==" ")
-					  {alert(alerttxt);return false;}
-					else {return true}
-					}
-					}
-					function validate_email(field,alerttxt)
-					{
-					with (field)
-					{
-					apos=value.indexOf("@");
-					dotpos=value.lastIndexOf(".");
-					if (apos<1||dotpos-apos<2)
-					  {alert(alerttxt);return false;}
-					else {return true;}
-					}
-					}
-					function validate_form(thisform)
-					{
-					with (thisform)
-					{
-					if (validate_required(email,"Please enter your e-mail!")==false)
-					  {email.focus();return false;}
-					if (validate_email(email,"Invalid e-mail format!")==false)
-					  {email.focus();return false;}
-					if (validate_required(passor,"Please enter password!")==false)
-					  {passor.focus();return false;}
-					if (validate_required(passor2,"Please repeat password!")==false)
-					  {passor2.focus();return false;}
-					if (passor2.value!=passor.value)
-					  {alert(\'Repeated password is not equal to password!\');return false;}
-					}
-					}
-					</script>';
-					echo 'Set new password and e-mail to your account.<BR>
-					<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
-					<INPUT TYPE=hidden NAME="character" VALUE="">
-					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
-					<TR><TD BGCOLOR="'.$config['darkborder'].'">
-					Account of character:&nbsp;&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
-					New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT id="passor" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
-					Repeat new password:&nbsp;&nbsp;<INPUT id="passor2" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
-					New e-mail address:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT id="email" TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
-					<INPUT TYPE=hidden NAME="key" VALUE="'.$rec_key.'">
-					</TD></TR>
-					</TABLE>
-					<BR>
-					<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-					' . $twig->render('buttons.submit.html.twig') . '</div>
-					</TD></TR></FORM></TABLE></TABLE>';
-				}
-				else
-					echo 'Wrong recovery key!';
-			}
-			else
-				echo 'Account of this character has no recovery key!';
-		}
-		else
-			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
-	}
-	else
-		echo 'Invalid player name format. If you have other characters on account try with other name.';
-	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
-elseif($action == 'step3')
-{
-	$rec_key = trim($_REQUEST['key']);
-	$nick = stripslashes($_REQUEST['nick']);
-	$new_pass = trim($_REQUEST['passor']);
-	$new_email = trim($_REQUEST['email']);
-	if(Validator::characterName($nick))
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($nick);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-		if($account->isLoaded())
-		{
-			$account_key = $account->getCustomField('key');
-			if(!empty($account_key))
-			{
-				if($account_key == $rec_key)
-				{
-					if(Validator::password($new_pass))
-					{
-						if(Validator::email($new_email))
-						{
-							$account->setEMail($new_email);
-
-							$tmp_new_pass = $new_pass;
-							if(USE_ACCOUNT_SALT)
-							{
-								$salt = generateRandomString(10, false, true, true);
-								$tmp_new_pass = $salt . $new_pass;
-							}
-
-							$account->setPassword(encrypt($tmp_new_pass));
-							$account->save();
-
-							if(USE_ACCOUNT_SALT)
-								$account->setCustomField('salt', $salt);
-
-							echo 'Your account name, new password and new e-mail.<BR>
-							<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
-							<INPUT TYPE=hidden NAME="character" VALUE="">
-							<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-							<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
-							<TR><TD BGCOLOR="'.$config['darkborder'].'">
-							Account name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'.$account->getName().'</b><BR>
-							New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'.$new_pass.'</b><BR>
-							New e-mail address:&nbsp;<b>'.$new_email.'</b><BR>';
-							if($account->getCustomField('email_next') < time())
-							{
-								$mailBody = '
-								<h3>Your account name and new password!</h3>
-								<p>Changed password and e-mail to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
-								<p>Account name: <b>'.$account->getName().'</b></p>
-								<p>New password: <b>'.$new_pass.'</b></p>
-								<p>E-mail: <b>'.$new_email.'</b> (this e-mail)</p>
-								<br />
-								<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
-
-								if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody))
-								{
-									echo '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
-								}
-								else
-								{
-									echo '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
-								}
-							}
-							else
-							{
-								echo '<br /><small>You will not receive e-mail with this informations.</small>';
-							}
-							echo '<INPUT TYPE=hidden NAME="account_login" VALUE="'.$account->getId().'">
-							<INPUT TYPE=hidden NAME="password_login" VALUE="'.$new_pass.'">
-							</TD></TR></TABLE><BR>
-							<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-							<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
-							</TD></TR></FORM></TABLE></TABLE>';
-						}
-						else
-							echo Validator::getLastError();
-					}
-					else
-						echo Validator::getLastError();
-				}
-				else
-					echo 'Wrong recovery key!';
-			}
-			else
-				echo 'Account of this character has no recovery key!';
-		}
-		else
-			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
-	}
-	else
-		echo 'Invalid player name format. If you have other characters on account try with other name.';
-	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
-elseif($action == 'checkcode')
-{
-	$code = trim($_REQUEST['code']);
-	$character = stripslashes(trim($_REQUEST['character']));
-	if(empty($code) || empty($character))
-		echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
-				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
-				<TR><TD BGCOLOR="'.$config['darkborder'].'">
-				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
-				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
-				</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				' . $twig->render('buttons.submit.html.twig') . '</div>
-				</TD></TR></FORM></TABLE></TABLE>';
-	else
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($character);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-		if($account->isLoaded())
-		{
-			if($account->getCustomField('email_code') == $code)
-			{
-				echo '<script type="text/javascript">
-				function validate_required(field,alerttxt)
-				{
-				with (field)
-				{
-				if (value==null||value==""||value==" ")
-				  {alert(alerttxt);return false;}
-				else {return true}
-				}
-				}
-
-				function validate_form(thisform)
-				{
-				with (thisform)
-				{
-				if (validate_required(passor,"Please enter password!")==false)
-				  {passor.focus();return false;}
-				if (validate_required(passor2,"Please repeat password!")==false)
-				  {passor2.focus();return false;}
-				if (passor2.value!=passor.value)
-				  {alert(\'Repeated password is not equal to password!\');return false;}
-				}
-				}
-				</script>
-				Please enter new password to your account and repeat to make sure you remember password.<BR>
-				<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
-				<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
-				<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
-				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & account name</B></TD></TR>
-				<TR><TD BGCOLOR="'.$config['darkborder'].'">
-				New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=password ID="passor" NAME="passor" VALUE="" SIZE="40")><BR />
-				Repeat new password:&nbsp;<INPUT TYPE=password ID="passor2" NAME="passor2" VALUE="" SIZE="40")><BR />
-				</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				' . $twig->render('buttons.submit.html.twig') . '</div>
-				</TD></TR></FORM></TABLE></TABLE>';
-			}
-			else
-				$error= 'Wrong code to change password.';
-		}
-		else
-			$error = 'Account of this character or this character doesn\'t exist.';
-	}
-	if(!empty($error))
-				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
-				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
-				<TR><TD BGCOLOR="'.$config['darkborder'].'">
-				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
-				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
-				</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				' . $twig->render('buttons.submit.html.twig') . '</div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
-elseif($action == 'setnewpassword')
-{
-	$newpassword = $_REQUEST['passor'];
-	$code = $_REQUEST['code'];
-	$character = stripslashes($_REQUEST['character']);
-	echo '';
-	if(empty($code) || empty($character) || empty($newpassword))
-		echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-	else
-	{
-		$player = new OTS_Player();
-		$account = new OTS_Account();
-		$player->find($character);
-		if($player->isLoaded())
-			$account = $player->getAccount();
-		if($account->isLoaded())
-		{
-			if($account->getCustomField('email_code') == $code)
-			{
-				if(Validator::password($newpassword))
-				{
-					$tmp_new_pass = $newpassword;
-					if(USE_ACCOUNT_SALT)
-					{
-						$salt = generateRandomString(10, false, true, true);
-						$tmp_new_pass  = $salt . $newpassword;
-						$account->setCustomField('salt', $salt);
-					}
-
-					$account->setPassword(encrypt($tmp_new_pass ));
-					$account->save();
-					$account->setCustomField('email_code', '');
-					echo 'New password to your account is below. Now you can login.<BR>
-					<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
-					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Changed password</B></TD></TR>
-					<TR><TD BGCOLOR="'.$config['darkborder'].'">
-					New password:&nbsp;<b>'.$newpassword.'</b><BR />
-					Account name:&nbsp;&nbsp;&nbsp;<i>(Already on your e-mail)</i><BR />';
-
-					$mailBody = '
-					<h3>Your account name and password!</h3>
-					<p>Changed password to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
-					<p>Account name: <b>'.$account->getName().'</b></p>
-					<p>New password: <b>'.$newpassword.'</b></p>
-					<br />
-					<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
-
-					if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - Your new password", $mailBody))
-					{
-						echo '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
-					}
-					else
-					{
-						echo '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
-					}
-				echo '</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
-				<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
-				</TD></TR></FORM></TABLE></TABLE>';
-				}
-				else
-					$error= Validator::getLastError();
-			}
-			else
-				$error= 'Wrong code to change password.';
-		}
-		else
-			$error = 'Account of this character or this character doesn\'t exist.';
-	}
-	if(!empty($error))
-				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
-				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
-				<TR><TD BGCOLOR="'.$config['darkborder'].'">
-				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
-				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
-				</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				' . $twig->render('buttons.submit.html.twig') . '</div>
-				</TD></TR></FORM></TABLE></TABLE>';
-}
+$twig->display('account/lost/form.html.twig');

system/pages/account/lost/check-code.php

@@ -0,0 +1,49 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+$code = isset($_REQUEST['code']) ? trim($_REQUEST['code']) : '';
+$character = isset($_REQUEST['character']) ? stripslashes(trim($_REQUEST['character'])) : '';
+
+if(empty($code) || empty($character))
+	$twig->display('account/lost/check-code.html.twig', [
+		'code' => $code,
+		'characters' => $character,
+	]);
+else
+{
+	$player = new OTS_Player();
+	$account = new OTS_Account();
+	$player->find($character);
+	if($player->isLoaded()) {
+		$account = $player->getAccount();
+	}
+
+	if($account->isLoaded()) {
+		if($account->getCustomField('email_code') == $code) {
+			$twig->display('account/lost/check-code.finish.html.twig', [
+				'character' => $character,
+				'code' => $code,
+			]);
+		}
+		else {
+			$error = 'Wrong code to change password.';
+		}
+	}
+	else {
+		$error = "Account of this character or this character doesn't exist.";
+	}
+}
+
+if(!empty($error)) {
+	$twig->display('error_box.html.twig', [
+		'errors' => [$error],
+	]);
+
+	echo '<br/>';
+
+	$twig->display('account/lost/check-code.html.twig', [
+
+	]);
+}

system/pages/account/lost/email/send-code.php

@@ -0,0 +1,61 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+$email = $_REQUEST['email'];
+$nick = stripslashes($_REQUEST['nick']);
+
+$player = new OTS_Player();
+$account = new OTS_Account();
+$player->find($nick);
+if($player->isLoaded()) {
+	$account = $player->getAccount();
+}
+
+if($account->isLoaded()) {
+	if($account->getCustomField('email_next') < time()) {
+		if($account->getEMail() == $email) {
+			$newCode = generateRandomString(30, true, false, true);
+			$mailBody = $twig->render('mail.account.lost.code.html.twig', [
+				'newCode' => $newCode,
+				'account' => $account,
+				'nick' => $nick,
+			]);
+
+			$accountEMail = $account->getCustomField('email');
+			if(_mail($accountEMail, configLua('serverName') . ' - Recover your account', $mailBody)) {
+				$account->setCustomField('email_code', $newCode);
+				$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
+
+				echo '<br />Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
+			}
+			else {
+				$account->setCustomField('email_next', (time() + 60));
+				error('An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>');
+			}
+		}
+		else {
+			echo 'Invalid e-mail to account of character <b>' . htmlspecialchars($nick) . '</b>. Try again.';
+		}
+	}
+	else {
+		$inSec = (int)$account->getCustomField('email_next') - time();
+		$minutesLeft = floor($inSec / 60);
+		$secondsLeft = $inSec - ($minutesLeft * 60);
+		$timeLeft = $minutesLeft.' minutes '.$secondsLeft.' seconds';
+
+		$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
+
+		echo "Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again.";
+	}
+}
+else {
+	echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
+}
+
+$twig->display('account.back_button.html.twig', [
+	'new_line' => true,
+	'center' => true,
+	'action' => getLink('account/lost') . '?action=step1&action_type=email&nick=' . urlencode($nick),
+]);

system/pages/account/lost/email/set-new-password.php

@@ -0,0 +1,84 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+$newPassword = $_REQUEST['passor'];
+$code = $_REQUEST['code'];
+$character = stripslashes($_REQUEST['character']);
+
+if(empty($code) || empty($character) || empty($newPassword)) {
+	echo '<span style="color: red"><b>Error. Try again.</b></span><br/>Please enter code from e-mail and name of one character from account. Then press Submit.<br>';
+
+	$twig->display('account.back_button.html.twig', [
+		'new_line' => true,
+		'center' => true,
+		'action' => getLink('account/lost/check-code')
+	]);
+}
+else
+{
+	$player = new OTS_Player();
+	$account = new OTS_Account();
+	$player->find($character);
+	if($player->isLoaded()) {
+		$account = $player->getAccount();
+	}
+
+	if($account->isLoaded()) {
+		if($account->getCustomField('email_code') == $code) {
+			if(Validator::password($newPassword)) {
+				$tmp_new_pass = $newPassword;
+				if(USE_ACCOUNT_SALT) {
+					$salt = generateRandomString(10, false, true, true);
+					$tmp_new_pass  = $salt . $newPassword;
+					$account->setCustomField('salt', $salt);
+				}
+
+				$account->setPassword(encrypt($tmp_new_pass));
+				$account->save();
+				$account->setCustomField('email_code', '');
+
+				$mailBody = $twig->render('mail.account.lost.new-password.html.twig', [
+					'account' => $account,
+					'newPassword' => $newPassword,
+				]);
+
+				$statusMsg = '';
+				if(_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) {
+					$statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
+				}
+				else {
+					$statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
+				}
+
+				$twig->display('account/lost/finish.new-password.html.twig', [
+					'statusMsg' => $statusMsg,
+					'newPassword' => $newPassword,
+				]);
+			}
+			else {
+				$error = Validator::getLastError();
+			}
+		}
+		else {
+			$error = 'Wrong code to change password.';
+		}
+	}
+	else {
+		$error = "Account of this character or this character doesn't exist.";
+	}
+}
+
+if(!empty($error)) {
+	$twig->display('error_box.html.twig', [
+		'errors' => [$error],
+	]);
+
+	echo '<br/>';
+
+	$twig->display('account/lost/check-code.html.twig', [
+		'code' => $code,
+		'character' => $character,
+	]);
+}

system/pages/account/lost/email/step-1.php

@@ -0,0 +1,30 @@
+<?php
+
+$title = 'Lost Account';
+
+if($account->isLoaded()) {
+	if($account->getCustomField('email_next') < time()) {
+		$twig->display('account/lost/email.html.twig', [
+			'nick' => $nick,
+		]);
+	}
+	else {
+		$inSec = (int)$account->getCustomField('email_next') - time();
+		$minutesLeft = floor($inSec / 60);
+		$secondsLeft = $inSec - ($minutesLeft * 60);
+		$timeLeft = $minutesLeft.' minutes '.$secondsLeft.' seconds';
+
+		$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
+
+		echo "Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again.";
+	}
+}
+else {
+	echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
+}
+
+$twig->display('account.back_button.html.twig', [
+	'new_line' => true,
+	'center' => true,
+	'action' => getLink('account/lost'),
+]);

system/pages/account/lost/recovery-key/step-1.php

@@ -0,0 +1,26 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+if($account->isLoaded()) {
+	$account_key = $account->getCustomField('key');
+
+	if(!empty($account_key)) {
+		$twig->display('account/lost/recovery-key.html.twig', [
+			'nick' => $nick,
+		]);
+	}
+	else {
+		echo 'Account of this character has no recovery key!';
+	}
+}
+else {
+	echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
+}
+
+$twig->display('account.back_button.html.twig', [
+	'new_line' => true,
+	'center' => true,
+	'action' => getLink('account/lost'),
+]);

system/pages/account/lost/recovery-key/step-2.php

@@ -0,0 +1,40 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+$recKey = trim($_REQUEST['key']);
+$nick = stripslashes($_REQUEST['nick']);
+
+$player = new OTS_Player();
+$account = new OTS_Account();
+$player->find($nick);
+if($player->isLoaded()) {
+	$account = $player->getAccount();
+}
+
+if($account->isLoaded()) {
+	$accountKey = $account->getCustomField('key');
+	if(!empty($accountKey)) {
+		if($accountKey == $recKey) {
+			$twig->display('account/lost/step2.html.twig', [
+				'nick' => $nick,
+				'recKey' => $recKey,
+			]);
+		}
+		else {
+			echo 'Wrong recovery key!';
+		}
+	}
+	else {
+		echo 'Account of this character has no recovery key!';
+	}
+}
+else
+	echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
+
+$twig->display('account.back_button.html.twig', [
+	'new_line' => true,
+	'center' => true,
+	'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
+]);

system/pages/account/lost/recovery-key/step-3.php

@@ -0,0 +1,91 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+$recKey = trim($_REQUEST['key']);
+$nick = stripslashes($_REQUEST['nick']);
+$newPassword = trim($_REQUEST['passor']);
+$newEmail = trim($_REQUEST['email']);
+
+$player = new OTS_Player();
+$account = new OTS_Account();
+$player->find($nick);
+if($player->isLoaded()) {
+	$account = $player->getAccount();
+}
+
+if($account->isLoaded()) {
+	$accountKey = $account->getCustomField('key');
+
+	if(!empty($accountKey)) {
+		if($accountKey == $recKey) {
+			if(Validator::password($newPassword)) {
+				if(Validator::email($newEmail)) {
+					$account->setEMail($newEmail);
+
+					$tmp_new_pass = $newPassword;
+					if(USE_ACCOUNT_SALT)
+					{
+						$salt = generateRandomString(10, false, true, true);
+						$tmp_new_pass = $salt . $newPassword;
+					}
+
+					$account->setPassword(encrypt($tmp_new_pass));
+					$account->save();
+
+					if(USE_ACCOUNT_SALT) {
+						$account->setCustomField('salt', $salt);
+					}
+
+					$statusMsg = '';
+					if($account->getCustomField('email_next') < time()) {
+						$mailBody = $twig->render('mail.account.lost.new-email.html.twig', [
+							'account' => $account,
+							'newPassword' => $newPassword,
+							'newEmail' => $newEmail,
+						]);
+
+						if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody)) {
+							$statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
+						}
+						else {
+							$statusMsg = '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
+						}
+					}
+					else {
+						$statusMsg = '<br /><small>You will not receive e-mail with this informations.</small>';
+					}
+
+					$twig->display('account/lost/finish.new-email.html.twig', [
+						'statusMsg' => $statusMsg,
+						'account' => $account,
+						'newPassword' => $newPassword,
+						'newEmail' => $newEmail,
+					]);
+				}
+				else {
+					echo Validator::getLastError();
+				}
+			}
+			else {
+				echo Validator::getLastError();
+			}
+		}
+		else {
+			echo 'Wrong recovery key!';
+		}
+	}
+	else {
+		echo 'Account of this character has no recovery key!';
+	}
+}
+else {
+	echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
+}
+
+$twig->display('account.back_button.html.twig', [
+	'new_line' => true,
+	'center' => true,
+	'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
+]);

system/pages/account/lost/step-1.php

@@ -0,0 +1,24 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Lost Account';
+
+$nick = stripslashes($_REQUEST['nick']);
+
+$player = new OTS_Player();
+$account = new OTS_Account();
+$player->find($nick);
+if($player->isLoaded()) {
+	$account = $player->getAccount();
+}
+
+if (ACTION == 'email') {
+	require __DIR__ . '/email/step-1.php';
+}
+else if (ACTION == 'recovery-key') {
+	require __DIR__ . '/recovery-key/step-1.php';
+}
+else {
+	$twig->display('account/lost/no-action.html.twig');
+}
+

system/pages/guilds/invite.php

@@ -23,6 +23,12 @@ if(!Validator::guildName($guild_name)) {
 	$errors[] = Validator::getLastError();
 }
 
+if (!$db->hasTableAndColumns('guild_invites', ['player_id'])) {
+	$errors[] = "Guild invite is not possible on this website.";
+	$twig->display('error_box.html.twig', ['errors' => $errors]);
+	return;
+}
+
 if(empty($errors)) {
 	$guild = new OTS_Guild();
 	$guild->find($guild_name);
@@ -58,7 +64,7 @@ if(empty($errors)) {
 	}
 }
 
-if(!$guild_vice) {
+if(empty($errors) && !$guild_vice) {
 	$errors[] = 'You are not a leader or vice leader of guild <b>'.$guild_name.'</b>.'.$level_in_guild;
 }
 
@@ -84,6 +90,7 @@ if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		}
 	}
 }
+
 if(empty($errors)) {
 	include(SYSTEM . 'libs/pot/InvitesDriver.php');
 	new InvitesDriver($guild);
@@ -104,6 +111,7 @@ if(!empty($errors)) {
 else {
 	if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
 		$guild->invite($player);
+
 		$twig->display('success.html.twig', array(
 			'title' => 'Invite player',
 			'description' => 'Player with name <b>' . $player->getName() . '</b> has been invited to your guild.',

system/pages/guilds/show.php

@@ -121,25 +121,28 @@ foreach($rank_list as $rank)
 	}
 }
 
-include(SYSTEM . 'libs/pot/InvitesDriver.php');
-new InvitesDriver($guild);
-$invited_list = $guild->listInvites();
+$invited_list = [];
 $show_accept_invite = 0;
-if($logged && count($invited_list) > 0)
-{
-	foreach($invited_list as $invited_player)
-	{
-		if(count($account_players) > 0)
-		{
-			foreach($account_players as $player_from_acc)
-			{
-				if($player_from_acc->isLoaded() && $invited_player->isLoaded() && $player_from_acc->getName() == $invited_player->getName())
-					$show_accept_invite++;
+
+if ($db->hasTableAndColumns('guild_invites', ['player_id'])) {
+	include(SYSTEM . 'libs/pot/InvitesDriver.php');
+	new InvitesDriver($guild);
+	$invited_list = $guild->listInvites();
+
+	if($logged && count($invited_list) > 0) {
+		foreach($invited_list as $invited_player) {
+			if(count($account_players) > 0) {
+				foreach($account_players as $player_from_acc) {
+					if($player_from_acc->isLoaded() && $invited_player->isLoaded() && $player_from_acc->getName() == $invited_player->getName()) {
+						$show_accept_invite++;
+					}
+				}
 			}
 		}
 	}
 }
 
+
 $useGuildNick = $db->hasTable('guild_members') || $db->hasTable('guild_membership') || $db->hasColumn('players', 'guildnick');
 
 $twig->display('guilds.view.html.twig', array(

system/pages/online.php

@@ -105,8 +105,17 @@ $cached = Cache::remember("online_$order", setting('core.online_cache_ttl') * 60
 			$result = null;
 			$timestamp = false;
 			if($db->hasTable('server_record')) {
-				$timestamp = true;
-				$result = ServerRecord::where('world_id', configLua('worldId'))->orderByDesc('record')->first()->toArray();
+				$timestamp = $db->hasColumn('server_record', 'timestamp');
+				$serverRecordQuery = ServerRecord::query();
+
+				if ($db->hasColumn('server_record', 'world_id')) {
+					$serverRecordQuery->where('world_id', configLua('worldId'));
+				}
+
+				$result = $serverRecordQuery->orderByDesc('record')->first();
+				if ($result) {
+					$result = $result->toArray();
+				}
 			} else if($db->hasTable('server_config')) { // tfs 1.0
 				$row = ServerConfig::where('config', 'players_record')->first();
 				if ($row) {

system/router.php

@@ -94,19 +94,30 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 		$routesFinal[] = ['*', $page, '__database__/' . $page, 100];
 	}
 
+	$routes = require SYSTEM . 'routes.php';
 	Plugins::clearWarnings();
-	foreach (Plugins::getRoutes() as $route) {
-		$routesFinal[] = [$route[0], $route[1], $route[2], $route[3] ?? 1000];
+
+	foreach (Plugins::getRoutes() as $pluginRoute) {
+
+		$routesFinal[] = [$pluginRoute[0], $pluginRoute[1], $pluginRoute[2], $pluginRoute[3] ?? 1000];
+
+		// Possibility to override routes with plugins pages, like characters.php
+		foreach ($routes as &$route) {
+			if (str_contains($pluginRoute[2], 'pages/' . $route[2])) {
+				$route[2] = $pluginRoute[2];
+			}
+		}
 /*
 		echo '<pre>';
-		var_dump($route[1], $route[3], $route[2]);
+		var_dump($pluginRoute[1], $pluginRoute[3], $pluginRoute[2]);
 		echo '/<pre>';
 */
 	}
 
-	$routes = require SYSTEM . 'routes.php';
 	foreach ($routes as $route) {
-		if (!str_contains($route[2], '__redirect__') && !str_contains($route[2], '__database__')) {
+		if (!str_contains($route[2], '__redirect__') && !str_contains($route[2], '__database__')
+			&& !str_contains($route[2], 'plugins/')
+		) {
 			if (!is_file(BASE . 'system/pages/' . $route[2])) {
 				continue;
 			}

system/settings.php

@@ -28,6 +28,15 @@ if (!IS_CLI) {
 	$siteURL = $serverUrl . $baseDir;
 }
 
+$donateColumnOptions = [
+	'premium_points' => 'Premium Points',
+	'coins' => 'Coins',
+];
+
+if (defined('HAS_ACCOUNT_COINS_TRANSFERABLE') && (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS)) {
+	$donateColumnOptions[ACCOUNT_COINS_TRANSFERABLE_COLUMN] = 'Coins Transferable';
+}
+
 return [
 	'name' => 'MyAAC',
 	'settings' => [
@@ -1295,7 +1304,7 @@ Sent by MyAAC,<br/>
 			'name' => 'Data Center',
 			'type' => 'text',
 			'desc' => 'Server Location, will be shown on online page',
-			'default' => 'Frankfurt - Germany',
+			'default' => 'Poland - Warsaw',
 		],
 		[
 			'type' => 'section',
@@ -1598,13 +1607,14 @@ Sent by MyAAC,<br/>
 			'name' => 'Donate Column',
 			'type' => 'options',
 			'desc' => 'What to give to player after donation - what column in accounts table to use.',
-			'options' => ['premium_points' => 'Premium Points', 'coins' => 'Coins'],
+			'options' => $donateColumnOptions,
 			'default' => 'premium_points',
 			'callbacks' => [
 				'beforeSave' => function($key, $value, &$errorMessage) {
 					global $db;
-					if ($value == 'coins' && !HAS_ACCOUNT_COINS) {
-						$errorMessage = "Shop: Donate Column: Cannot set column to coins, because it doesn't exist in database.";
+
+					if (!$db->hasColumn('accounts', $value)) {
+						$errorMessage = "Shop: Donate Column: Cannot set column to $value, because it doesn't exist in database.";
 						return false;
 					}
 					return true;

system/src/Commands/MigrateRunCommand.php

@@ -45,6 +45,22 @@ class MigrateRunCommand extends Command
 
 		$down = $input->getOption('down') ?? false;
 
+		/**
+		 * Sort according to $down option.
+		 * Do we really want it?
+		 * Or should we use order provided by user,
+		 *      even when it's not sorted correctly?
+		 * Leaving it for consideration.
+		 */
+		/*
+		if ($down) {
+			rsort($ids);
+		}
+		else {
+			sort($ids);
+		}
+		*/
+
 		foreach ($ids as $id) {
 			$this->executeMigration($id, $io, !$down);
 		}

system/src/Commands/PluginDisableCommand.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace MyAAC\Commands;
+
+use MyAAC\Plugins;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+
+class PluginDisableCommand extends Command
+{
+	protected function configure(): void
+	{
+		$this->setName('plugin:disable')
+			->setDescription('This command disables plugin')
+			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to disable');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output): int
+	{
+		require SYSTEM . 'init.php';
+
+		$io = new SymfonyStyle($input, $output);
+
+		$pluginName = $input->getArgument('plugin-name');
+
+		if (!Plugins::disable($pluginName)) {
+			$io->error('Error while disabling plugin ' . $pluginName . ': ' . Plugins::getError());
+			return 2;
+		}
+
+		$io->success('Successfully disabled plugin ' . $pluginName);
+		return Command::SUCCESS;
+	}
+}

system/src/Commands/PluginEnableCommand.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace MyAAC\Commands;
+
+use MyAAC\Plugins;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+
+class PluginEnableCommand extends Command
+{
+	protected function configure(): void
+	{
+		$this->setName('plugin:enable')
+			->setDescription('This command enables plugin')
+			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to enable');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output): int
+	{
+		require SYSTEM . 'init.php';
+
+		$io = new SymfonyStyle($input, $output);
+
+		$pluginName = $input->getArgument('plugin-name');
+
+		if (!Plugins::enable($pluginName)) {
+			$io->error('Error while enabling plugin ' . $pluginName . ': ' . Plugins::getError());
+			return 2;
+		}
+
+		$io->success('Successfully enabled plugin ' . $pluginName);
+		return Command::SUCCESS;
+	}
+}

system/src/Commands/PluginSetupCommand.php

@@ -8,7 +8,7 @@ use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Output\OutputInterface;
 use Symfony\Component\Console\Style\SymfonyStyle;
 
-class PluginInstallInstallCommand extends Command
+class PluginSetupCommand extends Command
 {
 	protected function configure(): void
 	{

system/src/Commands/PluginUninstallCommand.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace MyAAC\Commands;
+
+use MyAAC\Plugins;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+
+class PluginUninstallCommand extends Command
+{
+	protected function configure(): void
+	{
+		$this->setName('plugin:uninstall')
+			->setDescription('This command uninstalls plugin')
+			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to uninstall');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output): int
+	{
+		require SYSTEM . 'init.php';
+
+		$io = new SymfonyStyle($input, $output);
+
+		$pluginName = $input->getArgument('plugin-name');
+
+		if (!Plugins::uninstall($pluginName)) {
+			$io->error('Error while uninstalling plugin ' . $pluginName . ': ' . Plugins::getError());
+			return 2;
+		}
+
+		foreach(Plugins::getWarnings() as $warning) {
+			$io->warning($warning);
+		}
+
+		$io->success('Successfully uninstalled plugin ' . $pluginName);
+		return Command::SUCCESS;
+	}
+}

system/src/Commands/SettingsResetCommand.php

@@ -3,6 +3,7 @@
 namespace MyAAC\Commands;
 
 use MyAAC\Models\Settings as SettingsModel;
+use MyAAC\Plugins;
 use MyAAC\Settings;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputInterface;
@@ -34,7 +35,14 @@ class SettingsResetCommand extends Command
 			return Command::FAILURE;
 		}
 
-		if (!$name) {
+		// find by plugin name
+		foreach (Plugins::getAllPluginsSettings() as $key => $setting) {
+			if ($setting['pluginFilename'] === $name) {
+				$name = $key;
+			}
+		}
+
+		if (empty($name)) {
 			SettingsModel::truncate();
 		}
 		else {

system/src/Commands/SettingsSetCommand.php

@@ -3,6 +3,7 @@
 namespace MyAAC\Commands;
 
 use MyAAC\Models\Settings as SettingsModel;
+use MyAAC\Plugins;
 use MyAAC\Settings;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputInterface;
@@ -17,7 +18,7 @@ class SettingsSetCommand extends Command
 			->setDescription('Updates the setting specified by argument in database')
 			->addArgument('key',
 				InputArgument::REQUIRED,
-				'Setting name/key'
+				'Setting key in format name.key'
 			)
 			->addArgument('value',
 				InputArgument::REQUIRED,
@@ -34,6 +35,18 @@ class SettingsSetCommand extends Command
 		$key = $input->getArgument('key');
 		$value = $input->getArgument('value');
 
+		// format settings_name.key
+		// example: core.template
+		$explode = explode('.', $key);
+
+		// find by plugin name
+		foreach (Plugins::getAllPluginsSettings() as $_key => $setting) {
+			if ($setting['pluginFilename'] === $explode[0]) {
+				$explode[0] = $_key;
+				$key = implode('.', $explode);
+			}
+		}
+
 		$settings = Settings::getInstance();
 		$settings->clearCache();
 		$settings->load();
@@ -44,10 +57,6 @@ class SettingsSetCommand extends Command
 			return Command::FAILURE;
 		}
 
-		// format plugin_name.key
-		// example: core.template
-		$explode = explode('.', $key);
-
 		$settings->updateInDatabase($explode[0], $explode[1], $value);
 		$settings->clearCache();
 

system/src/Settings.php

@@ -7,16 +7,13 @@ use MyAAC\Models\Settings as ModelsSettings;
 
 class Settings implements \ArrayAccess
 {
-	static private $instance;
-	private $settingsFile = [];
-	private $settingsDatabase = [];
-	private $cache = [];
-	private $valuesAsked = [];
-	private $errors = [];
+	static private ?Settings $instance = null;
+	private array $settingsFile = [];
+	private array $settingsDatabase = [];
+	private array $cache = [];
+	private array $valuesAsked = [];
+	private array $errors = [];
 
-	/**
-	 * @return Settings
-	 */
 	public static function getInstance(): Settings
 	{
 		if (!self::$instance) {
@@ -26,28 +23,21 @@ class Settings implements \ArrayAccess
 		return self::$instance;
 	}
 
-	public function load()
+	public function load(): void
 	{
-		$cache = Cache::getInstance();
-		if ($cache->enabled()) {
-			$tmp = '';
-			if ($cache->fetch('settings', $tmp)) {
-				$this->settingsDatabase = unserialize($tmp);
-				return;
+		$this->settingsDatabase = Cache::remember('settings', 10 * 60, function () {
+			$settingsDatabase = [];
+
+			$settings = ModelsSettings::all();
+			foreach ($settings as $setting) {
+				$settingsDatabase[$setting->name][$setting->key] = $setting->value;
 			}
-		}
 
-		$settings = ModelsSettings::all();
-		foreach ($settings as $setting) {
-			$this->settingsDatabase[$setting->name][$setting->key] = $setting->value;
-		}
-
-		if ($cache->enabled()) {
-			$cache->set('settings', serialize($this->settingsDatabase), 600);
-		}
+			return $settingsDatabase;
+		});
 	}
 
-	public function save($pluginName, $values)
+	public function save($pluginName, $values): bool
 	{
 		$this->loadPlugin($pluginName);
 
@@ -104,7 +94,7 @@ class Settings implements \ArrayAccess
 		return true;
 	}
 
-	public function updateInDatabase($pluginName, $key, $value)
+	public function updateInDatabase($pluginName, $key, $value): void
 	{
 		if (ModelsSettings::where(['name' => $pluginName, 'key' => $key])->exists()) {
 			ModelsSettings::where(['name' => $pluginName, 'key' => $key])->update(['value' => $value]);
@@ -117,7 +107,7 @@ class Settings implements \ArrayAccess
 		$this->clearCache();
 	}
 
-	public function deleteFromDatabase($pluginName, $key = null)
+	public function deleteFromDatabase($pluginName, $key = null): void
 	{
 		if (!isset($key)) {
 			ModelsSettings::where('name', $pluginName)->delete();
@@ -217,7 +207,7 @@ class Settings implements \ArrayAccess
 				if (isset($setting['hidden']) && $setting['hidden']) {
 					$value = '';
 					if ($setting['type'] === 'boolean') {
-						$value = ($setting['default'] ? 'true' : 'false');
+						$value = (getBoolean($setting['default']) ? 'true' : 'false');
 					}
 					else if (in_array($setting['type'], ['text', 'number', 'float', 'double', 'email', 'password', 'textarea'])) {
 						$value = $setting['default'];
@@ -230,12 +220,7 @@ class Settings implements \ArrayAccess
 				}
 				else if ($setting['type'] === 'boolean') {
 					if(isset($settingsDb[$key])) {
-						if($settingsDb[$key] === 'true') {
-							$value = true;
-						}
-						else {
-							$value = false;
-						}
+						$value = getBoolean($settingsDb[$key]);
 					}
 					else {
 						$value = ($setting['default'] ?? false);
@@ -383,7 +368,7 @@ class Settings implements \ArrayAccess
 	}
 
 	#[\ReturnTypeWillChange]
-	public function offsetSet($offset, $value)
+	public function offsetSet($offset, $value): void
 	{
 		if (is_null($offset)) {
 			throw new \RuntimeException("Settings: You cannot set empty offset with value: $value!");
@@ -423,7 +408,7 @@ class Settings implements \ArrayAccess
 	}
 
 	#[\ReturnTypeWillChange]
-	public function offsetUnset($offset)
+	public function offsetUnset($offset): void
 	{
 		$this->loadPlugin($offset);
 
@@ -455,7 +440,7 @@ class Settings implements \ArrayAccess
 	 * @return array|mixed
 	 */
 	#[\ReturnTypeWillChange]
-	public function offsetGet($offset)
+	public function offsetGet($offset): mixed
 	{
 		// try cache hit
 		if(isset($this->cache[$offset])) {
@@ -521,7 +506,7 @@ class Settings implements \ArrayAccess
 		return $ret;
 	}
 
-	private function updateValuesAsked($offset)
+	private function updateValuesAsked($offset): void
 	{
 		$pluginKeyName = $offset;
 		if (strpos($offset, '.')) {
@@ -537,7 +522,7 @@ class Settings implements \ArrayAccess
 		}
 	}
 
-	private function loadPlugin($offset)
+	private function loadPlugin($offset): void
 	{
 		$this->updateValuesAsked($offset);
 
@@ -566,7 +551,7 @@ class Settings implements \ArrayAccess
 		}
 	}
 
-	public static function saveConfig($config, $filename, &$content = '')
+	public static function saveConfig($config, $filename, &$content = ''): bool|int
 	{
 		$content = "<?php" . PHP_EOL;
 

system/template.php

@@ -148,7 +148,7 @@ function get_template_menus(): array
 {
 	global $template_name;
 
-	$result = Cache::remember('template_menus', 10 * 60, function () use ($template_name) {
+	$result = Cache::remember('template_menus_' . $template_name, 10 * 60, function () use ($template_name) {
 		$result = Menu::select(['name', 'link', 'blank', 'color', 'category'])
 			->where('template', $template_name)
 			->orderBy('category')

system/templates/account.back_button.html.twig

@@ -1,7 +1,26 @@
 {% if new_line is defined and new_line %}
 	<br/>
 {% endif %}
-<form action="{% if action is not defined %}{{ getLink('account/manage') }}{% else %}{{ action }}{% endif %}" method="post">
-	{{ csrf() }}
-	{{ include('buttons.back.html.twig') }}
-</form>
+
+{% set _center = false %}
+
+{% if center is defined and center %}
+{% set _center = true %}
+{% endif %}
+
+{% if _center %}
+<table border="0" cellspacing="1" cellpadding="4" width="100%">
+	<tbody>
+	<tr>
+		<td align="center">
+{% endif %}
+			<form action="{% if action is not defined %}{{ getLink('account/manage') }}{% else %}{{ action }}{% endif %}" method="post">
+				{{ csrf() }}
+				{{ include('buttons.back.html.twig') }}
+			</form>
+{% if _center %}
+		</td>
+	</tr>
+	</tbody>
+</table>
+{% endif %}

system/templates/account.lost.form.html.twig

@@ -1,36 +0,0 @@
-The Lost Account Interface can help you to get back your account name and password. Please enter your character name and select what you want to do.<br/>
-<form action="{{ getLink('account/lost') }}?action=step1" method="post">
-	{{ csrf() }}
-	<input type="hidden" name="character" value="">
-	<table cellspacing="1" cellpadding="4" border="0" width="100%">
-		<tr>
-			<td bgcolor="{{ config.vdarkborder }}" class="white"><b>Please enter your character name</b></td>
-		</tr>
-		<tr>
-			<td bgcolor="{{ config.darkborder }}">
-				<input type="text" name="nick" size="40" autofocus/><br>
-			</td>
-		</tr>
-	</table>
-	<table cellspacing="1" cellpadding="4" border="0" width="100%">
-		<tr>
-			<td bgcolor="{{ config.vdarkborder }}" class="white"><b>What do you want?</b></td>
-		</tr>
-		<tr>
-			<td bgcolor="{{ config.darkborder }}">
-				<input type="radio" name="action_type" id="action_type_email" value="email">
-				<label for="action_type_email"> Send me new password and my account name to account e-mail adress.</label><br/>
-				<input type=radio name="action_type" id="action_type_key" value="reckey">
-				<label for="action_type_key"> I got <b>recovery key</b> and want set new password and e-mail adress to my account.</label><br/>
-			</td>
-		</tr>
-	</table>
-	<br/>
-	<table cellspacing="0" cellpadding="0" border="0" width="100%">
-		<tr>
-			<td align="center">
-				{{ include('buttons.submit.html.twig') }}
-			</td>
-		</tr>
-	</table>
-</form>

system/templates/account.lost.noaction.html.twig

@@ -1,10 +0,0 @@
-Please select action.<br/>
-<table cellspacing="0" cellpadding="0" border="0" width="100%">
-	<tr>
-		<td align="center">
-			<a href="{{ getLink('account/lost') }}" border="0">
-				{{ include('buttons.back.html.twig') }}
-			</a>
-		</td>
-	</tr>
-</table>

system/templates/account/lost/check-code.finish.html.twig

@@ -0,0 +1,33 @@
+Please enter new password to your account and repeat to make sure you remember password.<BR>
+<form action="{{ getLink('account/lost/email/set-new-password') }}" method="post">
+	<input type="hidden" name="character" value="{{ character }}">
+	<input type="hidden" name="code" value="{{ code }}">
+	<table class="myaac-table" style="width: 100%;">
+
+		<thead>
+		<tr>
+			<th class="white"><B>Passwords</B></th>
+		</tr>
+		</thead>
+
+		<tbody>
+		<tr>
+			<td>
+				New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="password" ID="passor" name="passor" value="" size="40"><br/>
+				Repeat new password:&nbsp;<input TYPE="password" ID="passor2" name="passor2" value="" size="40"><br/>
+			</td>
+		</tr>
+		</tbody>
+	</table>
+	<br/>
+	<table style="width: 100%">
+		<tr>
+			<td>
+				<div style="text-align: center">
+					{% set button_name = 'Submit' %}
+					{% include('buttons.base.html.twig') %}
+				</div>
+			</td>
+		</tr>
+	</table>
+</form>

system/templates/account/lost/check-code.html.twig

@@ -0,0 +1,30 @@
+Please enter code from e-mail and name of one character from account. Then press Submit.<br/>
+<form action="{{ getLink('account/lost/check-code') }}" method="post">
+	<table class="myaac-table" style="width: 100%;">
+		<thead>
+		<tr>
+			<th class="white">
+				<b>Code & character name</b>
+			</th>
+		</tr>
+		</thead>
+
+		<tbody>
+		<tr>
+			<td>
+				Your code:&nbsp;<input type="text" name="code" value="{{ code }}" size="40"><br/>
+				Character:&nbsp;<input type="text" name="character" value="{{ character }}" size="40"><br/>
+			</td>
+		</tr>
+		</tbody>
+	</table>
+	<br>
+	<table style="width: 100%">
+		<tr>
+			<td align="center">
+				{% set button_name = 'Submit' %}
+				{% include('buttons.base.html.twig') %}
+			</td>
+		</tr>
+	</table>
+</form>

system/templates/account/lost/email.html.twig

@@ -0,0 +1,33 @@
+Please enter e-mail to account with this character.<br/>
+<form action="{{ getLink('account/lost/email/send-code') }}" method="post">
+	<input type=hidden name="character">
+	<table class="myaac-table" style="width: 100%;">
+
+		<thead>
+		<tr>
+			<th class="white"><b>Please enter e-mail to account</b></th>
+		</tr>
+		</thead>
+
+		<tbody>
+		<tr>
+			<td>
+				Character: <input type=text name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
+				E-mail to account: <input type=text name="email" value="" size="40"><br/>
+			</td>
+		</tr>
+		</tbody>
+
+	</table>
+	<br>
+	<table style="width: 100%">
+		<tr>
+			<td>
+				<div style="text-align:center">
+					{% set button_name = 'Submit' %}
+					{% include('buttons.base.html.twig') %}
+				</div>
+			</td>
+		</tr>
+	</table>
+</form>

system/templates/account/lost/finish.new-email.html.twig

@@ -0,0 +1,33 @@
+Your account name, new password and new e-mail.<br/>
+<table class="myaac-table" style="width: 100%;">
+
+	<thead>
+	<tr>
+		<th class="white">
+			<b>Your account name, new password and new e-mail</b>
+		</th>
+	</tr>
+	</thead>
+
+	<tbody>
+	<tr>
+		<td>
+			Account name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>{{ account.getName() }}</b><br/>
+			New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>{{ newPassword }}</b><br/>
+			New e-mail address:&nbsp;<b>{{ newEmail }}</b><br/>
+			{{ statusMsg|raw }}
+		</td>
+	</tr>
+	</tbody>
+
+</table>
+<br>
+<table style="width: 100%">
+	<tr>
+		<td align="center">
+			<form action="{{ getLink('account/manage') }}" method="post">
+				{{ include('buttons.login.html.twig') }}
+			</form>
+		</td>
+	</tr>
+</table>

system/templates/account/lost/finish.new-password.html.twig

@@ -0,0 +1,30 @@
+New password to your account is below. Now you can log in.<BR>
+<table class="myaac-table" style="width: 100%;">
+
+	<thead>
+	<tr>
+		<th class="white"><b>Changed password</b></th>
+	</tr>
+	</thead>
+
+	<tbody>
+	<tr>
+		<td>
+			New password:&nbsp;<b>{{ newPassword }}</b><br/>
+			Account name:&nbsp;&nbsp;&nbsp;<i>(Already on your e-mail)</i><br/>
+			{{ statusMsg|raw }}
+		</td>
+	</tr>
+	</tbody>
+</table>
+<br/>
+<table style="width: 100%">
+	<tr>
+		<td align="center">
+			<form action="{{ getLink('account/manage') }}">
+				{% set button_name = 'Login' %}
+				{% include('buttons.base.html.twig') %}
+			</form>
+		</td>
+	</tr>
+</table>

system/templates/account/lost/form.html.twig

@@ -0,0 +1,41 @@
+The Lost Account Interface can help you to get back your account name and password. Please enter your character name and select what you want to do.<br/>
+<form action="{{ getLink('account/lost/step-1') }}" method="post">
+	{{ csrf() }}
+	<input type="hidden" name="character" value="">
+	<table class="myaac-table" style="width: 100%">
+		<thead>
+		<tr>
+			<th class="white"><b>Please enter your character name</b></th>
+		</tr>
+		</thead>
+		<tbody>
+			<tr>
+				<td>
+					<input type="text" name="nick" size="40" autofocus/><br>
+				</td>
+			</tr>
+		</tbody>
+	</table>
+	<table style="width: 100%; border-spacing: 1px">
+		<tr>
+			<td style="padding: 4px; background: {{ config('vdarkborder') }}" class="white"><b>What do you want?</b></td>
+		</tr>
+		<tr>
+			<td style="padding: 4px; background: {{ config('darkborder') }}">
+				<input type="radio" name="action" id="action_type_email" value="email">
+				<label for="action_type_email"> Send me new password and my account name to account e-mail address.</label><br/>
+				<input type=radio name="action" id="action_type_key" value="recovery-key">
+				<label for="action_type_key"> I got <b>recovery key</b> and want set new password and e-mail address to my account.</label><br/>
+			</td>
+		</tr>
+	</table>
+	<br/>
+	<table style="width: 100%">
+		<tr>
+			<td align="center">
+				{% set button_name = 'Submit' %}
+				{% include('buttons.base.html.twig') %}
+			</td>
+		</tr>
+	</table>
+</form>

system/templates/account/lost/no-action.html.twig

@@ -0,0 +1,10 @@
+Please select action.<br/>
+<table style="width: 100%">
+	<tr>
+		<td align="center">
+			<a href="{{ getLink('account/lost') }}">
+				{{ include('buttons.back.html.twig') }}
+			</a>
+		</td>
+	</tr>
+</table>

system/templates/account/lost/recovery-key.html.twig

@@ -0,0 +1,34 @@
+If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
+<form action="{{ getLink('account/lost/recovery-key/step-2') }}" method="post">
+	<table class="myaac-table" style="width: 100%;">
+
+		<thead>
+		<tr>
+			<th class="white">
+				<b>Please enter your recovery key</b>
+			</th>
+		</tr>
+		</thead>
+
+		<tbody>
+		<tr>
+			<td>
+				Character name:&nbsp;<input type=text name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
+				Recovery key:&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="key" value="" size="40"><br/>
+			</td>
+		</tr>
+		</tbody>
+
+	</table>
+	<br>
+	<table style="width: 100%">
+		<tr>
+			<td>
+				<div style="text-align:center">
+					{% set button_name = 'Submit' %}
+					{% include('buttons.base.html.twig') %}
+				</div>
+			</td>
+		</tr>
+	</table>
+</form>

system/templates/account/lost/step2.html.twig

@@ -0,0 +1,35 @@
+Set new password and e-mail to your account.<br>
+<form action="{{ getLink('account/lost/step-3') }}" method="post">
+	<input type="hidden" name="character" value="">
+	<table class="myaac-table" style="width: 100%">
+
+		<thead>
+		<tr>
+			<th class="white">
+				<b>Please enter new password and e-mail</b>
+			</th>
+		</tr>
+		</thead>
+
+		<tbody>
+		<tr>
+			<td>
+				Account of character:&nbsp;&nbsp;<input type="text" name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
+				New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input id="passor" type="password" name="passor" value="" size="40"><br/>
+				Repeat new password:&nbsp;&nbsp;<input id="passor2" type="password" name="passor" value="" size="40"><br/>
+				New e-mail address:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input id="email" type="text" name="email" value="" size="40"><br/>
+				<input type="hidden" name="key" VALUE="{{ recKey }}">
+			</td>
+		</tr>
+		</tbody>
+	</table>
+	<br>
+	<table style="width: 100%">
+		<tr>
+			<td align="center">
+				{% set button_name = 'Submit' %}
+				{% include('buttons.base.html.twig') %}
+			</td>
+		</tr>
+</table>
+</form>

system/templates/guilds.view.html.twig

@@ -235,14 +235,16 @@
 															{% endif %}
 
 															{% if isVice %}
-																<form action="{{ getLink('guilds') }}?action=invite&guild={{ guild_name|url_encode }}" method="post">
-																	{{ csrf() }}
-																	<td>
-																		{% set button_name = 'Invite Character' %}
-																		{% set button_image = '_sbutton_invitecharacter' %}
-																		{% include('buttons.base.html.twig') %}
-																	</td>
-																</form>
+																{% if db.hasTableAndColumns('guild_invites', ['player_id']) %}
+																	<form action="{{ getLink('guilds') }}?action=invite&guild={{ guild_name|url_encode }}" method="post">
+																		{{ csrf() }}
+																		<td>
+																			{% set button_name = 'Invite Character' %}
+																			{% set button_image = '_sbutton_invitecharacter' %}
+																			{% include('buttons.base.html.twig') %}
+																		</td>
+																	</form>
+																{% endif %}
 
 																<form action="{{ getLink('guilds') }}?action=change_rank&guild={{ guild_name|url_encode }}" method="post">
 																	{{ csrf() }}

system/templates/mail.account.lost.code.html.twig

@@ -0,0 +1,10 @@
+You asked to reset your {{ config('lua')['serverName'] }} password.<br/>
+<p>Account name: {{ account.getName() }}</p>
+<br/>
+To do so, please click this link:
+<p>
+	<a href="{{ getLink('account/lost/check-code') }}?code={{ newCode }}&character={{ nick|urlencode }}">{{ getLink('account/lost/check-code') }}?code={{ newCode }}&character={{ nick|urlencode }}</a>
+</p>
+<p>or open page: <i>{{ getLink('account/lost/check-code') }}</i> and in field "code" write <b>{{ newCode }}</b></p>
+<br/>
+<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.

system/templates/mail.account.lost.new-email.html.twig

@@ -0,0 +1,7 @@
+<h3>Your account name and new password!</h3>
+<p>Changed password and e-mail to your account in Lost Account Interface on server <a href="{{ constant('BASE_URL') }}"><b>{{ config('lua')['serverName'] }}</b></a></p>
+<p>Account name: <b>{{ account.getName() }}</b></p>
+<p>New password: <b>{{ newPassword }}</b></p>
+<p>E-mail: <b>{{ $newEmail }}</b> (this e-mail)</p>
+<br/>
+<p><u>It's automatic e-mail from OTS Lost Account System. Do not reply!</u></p>

system/templates/mail.account.lost.new-password.html.twig

@@ -0,0 +1,6 @@
+<h3>Your account name and password!</h3>
+<p>Changed password to your account in Lost Account Interface on server <a href="{{ constant('BASE_URL') }}"><b>{{ config('lua')['serverName'] }}</b></a></p>
+<p>Account name: <b>{{ account.getName() }}</b></p>
+<p>New password: <b>{{ newPassword }}</b></p>
+<br/>
+<p><u>It's automatic e-mail from OTS Lost Account System. Do not reply!</u></p>

system/templates/online.html.twig

@@ -90,7 +90,7 @@
 		</td>
 	</tr>
 
-	{% if setting('core.online_record') %}
+	{% if setting('core.online_record') and record|length > 0 %}
 	<tr>
 		<td class="LabelV150"><b>Online Record:</b></td>
 		<td>
@@ -161,7 +161,7 @@
 			{% endif %}
 
 			<td style="width:70%; text-align:left">
-				{{ player.name|raw }}{{ player.skull }}
+				{{ player.name|raw }}{{ player.skull|raw }}
 			</td>
 			<td style="width:10%">{{ player.level }}</td>
 			<td style="width:20%">{{ player.vocation }}</td>

system/templates/tables.style.html.twig

@@ -1,6 +1,9 @@
 <style>
+	.myaac-table {border-spacing: 1px;}
 	.myaac-table tbody tr:nth-child(even) {background: {{ config.lightborder }}}
 	.myaac-table tbody tr:nth-child(odd) {background:  {{ config.darkborder }}}
-	.myaac-table thead td {background: {{ config.vdarkborder }}; color: #ffffff !important;}
-	.myaac-table tfoot td {background: {{ config.vdarkborder }}; color: #ffffff !important;}
+	.myaac-table tbody td {padding: 4px; }
+	.myaac-table thead td {padding: 4px; background: {{ config.vdarkborder }}; color: #ffffff !important;}
+	.myaac-table thead th {padding: 4px; background: {{ config.vdarkborder }}; color: #ffffff !important;}
+	.myaac-table tfoot td {padding: 4px; background: {{ config.vdarkborder }}; color: #ffffff !important;}
 </style>

templates/tibiacom/index.php

@@ -164,6 +164,10 @@ if(isset($config['boxes']))
 		function InitializeMenu()
 		{
 		  for(menuItemName in menu[0]) {
+			  if (!document.getElementById(menuItemName+"_Submenu")) {
+				  continue;
+			  }
+
 			if(menu[0][menuItemName] == "0") {
 			  document.getElementById(menuItemName+"_Submenu").style.visibility = "hidden";
 			  document.getElementById(menuItemName+"_Submenu").style.display = "none";
@@ -387,7 +391,7 @@ foreach($config['menu_categories'] as $id => $cat) {
 	?>
 	</div>
 	<?php
-	if($id == MENU_CATEGORY_SHOP || (!setting('core.gifts_system') && $i == $countElements)) {
+	if ($i == $countElements) {
 	?>
 		<div id='MenuBottom' style='background-image:url(<?php echo $template_path; ?>/images/general/box-bottom.gif);'></div>
 	<?php