Remove spectrum.js from project

Was used in Menus, replaced by html "color" input

.gitignore

@@ -4,7 +4,7 @@ Thumbs.db
 
 #
 /.htaccess
-lua
+/lua
 
 # composer
 composer.phar
@@ -24,6 +24,7 @@ releases
 tmp
 
 config.local.php
+config2.local.php
 
 # all custom templates
 templates/*

CHANGELOG-1.x.md

@@ -1,5 +1,56 @@
 # Changelog
 
+## [1.8.5 - 21.11.2025]
+
+### Added
+* New Setting: Account Countries Most Popular (https://github.com/slawkens/myaac/commit/946364f59d7cd01472877108ab27ec78fb28307a)
+
+### Changed
+* Status: Write to status-error.log if there is connection error (https://github.com/slawkens/myaac/commit/780d4ccef741c1dd45a00bfc121fba9f1a175313)
+* Settings: escapeHtml in values (support for html code) (https://github.com/slawkens/myaac/commit/5861efdbe900ccd35309913af0c0a5f3d4cdc1a8)
+* News Page: Don't display hidden news for admin - it's confusing (https://github.com/slawkens/myaac/commit/175e97828b9a08ec3080cc8d3fb4eb3f1c08649f)
+* Plugins System: Add plugin:remove + plugin:delete as alias for plugin:uninstall + plugin:activate/deactivate (https://github.com/slawkens/myaac/commit/6367054487368c92741bfd1dc7c70c52aea9ee87, https://github.com/slawkens/myaac/commit/baec6c9ebf5c342b3b2f7123427c6ba21dbb93bc)
+
+### Fixed
+* Status: Fix $status['uptimeReadable'], was totally wrong (https://github.com/slawkens/myaac/commit/0a6d44bf21417562491aabc93543a2bc3a44b2df)
+* Guilds: Detect "deletion" column in guilds show/delete (https://github.com/slawkens/myaac/commit/6775a061bebc9ff449522f0173556d4a7a44fa5e, https://github.com/slawkens/myaac/commit/603d860b56bc7418db09e206f40aa06d0682c00e)
+* General: Ensure some cache folders & index.html exists (https://github.com/slawkens/myaac/commit/730a0f29124811f525207c24c06eb0d088fa3434)
+
+## [1.8.4 - 27.10.2025]
+
+### Changed
+* Reimport myaac_ tables on every install, this fixes errors when one table is missing or is duplicated (https://github.com/slawkens/myaac/commit/2580edadf84779f09fd395c21f92019b2c762f83)
+* Use custom env init on migrate, migrate:run and migrate:to (https://github.com/slawkens/myaac/commit/13ea68cc0c9349380c8e4051d702a6c2c8256f44, https://github.com/slawkens/myaac/commit/07fd034fe4cb0ffdb88667b1e400f414d0c6d06f)
+
+### Fixed
+* Show if there is mysql error on import schema (https://github.com/slawkens/myaac/commit/44110a9496b4385e42c31b75de301037e711b6c3)
+* Fix the premium checks, introduced in v1.8.3 (https://github.com/slawkens/myaac/commit/9d92a11fb7cb6d7a1619d79c12faaa0b1c01f980)
+
+## [1.8.3 - 21.10.2025]
+
+### Added
+* Feature: resend email verify (https://github.com/slawkens/myaac/commit/fe821c58085483e70491dcf76376ad5b96de3fdd)
+* New config: hooks_debug (To view where hooks are located in .twig files) (https://github.com/slawkens/myaac/commit/8c3cb0e06f9709c1de3398b48221241e7cbdd310)
+* Functions: Add db->getColumnInfo(table, column) (https://github.com/slawkens/myaac/commit/c898fe25efff6793a01d11c26fc153cb23fcb858)
+* Plugins: Add option to use ?subtopic=x for plugins pages (https://github.com/slawkens/myaac/commit/97f9d3d6f6c28aef6d824973058d7133f56e09c4)
+* getTopPlayers() Function - Add lookmount & promotion (https://github.com/slawkens/myaac/commit/2da0024c68f1cedc38a16ebbc6f52ffa55e65f7a, https://github.com/slawkens/myaac/commit/901df48d134079d648a18f9d82b60182e818ac02)
+* New hooks for account/change-password (https://github.com/slawkens/myaac/commit/470555f2687809a0c12491bbb27597e64b8929c1)
+
+### Changed
+* Feature: show vip days in account management (https://github.com/slawkens/myaac/commit/c88b08eb1ec1f560cbfdaaa16b24e3a0f26da7b3, by @andreoam)
+* Allow links in error_box.html.twig (https://github.com/slawkens/myaac/commit/9acad15451071639acf7a7d4e81619b0a9742b12)
+* Canary - Comment code to update lastday in login.php (https://github.com/slawkens/myaac/commit/38902c30d114fdbce259467f5820f97037b393e9)
+* Cache::remember $ttl = -1 = infinite (https://github.com/slawkens/myaac/commit/64acf70d3854182d88aaf0b67f77cea2a254f179)
+
+### Fixed
+* Online - Allow for html code (example - img) in online_datacenter (https://github.com/slawkens/myaac/commit/3bb272ebbbd2eb7769d174b7082061d14a17bd44)
+* Guilds - Fix guild create with freePremium enabled (https://github.com/slawkens/myaac/commit/c91bb5d4097647dca2196d3dea87bc90c89181d2)
+* Canary - Fix premDays count (https://github.com/slawkens/myaac/commit/3e61692780d4add93b7b0e9f12f7a283bd8f4b7a)
+* Template Change: Ignore set last visit for AJAX pages - Fixes template change redirect (https://github.com/slawkens/myaac/commit/89fae38caa7e4f645957fcf1a9330a36358ac04f)
+* Admin Panel - Accounts: Fix lastip v6 (TFS master) (https://github.com/slawkens/myaac/commit/f54b1bdd2af4c16c64ddff0e87a6c96bc4cf9eeb)
+* Functions - Prevent injection in $db->hasColumn (https://github.com/slawkens/myaac/commit/56bd7ec5ed904666074492f2e4f13e4fce226bee)
+* Compat Config: Add missing config: email_lai_sec_interval (https://github.com/slawkens/myaac/commit/2eae44e0755e624a91be68b4d1ec26d01eb4d9a1)
+
 ## [1.8.2 - 26.09.2025]
 
 ### Added

CHANGELOG-2.x.md

@@ -0,0 +1,4 @@
+## [2.0-dev - x.x.2025]
+
+### Changed
+* Reworked account action logs to use single IP column as varchar(45) for both ipv4 and ipv6 (https://github.com/slawkens/myaac/pull/289)

aac

@@ -25,7 +25,9 @@ foreach ($commandsGlob as $item) {
 	}
 
 	$commandPre = '\\MyAAC\Commands\\';
-	$application->add(new ($commandPre . $name));
+	if (!trait_exists($class = $commandPre . $name)) {
+		$application->add(new $class);
+	}
 }
 
 $pluginCommands = Plugins::getCommands();

admin/pages/accounts.php

@@ -9,6 +9,7 @@
  */
 
 use MyAAC\Models\Account as AccountModel;
+use MyAAC\Models\AccountAction;
 use MyAAC\Models\Player;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -481,9 +482,8 @@ else if (isset($_REQUEST['search'])) {
 									</thead>
 									<tbody>
 										<?php
-											$accountActions = \MyAAC\Models\AccountAction::where('account_id', $account->getId())->orderByDesc('date')->get();
+											$accountActions = AccountAction::where('account_id', $account->getId())->orderByDesc('date')->get();
 											foreach ($accountActions as $i => $log):
-												$log->ip = ($log->ip != 0 ? long2ip($log->ip) : inet_ntop($log->ipv6));
 												?>
 											<tr>
 												<td><?php echo $i + 1; ?></td>

admin/pages/mass_account.php

@@ -6,6 +6,7 @@
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
  * @author    Lee
+ * @author    gpedro
  * @copyright 2020 MyAAC
  * @link      https://my-aac.org
  */
@@ -19,9 +20,9 @@ $title = 'Mass Account Actions';
 csrfProtect();
 
 $hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
-$freePremium = $config['lua']['freePremium'];
+$freePremium = getBoolean(configLua('freePremium'));
 
-function admin_give_points($points)
+function admin_give_points($points): void
 {
 	global $hasPointsColumn;
 
@@ -37,7 +38,7 @@ function admin_give_points($points)
 	displayMessage($points . ' points added to all accounts.', true);
 }
 
-function admin_give_coins($coins)
+function admin_give_coins($coins): void
 {
 	if (!HAS_ACCOUNT_COINS) {
 		displayMessage('Coins not supported.');
@@ -52,7 +53,7 @@ function admin_give_coins($coins)
 	displayMessage($coins . ' coins added to all accounts.', true);
 }
 
-function admin_give_premdays($days)
+function admin_give_premdays($days): void
 {
 	global $db, $freePremium;
 
@@ -63,6 +64,7 @@ function admin_give_premdays($days)
 
 	$value = $days * 86400;
 	$now = time();
+
 	// othire
 	if ($db->hasColumn('accounts', 'premend')) {
 		// append premend
@@ -70,14 +72,11 @@ function admin_give_premdays($days)
 			// set premend
 			if (Account::where('premend', '<=', $now)->update(['premend' => $now + $value])) {
 				displayMessage($days . ' premium days added to all accounts.', true);
-				return;
 			} else {
 				displayMessage('Failed to execute set query.');
-				return;
 			}
 		} else {
 			displayMessage('Failed to execute append query.');
-			return;
 		}
 
 		return;
@@ -92,20 +91,14 @@ function admin_give_premdays($days)
 				// set lastday
 				if (Account::where('lastday', '<=', $now)->update(['lastday' => $now + $value])) {
 					displayMessage($days . ' premium days added to all accounts.', true);
-					return;
 				} else {
 					displayMessage('Failed to execute set query.');
-					return;
 				}
-
-				return;
 			} else {
 				displayMessage('Failed to execute append query.');
-				return;
 			}
 		} else {
 			displayMessage('Failed to execute set days query.');
-			return;
 		}
 
 		return;
@@ -118,14 +111,11 @@ function admin_give_premdays($days)
 			// set premium_ends_at
 			if (Account::where('premium_ends_at', '<=', $now)->update(['premium_ends_at' => $now + $value])) {
 				displayMessage($days . ' premium days added to all accounts.', true);
-				return;
 			} else {
 				displayMessage('Failed to execute set query.');
-				return;
 			}
 		} else {
 			displayMessage('Failed to execute append query.');
-			return;
 		}
 
 		return;
@@ -170,7 +160,8 @@ else {
 	));
 }
 
-function displayMessage($message, $success = false) {
+function displayMessage($message, $success = false): void
+{
 	global $twig, $hasPointsColumn, $freePremium;
 
 	$success ? success($message): error($message);

admin/pages/menus.php

@@ -23,6 +23,7 @@ if (!hasFlag(FLAG_CONTENT_MENUS) && !superAdmin()) {
 }
 
 $pluginThemes = Plugins::getThemes();
+$groups = new OTS_Groups_List();
 
 if (isset($_POST['template'])) {
 	$template = $_POST['template'];
@@ -32,6 +33,8 @@ if (isset($_POST['template'])) {
 		$post_menu_link = $_POST['menu_link'] ?? [];
 		$post_menu_blank = $_POST['menu_blank'] ?? [];
 		$post_menu_color = $_POST['menu_color'] ?? [];
+		$post_menu_access = $_POST['menu_access'] ?? [];
+
 		if (count($post_menu) != count($post_menu_link)) {
 			echo 'Menu count is not equal menu links. Something went wrong when sending form.';
 			return;
@@ -50,6 +53,7 @@ if (isset($_POST['template'])) {
 						'link' => $post_menu_link[$category][$i],
 						'blank' => $post_menu_blank[$category][$i] == 'on' ? 1 : 0,
 						'color' => str_replace('#', '', $post_menu_color[$category][$i]),
+						'access' => $post_menu_access[$category][$i],
 						'category' => $category,
 						'ordering' => $i
 					]);
@@ -122,7 +126,7 @@ if (isset($_POST['template'])) {
 	?>
 	<?php
 	$menus = Menu::query()
-		->select('name', 'link', 'blank', 'color', 'category', 'ordering')
+		->select('name', 'link', 'access', 'blank', 'color', 'category', 'ordering')
 		->where('enabled', 1)
 		->where('template', $template)
 		->orderBy('ordering')
@@ -151,11 +155,34 @@ if (isset($_POST['template'])) {
 									foreach ($menus[$id] as $menu):
 										$color = (empty($menu['color']) ? ($cat['default_links_color'] ?? ($config['menu_default_links_color'] ?? ($config['menu_default_color'] ?? '#ffffff'))) : '#' . $menu['color']);
 										?>
-										<li class="ui-state-default" id="list-<?php echo $id ?>-<?php echo $i ?>"><label>Name:</label> <input type="text" name="menu[<?php echo $id ?>][]" value="<?php echo escapeHtml($menu['name']); ?>"/>
-											<label>Link:</label> <input type="text" name="menu_link[<?php echo $id ?>][]" value="<?php echo $menu['link'] ?>"/>
-											<input type="hidden" name="menu_blank[<?php echo $id ?>][]" value="0"/>
-											<label><input class="blank-checkbox" type="checkbox" <?php echo($menu['blank'] == 1 ? 'checked' : '') ?>/><span title="Open in New Window">New Window</span></label>
-											<input class="color-picker" type="text" name="menu_color[<?php echo $id ?>][]" value="<?php echo $color; ?>"/>
+										<li class="ui-state-default" id="list-<?php echo $id ?>-<?php echo $i ?>">
+											<label class="label_menu_name">Name: <input type="text" name="menu[<?php echo $id ?>][]" class="form-control menu-name" value="<?php echo escapeHtml($menu['name']); ?>"/>
+											</label>
+
+											<label class="label_menu_link">Link: <input type="text" name="menu_link[<?= $id ?>][]" class="form-control menu-link" value="<?php echo $menu['link'] ?>"/>
+											</label>
+
+											<br/>
+
+											<div class="menu-options-row">
+
+												<label>Access:
+													<select name="menu_access[<?= $id ?>][]" class="form-control menu-access">
+														<option value="0" <?= ($menu['access'] == 0 ? 'selected' : ''); ?>>Guest*</option>
+														<?php foreach ($groups->getGroups() as $group): ?>
+															<option value="<?= $group->getId(); ?>" <?= ($menu['access'] == $group->getId() ? 'selected' : ''); ?>><?= ucfirst($group->getName()); ?></option>
+														<?php endforeach; ?>
+													</select>
+												</label>
+
+												<label>Color: <input class="menu-color" type="color" name="menu_color[<?php echo $id ?>][]" value="<?php echo $color; ?>"/>
+												</label>
+
+												<input type="hidden" name="menu_blank[<?php echo $id ?>][]" class="menu-blank" value="0"/>
+												<label><input type="checkbox" class="menu-blank-checkbox" <?php echo($menu['blank'] == 1 ? 'checked' : '') ?>/><span title="Open in New Window">New Window</span></label>
+
+											</div>
+
 											<a class="remove-button" id="remove-button-<?php echo $id ?>-<?php echo $i ?>"><i class="fas fa-trash"></a></i></li>
 										<?php $i++; $last_id[$id] = $i;
 									endforeach;

admin/pages/players.php

@@ -669,11 +669,17 @@ else if (isset($_REQUEST['search'])) {
 									<div class="col-12 col-sm-12 col-lg-6">
 										<label for="lastip" class="control-label">Last IP:</label>
 										<input type="text" class="form-control" id="lastip" name="lastip" autocomplete="off" maxlength="10" value="<?php
-										if (strlen($player->getLastIP()) > 11) {
-											echo inet_ntop($player->getLastIP());
+										$lastIPColumnInfo = $db->getColumnInfo('players', 'lastip');
+										if ($lastIPColumnInfo && is_array($lastIPColumnInfo)) {
+											if (str_contains($lastIPColumnInfo['type'], 'varbinary')) {
+												echo inet_ntop($player->getLastIP());
+											}
+											else {
+												echo longToIp($player->getLastIP());
+											}
 										}
 										else {
-											echo longToIp($player->getLastIP());
+											echo 'Error';
 										}
 										?>" readonly/>
 									</div>

admin/template/menus.php

@@ -60,7 +60,7 @@ usort($menus, function ($a, $b) {
 
 foreach ($menus as $i => $menu) {
 	if (isset($menu['link']) && is_array($menu['link'])) {
-		usort($menus[$i]['link'], function ($a, $b) {
+		usort($menu['link'], function ($a, $b) {
 			return $a['order'] - $b['order'];
 		});
 	}

admin/tools/phpinfo.php

@@ -1,5 +1,6 @@
 <?php
-define('MYAAC_ADMIN', true);
+const MYAAC_ADMIN = true;
+const IGNORE_SET_LAST_VISIT = true;
 
 require '../../common.php';
 require SYSTEM . 'functions.php';

admin/tools/reload_data.php

@@ -26,6 +26,7 @@
 use MyAAC\DataLoader;
 
 const MYAAC_ADMIN = true;
+const IGNORE_SET_LAST_VISIT = true;
 
 require '../../common.php';
 require SYSTEM . 'functions.php';

admin/tools/settings_save.php

@@ -3,6 +3,7 @@
 use MyAAC\Settings;
 
 const MYAAC_ADMIN = true;
+const IGNORE_SET_LAST_VISIT = true;
 
 require '../../common.php';
 require SYSTEM . 'functions.php';
@@ -11,7 +12,7 @@ require SYSTEM . 'login.php';
 
 if(!admin()) {
 	http_response_code(500);
-	die('Access denied.');
+	die('You are not logged in. Probably session expired. Please login again.');
 }
 
 csrfProtect();
@@ -39,3 +40,6 @@ if (count($errors) > 0) {
 if ($success) {
 	echo 'Saved at ' . date('H:i');
 }
+else {
+	echo 'Something unexpected happened - it was impossible to save the settings, please try again later. If problem persists - contact MyAAC developers.';
+}

admin/tools/status.php

@@ -1,5 +1,6 @@
 <?php
-define('MYAAC_ADMIN', true);
+const MYAAC_ADMIN = true;
+const IGNORE_SET_LAST_VISIT = true;
 
 require '../../common.php';
 require SYSTEM . 'init.php';

admin/tools/upload_image.php

@@ -1,5 +1,6 @@
 <?php
-define('MYAAC_ADMIN', true);
+const MYAAC_ADMIN = true;
+const IGNORE_SET_LAST_VISIT = true;
 
 require '../../common.php';
 require SYSTEM . 'functions.php';

common.php

@@ -26,8 +26,8 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.8.2';
-const DATABASE_VERSION = 45;
+const MYAAC_VERSION = '2.0-dev';
+const DATABASE_VERSION = 48;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));

install/includes/import_base_data.php

@@ -0,0 +1,69 @@
+<?php
+defined('MYAAC') or die('Direct access not allowed!');
+
+use MyAAC\Models\Changelog;
+use MyAAC\Models\Config;
+use MyAAC\Models\ForumBoard;
+use MyAAC\Models\Gallery;
+use MyAAC\Models\NewsCategory;
+
+if (Changelog::count() === 0) {
+	Changelog::create([
+		'type' => 3,
+		'where' => 2,
+		'date' => time(),
+		'body' => 'MyAAC installed. (:',
+		'hide' => 0,
+	]);
+}
+
+if (Config::where('name', 'database_version')->count() === 0) {
+	Config::create([
+		'name' => 'database_version',
+		'value' => DATABASE_VERSION,
+	]);
+}
+
+if (ForumBoard::count() === 0) {
+	$forumBoards = [
+		['name' => 'News', 'description' => 'News commenting', 'closed' => 1],
+		['name' => 'Trade', 'description' => 'Trade offers.', 'closed' => 0],
+		['name' => 'Quests', 'description' => 'Quest making.', 'closed' => 0],
+		['name' => 'Pictures', 'description' => 'Your pictures.', 'closed' => 0],
+		['name' => 'Bug Report', 'description' => 'Report bugs there.', 'closed' => 0],
+	];
+
+	$i = 0;
+	foreach ($forumBoards as $forumBoard) {
+		ForumBoard::create([
+			'name' => $forumBoard['name'],
+			'description' => $forumBoard['description'],
+			'ordering' => $i++,
+			'closed' => $forumBoard['closed'],
+		]);
+	}
+}
+
+if (NewsCategory::count() === 0) {
+	$newsCategoriesIcons = [
+		0, 1, 2, 3, 4
+	];
+
+	foreach ($newsCategoriesIcons as $iconId) {
+		NewsCategory::create([
+			'icon_id' => $iconId,
+		]);
+	}
+}
+
+if (Gallery::count() === 0) {
+	Gallery::create([
+		'comment' => 'Demon',
+		'image' => 'images/gallery/demon.jpg',
+		'thumb' => 'images/gallery/demon_thumb.gif',
+		'author' => 'MyAAC',
+		'ordering' => 0,
+	]);
+}
+
+success($locale['step_database_success_import_data']);

install/includes/schema.sql

@@ -1,16 +1,23 @@
-SET @myaac_database_version = 45;
-
-CREATE TABLE `myaac_account_actions`
+CREATE TABLE IF NOT EXISTS `myaac_account_actions`
 (
+	`id` int NOT NULL AUTO_INCREMENT,
 	`account_id` int NOT NULL,
-	`ip` int unsigned NOT NULL DEFAULT 0,
-	`ipv6` binary(16) NOT NULL DEFAULT 0,
+	`ip` varchar(45) NOT NULL DEFAULT '',
 	`date` int NOT NULL DEFAULT 0,
 	`action` varchar(255) NOT NULL DEFAULT '',
-	KEY (`account_id`)
+	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_admin_menu`
+CREATE TABLE IF NOT EXISTS `myaac_account_emails_verify`
+(
+	`id` int NOT NULL AUTO_INCREMENT,
+	`account_id` int NOT NULL,
+	`hash` varchar(32) NOT NULL,
+	`sent_at` int NOT NULL DEFAULT 0,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
+
+CREATE TABLE IF NOT EXISTS `myaac_admin_menu`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`name` varchar(255) NOT NULL DEFAULT '',
@@ -21,7 +28,7 @@ CREATE TABLE `myaac_admin_menu`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_changelog`
+CREATE TABLE IF NOT EXISTS `myaac_changelog`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`body` varchar(500) NOT NULL DEFAULT '',
@@ -33,9 +40,7 @@ CREATE TABLE `myaac_changelog`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
-
-CREATE TABLE `myaac_config`
+CREATE TABLE IF NOT EXISTS `myaac_config`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`name` varchar(30) NOT NULL,
@@ -44,9 +49,7 @@ CREATE TABLE `myaac_config`
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-INSERT INTO `myaac_config` (`name`, `value`) VALUES ('database_version', @myaac_database_version);
-
-CREATE TABLE `myaac_faq`
+CREATE TABLE IF NOT EXISTS `myaac_faq`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`question` varchar(255) NOT NULL DEFAULT '',
@@ -56,7 +59,7 @@ CREATE TABLE `myaac_faq`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_forum_boards`
+CREATE TABLE IF NOT EXISTS `myaac_forum_boards`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`name` varchar(32) NOT NULL,
@@ -68,13 +71,8 @@ CREATE TABLE `myaac_forum_boards`
 	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
-INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
-INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Trade', 'Trade offers.', 1);
-INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Quests', 'Quest making.', 2);
-INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Pictures', 'Your pictures.', 3);
-INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Bug Report', 'Report bugs there.', 4);
 
-CREATE TABLE `myaac_forum`
+CREATE TABLE IF NOT EXISTS `myaac_forum`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`first_post` int NOT NULL DEFAULT 0,
@@ -98,12 +96,13 @@ CREATE TABLE `myaac_forum`
 	KEY `section` (`section`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_menu`
+CREATE TABLE IF NOT EXISTS `myaac_menu`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`template` varchar(255) NOT NULL,
 	`name` varchar(255) NOT NULL,
 	`link` varchar(255) NOT NULL,
+	`access` tinyint NOT NULL DEFAULT 0,
 	`blank` tinyint NOT NULL DEFAULT 0,
 	`color` varchar(6) NOT NULL DEFAULT '',
 	`category` int NOT NULL DEFAULT 1,
@@ -112,7 +111,7 @@ CREATE TABLE `myaac_menu`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_monsters` (
+CREATE TABLE IF NOT EXISTS `myaac_monsters` (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`hide` tinyint NOT NULL DEFAULT 0,
 	`name` varchar(255) NOT NULL,
@@ -145,7 +144,7 @@ CREATE TABLE `myaac_monsters` (
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_news`
+CREATE TABLE IF NOT EXISTS `myaac_news`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`title` varchar(100) NOT NULL,
@@ -163,7 +162,7 @@ CREATE TABLE `myaac_news`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_news_categories`
+CREATE TABLE IF NOT EXISTS `myaac_news_categories`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`name` varchar(50) NOT NULL DEFAULT "",
@@ -173,13 +172,7 @@ CREATE TABLE `myaac_news_categories`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 0);
-INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 1);
-INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 2);
-INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 3);
-INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 4);
-
-CREATE TABLE `myaac_notepad`
+CREATE TABLE IF NOT EXISTS `myaac_notepad`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`account_id` int NOT NULL,
@@ -189,7 +182,7 @@ CREATE TABLE `myaac_notepad`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_pages`
+CREATE TABLE IF NOT EXISTS `myaac_pages`
 (
 	`id` INT NOT NULL AUTO_INCREMENT,
 	`name` varchar(30) NOT NULL,
@@ -205,7 +198,7 @@ CREATE TABLE `myaac_pages`
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_gallery`
+CREATE TABLE IF NOT EXISTS `myaac_gallery`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`comment` varchar(255) NOT NULL DEFAULT '',
@@ -217,9 +210,7 @@ CREATE TABLE `myaac_gallery`
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-INSERT INTO `myaac_gallery` (`id`, `ordering`, `comment`, `image`, `thumb`, `author`) VALUES (NULL, 1, 'Demon', 'images/gallery/demon.jpg', 'images/gallery/demon_thumb.gif', 'MyAAC');
-
-CREATE TABLE `myaac_settings`
+CREATE TABLE IF NOT EXISTS `myaac_settings`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`name` varchar(255) NOT NULL DEFAULT '',
@@ -229,7 +220,7 @@ CREATE TABLE `myaac_settings`
 	KEY `key` (`key`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_spells`
+CREATE TABLE IF NOT EXISTS `myaac_spells`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`spell` varchar(255) NOT NULL DEFAULT '',
@@ -252,7 +243,7 @@ CREATE TABLE `myaac_spells`
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_visitors`
+CREATE TABLE IF NOT EXISTS `myaac_visitors`
 (
 	`ip` varchar(45) NOT NULL,
 	`lastvisit` int NOT NULL DEFAULT 0,
@@ -261,7 +252,7 @@ CREATE TABLE `myaac_visitors`
 	UNIQUE (`ip`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_weapons`
+CREATE TABLE IF NOT EXISTS `myaac_weapons`
 (
 	`id` int NOT NULL,
 	`level` int NOT NULL DEFAULT 0,

install/tools/5-database.php

@@ -30,26 +30,22 @@ if(!$error) {
 	}
 }
 
-if($db->hasTable(TABLE_PREFIX . 'account_actions')) {
-	$locale['step_database_error_table_exist'] = str_replace('$TABLE$', TABLE_PREFIX . 'account_actions', $locale['step_database_error_table_exist']);
-	warning($locale['step_database_error_table_exist']);
-}
-else {
-	// import schema
-	try {
-		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
-		success($locale['step_database_importing']);
+// import schema
+try {
+	$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
+	success($locale['step_database_importing']);
 
-		$db->query(file_get_contents(BASE . 'install/includes/schema.sql'));
+	$db->exec(file_get_contents(BASE . 'install/includes/schema.sql'));
 
-		$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
-		success($locale['step_database_success_schema']);
-	}
-	catch(PDOException $error_) {
-		error($locale['step_database_error_schema'] . ' ' . $error_);
-		return;
-	}
+	$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
+	success($locale['step_database_success_schema']);
 }
+catch(PDOException $error_) {
+	error($locale['step_database_error_schema'] . ' ' . $error_);
+	return;
+}
+
+require BASE . 'install/includes/import_base_data.php';
 
 if(!$db->hasColumn('accounts', 'email')) {
 	if(query("ALTER TABLE `accounts` ADD `email` varchar(255) NOT NULL DEFAULT '';"))
@@ -102,18 +98,13 @@ if(!$db->hasColumn('accounts', 'web_flags')) {
 		success($locale['step_database_adding_field'] . ' accounts.web_flags...');
 }
 
-if(!$db->hasColumn('accounts', 'email_hash')) {
-	if(query("ALTER TABLE `accounts` ADD `email_hash` VARCHAR(32) NOT NULL DEFAULT '' AFTER `web_flags`;"))
-		success($locale['step_database_adding_field'] . ' accounts.email_hash...');
-}
-
 if(!$db->hasColumn('accounts', 'email_verified')) {
-	if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `email_hash`;"))
+	if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `web_flags`;"))
 		success($locale['step_database_adding_field'] . ' accounts.email_verified...');
 }
 
 if(!$db->hasColumn('accounts', 'email_new')) {
-	if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_hash`;"))
+	if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_verified`;"))
 		success($locale['step_database_adding_field'] . ' accounts.email_new...');
 }
 

login.php

@@ -220,6 +220,8 @@ switch ($action) {
 			}
 		}
 
+		/*
+		 * not needed anymore?
 		if (fieldExist('premdays', 'accounts') && fieldExist('lastday', 'accounts')) {
 			$save = false;
 			$timeNow = time();
@@ -256,6 +258,7 @@ switch ($action) {
 				$account->save();
 			}
 		}
+		*/
 
 		$worlds = [$world];
 		$playdata = compact('worlds', 'characters');

system/compat/config.php

@@ -81,6 +81,7 @@ $deprecatedConfig = [
 	'account_change_character_name_points' => 'account_change_character_name_price',
 	'account_change_character_sex',
 	'account_change_character_sex_points' => 'account_change_character_name_price',
+	'email_lai_sec_interval' => 'mail_lost_account_interval',
 ];
 
 foreach ($deprecatedConfig as $key => $value) {

system/functions.php

@@ -433,16 +433,22 @@ function delete_guild($id)
 		$rank_list->orderBy('level');
 
 		global $db;
+
+		$deletedColumn = 'deleted';
+		if ($db->hasColumn('players', 'deletion')) {
+			$deletedColumn = 'deletion';
+		}
+
 		/**
 		 * @var OTS_GuildRank $rank_in_guild
 		 */
 		foreach($rank_list as $rank_in_guild) {
 			if($db->hasTable('guild_members'))
-				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` ORDER BY `name`;');
+				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` AND `' . $deletedColumn . '` = 0 ORDER BY `name`;');
 			else if($db->hasTable('guild_membership'))
-				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_membership`.`rank_id` as `rank_id` FROM `players`, `guild_membership` WHERE `guild_membership`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_membership`.`player_id` ORDER BY `name`;');
+				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_membership`.`rank_id` as `rank_id` FROM `players`, `guild_membership` WHERE `guild_membership`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_membership`.`player_id` AND `' . $deletedColumn . '` = 0 ORDER BY `name`;');
 			else
-				$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank_in_guild->getId() . ' AND `deleted` = 0;');
+				$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank_in_guild->getId() . ' AND `' . $deletedColumn . '` = 0;');
 
 			$players_with_rank_number = $players_with_rank->rowCount();
 			if($players_with_rank_number > 0) {
@@ -1142,10 +1148,18 @@ function getTopPlayers($limit = 5, $skill = 'level') {
 			'looktype', 'lookhead', 'lookbody', 'looklegs', 'lookfeet'
 		];
 
+		if ($db->hasColumn('players', 'promotion')) {
+			$columns[] = 'promotion';
+		}
+
 		if ($db->hasColumn('players', 'lookaddons')) {
 			$columns[] = 'lookaddons';
 		}
 
+		if ($db->hasColumn('players', 'lookmount')) {
+			$columns[] = 'lookmount';
+		}
+
 		return Player::query()
 			->select($columns)
 			->withOnlineStatus()
@@ -1169,7 +1183,8 @@ function getTopPlayers($limit = 5, $skill = 'level') {
 	});
 }
 
-function deleteDirectory($dir, $ignore = array(), $contentOnly = false) {
+function deleteDirectory($dir, $ignore = array(), $contentOnly = false): bool
+{
 	if(!file_exists($dir)) {
 		return true;
 	}
@@ -1195,6 +1210,21 @@ function deleteDirectory($dir, $ignore = array(), $contentOnly = false) {
 	return rmdir($dir);
 }
 
+function ensureFolderExists($dir): void
+{
+	if (!file_exists($dir)) {
+		mkdir($dir, 0777, true);
+	}
+}
+
+function ensureIndexExists($dir): void
+{
+	$dir = rtrim($dir, '/');
+	if (!file_exists($file = $dir . '/index.html')) {
+		touch($file);
+	}
+}
+
 function config($key) {
 	global $config;
 	if (is_array($key)) {
@@ -1632,13 +1662,14 @@ function camelCaseToUnderscore($input)
 	return ltrim(strtolower(preg_replace('/[A-Z]([A-Z](?![a-z]))*/', '_$0', $input)), '_');
 }
 
-function removeIfFirstSlash(&$text) {
+function removeIfFirstSlash(&$text): void
+{
 	if(strpos($text, '/') === 0) {
 		$text = str_replace_first('/', '', $text);
 	}
 };
 
-function escapeHtml($html) {
+function escapeHtml($html): string {
 	return htmlspecialchars($html);
 }
 
@@ -1652,7 +1683,7 @@ function getGuildNameById($id)
 	return false;
 }
 
-function getGuildLogoById($id)
+function getGuildLogoById($id): string
 {
 	$logo = 'default.gif';
 
@@ -1668,7 +1699,8 @@ function getGuildLogoById($id)
 	return BASE_URL . GUILD_IMAGES_DIR . $logo;
 }
 
-function displayErrorBoxWithBackButton($errors, $action = null) {
+function displayErrorBoxWithBackButton($errors, $action = null): void
+{
 	global $twig;
 	$twig->display('error_box.html.twig', ['errors' => $errors]);
 	$twig->display('account.back_button.html.twig', [
@@ -1696,6 +1728,49 @@ function getAccountIdentityColumn(): string
 	return 'id';
 }
 
+function isCanary(): bool
+{
+	$vipSystemEnabled = configLua('vipSystemEnabled');
+	return isset($vipSystemEnabled);
+}
+
+function getStatusUptimeReadable(int $uptime): string
+{
+	$fullMinute = 60;
+	$fullHour = (60 * $fullMinute);
+	$fullDay = (24 * $fullHour);
+	$fullMonth = (30 * $fullDay);
+	$fullYear = (365 * $fullDay);
+
+	// years
+	$years = floor($uptime / $fullYear);
+	$y = ($years > 1 ? "$years years, " : ($years == 1 ? 'year, ' : ''));
+
+	$uptime -= $years * $fullYear;
+
+	// months
+	$months = floor($uptime / $fullMonth);
+	$m = ($months > 1 ? "$months months, " : ($months == 1 ? 'month, ' : ''));
+
+	$uptime -= $months * $fullMonth;
+
+	// days
+	$days = floor($uptime / $fullDay);
+	$d = ($days > 1 ? "$days days, " : ($days == 1 ? 'day, ' : ''));
+
+	$uptime -= $days * $fullDay;
+
+	// hours
+	$hours = floor($uptime / $fullHour);
+
+	$uptime -= $hours * $fullHour;
+
+	// minutes
+	$min = floor($uptime / $fullMinute);
+
+	return "{$y}{$m}{$d}{$hours}h {$min}m";
+}
+
 // validator functions
 require_once SYSTEM . 'compat/base.php';
 

system/init.php

@@ -18,6 +18,9 @@ use MyAAC\Settings;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
+ensureIndexExists(CACHE);
+ensureIndexExists(CACHE . 'twig/');
+
 global $config;
 if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');

system/libs/pot/OTS_DB_MySQL.php

@@ -26,10 +26,11 @@ use MyAAC\Cache\Cache;
  */
 class OTS_DB_MySQL extends OTS_Base_DB
 {
-	private $has_table_cache = array();
-	private $has_column_cache = array();
+	private array $has_table_cache = [];
+	private array $has_column_cache = [];
+	private array $get_column_info_cache = [];
 
-	private $clearCacheAfter = false;
+	private bool $clearCacheAfter = false;
 /**
  * Creates database connection.
  *
@@ -119,6 +120,11 @@ class OTS_DB_MySQL extends OTS_Base_DB
 				if($cache->fetch('database_columns', $tmp) && $tmp) {
 					$this->has_column_cache = unserialize($tmp);
 				}
+
+				$tmp = null;
+				if($cache->fetch('database_columns_info', $tmp) && $tmp) {
+					$this->get_column_info_cache = unserialize($tmp);
+				}
 			}
 		}
 
@@ -155,11 +161,13 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			if ($this->clearCacheAfter) {
 				$cache->delete('database_tables');
 				$cache->delete('database_columns');
+				$cache->delete('database_columns_info');
 				$cache->delete('database_checksum');
 			}
 			else {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
+				$cache->set('database_columns_info', serialize($this->get_column_info_cache), 3600);
 				$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
 			}
 		}
@@ -209,7 +217,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		return $sql;
 	}
 
-	public function hasTable($name) {
+	public function hasTable($name): bool
+	{
 		if(isset($this->has_table_cache[$name])) {
 			return $this->has_table_cache[$name];
 		}
@@ -217,12 +226,13 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		return $this->hasTableInternal($name);
 	}
 
-	private function hasTableInternal($name) {
-		global $config;
-		return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote($config['database_name']) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
+	private function hasTableInternal($name): bool
+	{
+		return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote(config('database_name')) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
 	}
 
-	public function hasColumn($table, $column) {
+	public function hasColumn($table, $column): bool
+	{
 		if(isset($this->has_column_cache[$table . '.' . $column])) {
 			return $this->has_column_cache[$table . '.' . $column];
 		}
@@ -230,8 +240,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		return $this->hasColumnInternal($table, $column);
 	}
 
-	private function hasColumnInternal($table, $column) {
-		return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE '" . $column . "'")->fetchAll()) > 0);
+	private function hasColumnInternal($table, $column): bool {
+		return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE " . $this->quote($column))->fetchAll()) > 0);
 	}
 
 	public function hasTableAndColumns(string $table, array $columns = []): bool
@@ -247,7 +257,54 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		return true;
 	}
 
-	public function revalidateCache() {
+	public function getColumnInfo(string $table, string $column): bool|array
+	{
+		if(isset($this->get_column_info_cache[$table . '.' . $column])) {
+			return $this->get_column_info_cache[$table . '.' . $column];
+		}
+
+		return $this->getColumnInfoInternal($table, $column);
+	}
+
+	private function getColumnInfoInternal(string $table, string $column): bool|array
+	{
+		if (!$this->hasTable($table) || !$this->hasColumn($table, $column)) {
+			return false;
+		}
+
+		$formatResult = function ($result) {
+			return [
+				'field' => $result['Field'],
+				'type' => $result['Type'],
+				'null' => strtolower($result['Null']),
+				'key' => strtolower($result['Key'] ?? ''),
+				'default' => $result['Default'],
+				'extra' => $result['Extra'],
+			];
+		};
+
+		$query = $this->query('SHOW COLUMNS FROM `' . $table . "` LIKE " . $this->quote($column));
+		$rowCount = $query->rowCount();
+		if ($rowCount > 1) {
+			$tmp = [];
+
+			$results = $query->fetchAll(PDO::FETCH_ASSOC);
+			foreach ($results as $result) {
+				$tmp[] = $formatResult($result);
+			}
+
+			return ($this->get_column_info_cache[$table . '.' . $column] = $tmp);
+		}
+		else if ($rowCount == 1) {
+			$result = $query->fetch(PDO::FETCH_ASSOC);
+			return ($this->get_column_info_cache[$table . '.' . $column] = $formatResult($result));
+		}
+
+		return [];
+	}
+
+	public function revalidateCache(): void
+	{
 		foreach($this->has_table_cache as $key => $value) {
 			$this->hasTableInternal($key);
 		}
@@ -262,6 +319,21 @@ class OTS_DB_MySQL extends OTS_Base_DB
 				$this->hasColumnInternal($explode[0], $explode[1]);
 			}
 		}
+
+		foreach($this->get_column_info_cache as $key => $value) {
+			$explode = explode('.', $key);
+			if(!isset($this->has_table_cache[$explode[0]])) { // first check if table exist
+				$this->hasTableInternal($explode[0]);
+			}
+
+			if($this->has_table_cache[$explode[0]]) {
+				$this->hasColumnInternal($explode[0], $explode[1]);
+			}
+
+			if($this->has_table_cache[$explode[0]]) {
+				$this->getColumnInfoInternal($explode[0], $explode[1]);
+			}
+		}
 	}
 
 	public function setClearCacheAfter($clearCache)

system/libs/pot/OTS_ServerInfo.php

@@ -97,6 +97,8 @@ class OTS_ServerInfo
 			return new OTS_Buffer($data);
 		}
 
+		log_append('status-error.log', "Cannot connect to {$this->server}:{$this->port} - Error code: $error, message: $message");
+
 		return false;
 	}
 

system/locale/de/install.php

@@ -78,6 +78,7 @@ $locale['step_database_error_mysql_connect_3'] = 'MySQL ist nicht richtig konfig
 $locale['step_database_error_mysql_connect_4'] = 'MySQL-Server läuft nicht.';
 $locale['step_database_error_schema'] = 'Fehler beim Importieren des Schemas:';
 $locale['step_database_success_schema'] = '$PREFIX$ Tabellen wurden erfolgreich installiert.';
+$locale['step_database_success_import_data'] = 'Import von Daten für Tabellen was erfolgreich.';
 $locale['step_database_error_file'] = '$FILE$ konnte nicht geöffnet werden. Bitte kopieren Sie diesen Inhalt und fügen Sie ihn dort ein:';
 $locale['step_database_adding_field'] = 'Folgendes Feld wurde hinzugefügt: ';
 $locale['step_database_modifying_field'] = 'Folgendes Feld wurde geändert: ';

system/locale/en/install.php

@@ -83,6 +83,7 @@ $locale['step_database_error_mysql_connect_3'] = 'MySQL is not configured proper
 $locale['step_database_error_mysql_connect_4'] = 'MySQL server is not running.';
 $locale['step_database_error_schema'] = 'Error while importing schema:';
 $locale['step_database_success_schema'] = 'Successfully installed $PREFIX$ tables.';
+$locale['step_database_success_import_data'] = 'Successfully imported base data for tables.';
 $locale['step_database_error_file'] = '$FILE$ couldn\'t be opened. Please copy this content and paste there:';
 $locale['step_database_adding_field'] = 'Adding field';
 $locale['step_database_modifying_field'] = 'Modifying field';

system/locale/pl/install.php

@@ -81,7 +81,8 @@ $locale['step_database_error_mysql_connect_2'] = 'Możliwe przyczyny:';
 $locale['step_database_error_mysql_connect_3'] = 'MySQL nie jest poprawnie skonfigurowane w <i>config.lua</i>.';
 $locale['step_database_error_mysql_connect_4'] = 'Serwer MySQL nie jest uruchomiony.';
 $locale['step_database_error_schema'] = 'Błąd podczas importowania struktury bazy danych:';
-$locale['step_database_success_schema'] = 'Pomyślnie zainstalowano tabele $PREFIX$.';
+$locale['step_database_success_schema'] = 'Pomyślnie zaimportowano tabele $PREFIX$.';
+$locale['step_database_success_import_data'] = 'Pomyślnie załadowano bazowe dane dla tabel.';
 $locale['step_database_error_file'] = '$FILE$ nie mógł zostać otwarty. Proszę skopiować zawartość pola tekstowego i wkleić do tego pliku:';
 $locale['step_database_adding_field'] = 'Dodawanie pola';
 $locale['step_database_modifying_field'] = 'Modyfikacja pola';

system/login.php

@@ -34,8 +34,10 @@ if($logged) {
 	$twig->addGlobal('account_logged', $account_logged);
 }
 
-setSession('last_visit', time());
-if(defined('PAGE')) {
-	setSession('last_page', PAGE);
+if (!defined('IGNORE_SET_LAST_VISIT') || !IGNORE_SET_LAST_VISIT) {
+	setSession('last_visit', time());
+	if(defined('PAGE')) {
+		setSession('last_page', PAGE);
+	}
+	setSession('last_uri', $_SERVER['REQUEST_URI']);
 }
-setSession('last_uri', $_SERVER['REQUEST_URI']);

system/migrate.php

@@ -9,6 +9,8 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
+global $db;
+
 // database migrations
 $tmp = '';
 if(fetchDatabaseConfig('database_version', $tmp)) { // we got version

system/migrations/46-account_emails_verify.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_account_emails_verify`
+(
+	`id` int NOT NULL AUTO_INCREMENT,
+	`account_id` int NOT NULL,
+	`hash` varchar(32) NOT NULL,
+	`sent_at` int NOT NULL DEFAULT 0,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

system/migrations/46.php

@@ -0,0 +1,24 @@
+<?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn('accounts', 'email_hash')) {
+		$db->dropColumn('accounts', 'email_hash');
+	}
+
+	if (!$db->hasTable(TABLE_PREFIX . 'account_emails_verify')) {
+		$db->query(file_get_contents(__DIR__ . '/46-account_emails_verify.sql'));
+	}
+};
+
+$down = function () use ($db) {
+	if (!$db->hasColumn('accounts', 'email_hash')) {
+		$db->addColumn('accounts', 'email_hash', "varchar(32) NOT NULL DEFAULT ''");
+	}
+
+	if ($db->hasTable(TABLE_PREFIX . 'account_emails_verify')) {
+		$db->dropTable(TABLE_PREFIX . 'account_emails_verify');
+	}
+};

system/migrations/47.php

@@ -0,0 +1,42 @@
+<?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+// 2025-02-27
+// remove ipv6, change to ip (for both ipv4 + ipv6) as VARCHAR(45)
+$up = function () use ($db) {
+	$accountActionsInfo = $db->getColumnInfo(TABLE_PREFIX . 'account_actions', 'account_id');
+	if ($accountActionsInfo && is_array($accountActionsInfo) && $accountActionsInfo['key'] == 'pri') {
+		$db->query("ALTER TABLE `myaac_account_actions` DROP KEY `account_id`;");
+	}
+
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'id')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'id', 'INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`)');
+	}
+
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "VARCHAR(45) NOT NULL DEFAULT ''");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_NTOA(`ip`) WHERE `ip` != '0';");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET6_NTOA(`ipv6`) WHERE `ip` = '0';");
+
+	if ($db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'account_actions', 'id')) {
+		$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` DROP `id`;");
+	}
+
+	$db->query("ALTER TABLE  `" . TABLE_PREFIX . "account_actions` ADD KEY (`account_id`);");
+
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0x00000000000000000000000000000000 AFTER ip");
+	}
+
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ipv6` = INET6_ATON(ip) WHERE NOT IS_IPV4(`ip`);");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_ATON(`ip`) WHERE IS_IPV4(`ip`);");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = 0 WHERE `ipv6` != 0x00000000000000000000000000000000;");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) UNSIGNED NOT NULL DEFAULT 0;");
+};

system/migrations/48.php

@@ -0,0 +1,16 @@
+<?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'access')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'access', 'TINYINT NOT NULL DEFAULT 0 AFTER `link`');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'access')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'access');
+	}
+};

system/pages/account/change-password.php

@@ -19,18 +19,17 @@ if(!$logged) {
 
 csrfProtect();
 
-$new_password = $_POST['newpassword'] ?? NULL;
-$new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
-$old_password = $_POST['oldpassword'] ?? NULL;
+$new_password = $_POST['new_password'] ?? null;
+$new_password_confirm = $_POST['new_password_confirm'] ?? null;
+$old_password = $_POST['old_password'] ?? null;
 if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
 	$twig->display('account.change-password.html.twig');
 }
-else
-{
+else {
 	if(empty($new_password) || empty($new_password_confirm) || empty($old_password)){
 		$errors[] = 'Please fill in form.';
 	}
-	$password_strlen = strlen($new_password);
+
 	if($new_password != $new_password_confirm) {
 		$errors[] = 'The new passwords do not match!';
 	}
@@ -41,10 +40,13 @@ else
 		}
 
 		/** @var OTS_Account $account_logged */
-		$old_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
-		if($old_password != $account_logged->getPassword()) {
+		$old_password_hashed = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
+		if($old_password_hashed != $account_logged->getPassword()) {
 			$errors[] = 'Current password is incorrect!';
 		}
+		else if ($old_password == $new_password) {
+			$errors[] = 'The old password is same as the new password!';
+		}
 
 		$hooks->trigger(HOOK_ACCOUNT_CHANGE_PASSWORD_POST);
 	}

system/pages/account/confirm-email.php

@@ -9,6 +9,7 @@
  */
 
 use MyAAC\Models\Account;
+use MyAAC\Models\AccountEmailVerify;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
@@ -20,16 +21,20 @@ if(empty($hash)) {
 	return;
 }
 
-if(!Account::where('email_hash', $hash)->exists()) {
-	note("Your email couldn't be verified. Please contact staff to do it manually.");
+// by default link is valid for 30 days
+$accountEmailVerify = AccountEmailVerify::where('hash', $hash)->where('sent_at', '>', time() - 30 * 24 * 60 * 60)->first();
+if(!$accountEmailVerify) {
+	note("Wrong link or link has expired.");
 }
 else
 {
-	$accountModel = Account::where('email_hash', $hash)->where('email_verified', 0)->first();
+	$accountModel = Account::where('id', $accountEmailVerify->account_id)->where('email_verified', 0)->first();
 	if ($accountModel) {
 		$accountModel->email_verified = 1;
 		$accountModel->save();
 
+		AccountEmailVerify::where('account_id', $accountModel->id)->delete();
+
 		success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this. You can now <a href=' . getLink('account/manage') . '>log in</a>.');
 
 		$account = new OTS_Account();
@@ -39,6 +44,6 @@ else
 		}
 	}
 	else {
-		error('Link has expired.');
+		error('Your account is already verified.');
 	}
 }

system/pages/account/create.php

@@ -10,6 +10,7 @@
  */
 
 use MyAAC\CreateCharacter;
+use MyAAC\Models\AccountEmailVerify;
 
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Create Account';
@@ -244,7 +245,12 @@ if($save)
 		if(setting('core.mail_enabled') && setting('core.account_mail_verify'))
 		{
 			$hash = md5(generateRandomString(16, true, true) . $email);
-			$new_account->setCustomField('email_hash', $hash);
+
+			AccountEmailVerify::create([
+				'account_id' => $new_account->getId(),
+				'hash' => $hash,
+				'sent_at' => time(),
+			]);
 
 			$verify_url = getLink('account/confirm-email/' . $hash);
 			$body_html = $twig->render('mail.account.verify.html.twig', array(
@@ -361,7 +367,7 @@ if(!empty($errors))
 
 if (setting('core.account_country')) {
 	$countries = array();
-	foreach (array('pl', 'se', 'br', 'us', 'gb') as $c)
+	foreach (setting('core.account_countries_most_popular') ?? [] as $c)
 		$countries[$c] = $config['countries'][$c];
 
 	$countries['--'] = '----------';

system/pages/account/login.php

@@ -48,7 +48,9 @@ if(!empty($login_account) && !empty($login_password))
 	)
 	{
 		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
-			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
+			$link = getLink('account/resend-email-verify');
+			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.<br/>' .
+				'You can resend the Email here: <a href="' . $link . '">' . $link . '</a>';
 		} else {
 			session_regenerate_id();
 			setSession('account', $account_logged->getId());

system/pages/account/manage.php

@@ -38,15 +38,24 @@ csrfProtect();
 
 $groups = new OTS_Groups_List();
 
-$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
-$dayOrDays = $account_logged->getPremDays() == 1 ? 'day' : 'days';
 /**
  * @var OTS_Account $account_logged
  */
-if(!$account_logged->isPremium())
+$premDays = $account_logged->getPremDays();
+
+$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $premDays == OTS_Account::GRATIS_PREMIUM_DAYS;
+$dayOrDays = ($premDays == 1 ? 'day' : 'days');
+
+$vipSystemEnabled = isset($config['lua']['vipSystemEnabled']) && getBoolean($config['lua']['vipSystemEnabled']);
+$premiumLabel = $vipSystemEnabled ? 'VIP' : 'Premium Account';
+
+if ($freePremium && !$vipSystemEnabled) {
+	$account_status = '<b><span style="color: green">Gratis Premium Account</span></b>';
+} else if(!$account_logged->isPremium()) {
 	$account_status = '<b><span style="color: red">Free Account</span></b>';
-else
-	$account_status = '<b><span style="color: green">' . ($freePremium ? 'Gratis Premium Account' : 'Premium Account, ' . $account_logged->getPremDays() . ' '.$dayOrDays.' left') . '</span></b>';
+} else {
+	$account_status = '<b><span style="color: green">' . $premiumLabel . ', ' . $premDays . ' '.$dayOrDays.' left</span></b>';
+}
 
 $recovery_key = $account_logged->getCustomField('key');
 if(empty($recovery_key))
@@ -87,12 +96,8 @@ if($email_new_time > 1)
 	}
 }
 
-$actions = array();
-foreach($account_logged->getActionsLog(0, 1000) as $action) {
-	$actions[] = array('action' => $action['action'], 'date' => $action['date'], 'ip' => $action['ip'] != 0 ? long2ip($action['ip']) : inet_ntop($action['ipv6']));
-}
+$actions = $account_logged->getActionsLog(1000);
 
-$players = array();
 /** @var OTS_Players_List $account_players */
 $account_players = $account_logged->getPlayersList();
 $account_players->orderBy('id');

system/pages/account/resend-email-verify.php

@@ -0,0 +1,94 @@
+<?php
+
+use MyAAC\Models\AccountEmailVerify;
+
+defined('MYAAC') or die('Direct access not allowed!');
+
+$title = 'Resend Email';
+
+$errorWithBackButton = function ($msg) use ($twig) {
+	$errors = [$msg];
+
+	$twig->display('error_box.html.twig', ['errors' => $errors]);
+	$twig->display('account.back_button.html.twig', [
+		'action' => getLink('account/resend-email-verify'),
+	]);
+};
+
+if (!setting('core.mail_enabled') || !setting('core.account_mail_verify')) {
+	$errorWithBackButton('Resending email is not possible on this server.');
+	return;
+}
+
+$showForm = true;
+
+if (isset($_POST['submit']) && $_POST['submit'] == '1') {
+	$email = $_REQUEST['email'];
+
+	if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
+		$errorWithBackButton('Please enter valid Email.');
+		return;
+	}
+
+	$account = new OTS_Account();
+	$account->findByEMail($email);
+	if ($account->isLoaded()) {
+		if ($account->getCustomField('email_verified') == '1') {
+			$errorWithBackButton('This account is already verified! You can <a href=' . getLink('account/manage') . '>log in</a> on the website.');
+			return;
+		}
+
+		$accountEmailVerify = AccountEmailVerify::where('account_id', $account->getId())->orderBy('sent_at', 'DESC')->first();
+		if ($accountEmailVerify && time() - $accountEmailVerify->sent_at < 60) {
+			$errorWithBackButton('Only one Email per minute is allowed. Please try again later.');
+			return;
+		}
+
+		$tmp_account = $email;
+		if (!config('account_login_by_email')) {
+			$tmp_account = (USE_ACCOUNT_NAME ? $account->getName() : $account->getId());
+		}
+
+		$hash = md5(generateRandomString(16, true, true) . $email);
+
+		AccountEmailVerify::create([
+			'account_id' => $account->getId(),
+			'hash' => $hash,
+			'sent_at' => time(),
+		]);
+
+		$verify_url = getLink('account/confirm-email/' . $hash);
+		$body_html = $twig->render('mail.account.resend-email-verify.html.twig', array(
+			'account' => $tmp_account,
+			'verify_url' => generateLink($verify_url, $verify_url, true)
+		));
+
+		if (_mail($account->getEMail(), configLua('serverName') . ' - Verify Account', $body_html)) {
+			$message = "If account with this email exists - you will become an email with verification link.";
+			$showForm = false;
+		} else {
+			$message = "<p class='error'>An error occurred while sending email (<b>{$email}</b> )! Try again later. For Admin: More info can be found in system/logs/mailer-error.log</p>";
+		}
+	}
+	else {
+		$message = "<br />If account with this email exists - you will become an email with verification link.";
+		$showForm = false;
+	}
+
+	$twig->display('success.html.twig', array(
+		'title' => 'Verify Email Sent',
+		'description' => $message,
+	));
+}
+
+//show errors if not empty
+if (!empty($errors)) {
+	$twig->display('error_box.html.twig', ['errors' => $errors]);
+	$twig->display('account.back_button.html.twig', [
+		'action' => getLink('account/resend-email-verify'),
+	]);
+}
+
+if ($showForm) {
+	$twig->display('account.resend-email-verify.html.twig');
+}

system/pages/characters.php

@@ -202,36 +202,38 @@ if($player->isLoaded() && !$player->isDeleted())
 		unset($storage);
 	}
 
-	if($db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
+	if ($db->hasTableAndColumns('player_items', ['pid', 'sid', 'itemtype'])) {
 		$eq_sql = $db->query('SELECT `pid`, `itemtype` FROM player_items WHERE player_id = '.$player->getId().' AND (`pid` >= 1 and `pid` <= 10)');
-		$equipment = array();
-		foreach($eq_sql as $eq)
+		$equipment = [];
+		foreach($eq_sql as $eq) {
 			$equipment[$eq['pid']] = $eq['itemtype'];
+		}
 
-		$empty_slots = array("", "no_helmet", "no_necklace", "no_backpack", "no_armor", "no_handleft", "no_handright", "no_legs", "no_boots", "no_ring", "no_ammo");
-		for($i = 0; $i <= 10; $i++)
-		{
+		$empty_slots = ["", "no_helmet", "no_necklace", "no_backpack", "no_armor", "no_handleft", "no_handright", "no_legs", "no_boots", "no_ring", "no_ammo"];
+
+		for($i = 0; $i <= 10; $i++) {
 			if(!isset($equipment[$i]) || $equipment[$i] == 0)
 				$equipment[$i] = $empty_slots[$i];
 		}
 
-		for($i = 1; $i < 11; $i++)
-		{
-			if(Validator::number($equipment[$i]))
+		for($i = 1; $i < 11; $i++) {
+			if(Validator::number($equipment[$i])) {
 				$equipment[$i] = getItemImage($equipment[$i]);
-			else
+			}
+			else {
 				$equipment[$i] = '<img src="images/items/' . $equipment[$i] . '.gif" width="32" height="32" border="0" alt=" ' . $equipment[$i] . '" />';
+			}
 		}
-
-		$skulls = array(
-			1 => 'yellow_skull',
-			2 => 'green_skull',
-			3 => 'white_skull',
-			4 => 'red_skull',
-			5 => 'black_skull'
-		);
 	}
 
+	$skulls = [
+		1 => 'yellow_skull',
+		2 => 'green_skull',
+		3 => 'white_skull',
+		4 => 'red_skull',
+		5 => 'black_skull',
+	];
+
 	$dead_add_content = '';
 	$deaths = array();
 	if($db->hasTable('killers')) {

system/pages/guilds/create.php

@@ -21,6 +21,9 @@ if(!$logged) {
 	$errors[] = 'You are not logged in. You can\'t create guild.';
 }
 
+$configLuaFreePremium = configLua('freePremium');
+$freePremium = (isset($configLuaFreePremium) && getBoolean($configLuaFreePremium));
+
 $array_of_player_nig = array();
 if(empty($errors))
 {
@@ -31,7 +34,7 @@ if(empty($errors))
 		if(!$player_rank->isLoaded())
 		{
 			if($player->getLevel() >= setting('core.guild_need_level')) {
-				if(!setting('core.guild_need_premium') || $account_logged->isPremium()) {
+				if(!setting('core.guild_need_premium') || $account_logged->isPremium() || $freePremium) {
 					$array_of_player_nig[] = $player->getName();
 				}
 			}
@@ -95,7 +98,7 @@ if($todo == 'save')
 		if($player->getLevel() < setting('core.guild_need_level')) {
 			$errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
 		}
-		if(setting('core.guild_need_premium') && !$account_logged->isPremium()) {
+		if(setting('core.guild_need_premium') && !$account_logged->isPremium() && !$freePremium) {
 			$errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
 		}
 	}

system/pages/guilds/show.php

@@ -91,13 +91,18 @@ $guild_owner = $guild->getOwner();
 if($guild_owner->isLoaded())
 	$guild_owner_name = $guild_owner->getName();
 
+$deletedColumn = 'deleted';
+if ($db->hasColumn('players', 'deletion')) {
+	$deletedColumn = 'deletion';
+}
+
 $guild_members = array();
 foreach($rank_list as $rank)
 {
 	if($db->hasTable(GUILD_MEMBERS_TABLE))
-		$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `' . GUILD_MEMBERS_TABLE . '`.`rank_id` as `rank_id` FROM `players`, `' . GUILD_MEMBERS_TABLE . '` WHERE `' . GUILD_MEMBERS_TABLE . '`.`rank_id` = ' . $rank->getId() . ' AND `players`.`id` = `' . GUILD_MEMBERS_TABLE . '`.`player_id` ORDER BY `name`;');
+		$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `' . GUILD_MEMBERS_TABLE . '`.`rank_id` as `rank_id` FROM `players`, `' . GUILD_MEMBERS_TABLE . '` WHERE `' . GUILD_MEMBERS_TABLE . '`.`rank_id` = ' . $rank->getId() . ' AND `players`.`id` = `' . GUILD_MEMBERS_TABLE . '`.`player_id` AND `' . $deletedColumn . '` = 0 ORDER BY `name`;');
 	else if($db->hasColumn('players', 'rank_id'))
-		$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank->getId() . ' AND `deleted` = 0;');
+		$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank->getId() . ' AND `' . $deletedColumn . '` = 0;');
 
 	$players_with_rank_number = $players_with_rank->rowCount();
 	if($players_with_rank_number > 0)

system/pages/news.php

@@ -122,7 +122,7 @@ if(!$news_cached)
 		);
 	}
 
-	$tickers_db = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . TICKER .($canEdit ? '' : ' AND `hide` != 1') .' ORDER BY `date` DESC LIMIT ' . setting('core.news_ticker_limit'));
+	$tickers_db = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . TICKER . ' AND `hide` != 1 ORDER BY `date` DESC LIMIT ' . setting('core.news_ticker_limit'));
 	$tickers_content = '';
 	if($tickers_db->rowCount() > 0)
 	{
@@ -142,7 +142,8 @@ if(!$news_cached)
 	if($cache->enabled() && !$canEdit)
 		$cache->set('news_' . $template_name . '_' . TICKER, $tickers_content, 60 * 60);
 
-	$featured_article_db =$db->query('SELECT `id`, `title`, `article_text`, `article_image`, `hide` FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . ARTICLE . ($canEdit ? '' : ' AND `hide` != 1') .' ORDER BY `date` DESC LIMIT 1');
+	$featured_article_db =$db->query('SELECT `id`, `title`, `article_text`, `article_image`, `hide` FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . ARTICLE . ' AND `hide` != 1 ORDER BY `date` DESC LIMIT 1');
+
 	$article = '';
 	if($featured_article_db->rowCount() > 0) {
 		$article = $featured_article_db->fetch();
@@ -175,7 +176,7 @@ else {
 if(!$news_cached)
 {
 	ob_start();
-	$newses = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news') . ' WHERE type = ' . NEWS . ($canEdit ? '' : ' AND hide != 1') . ' ORDER BY date' . ' DESC LIMIT ' . setting('core.news_limit'));
+	$newses = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news') . ' WHERE type = ' . NEWS . ' AND hide != 1 ORDER BY date' . ' DESC LIMIT ' . setting('core.news_limit'));
 	if($newses->rowCount() > 0)
 	{
 		foreach($newses as $news)

system/router.php

@@ -88,8 +88,10 @@ if($logged && $account_logged && $account_logged->isLoaded()) {
 /**
  * Routes loading
  */
+$routesFinal = [];
 $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r) {
-	$routesFinal = [];
+	global $cache, $routesFinal;
+
 	foreach(getDatabasePages() as $page) {
 		$routesFinal[] = ['*', $page, '__database__/' . $page, 100];
 	}
@@ -165,7 +167,7 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 	echo '</pre>';
 	die;
 */
-	foreach ($routesFinal as $route) {
+	foreach ($routesFinal as &$route) {
 		if ($route[0] === '*') {
 			$route[0] = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'HEAD'];
 		}
@@ -198,6 +200,10 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 			log_append('router.log', $warning);
 		}
 	}
+
+	if ($cache->enabled()) {
+		$cache->set('routes_final', serialize($routesFinal), 10 * 365 * 24 * 60 * 60); // 10 years / infinite
+	}
 },
 	[
 		'cacheFile' => CACHE . 'route.cache',
@@ -212,7 +218,7 @@ $found = true;
 
 // old support for pages like /?subtopic=accountmanagement
 $page = $_REQUEST['p'] ?? ($_REQUEST['subtopic'] ?? '');
-if(!empty($page) && preg_match('/^[A-z0-9\-]+$/', $page)) {
+if(!empty($page) && preg_match('/^[A-z0-9\/\-]+$/', $page)) {
 	if (isset($_REQUEST['p'])) { // some plugins may require this
 		$_REQUEST['subtopic'] = $_REQUEST['p'];
 	}
@@ -221,9 +227,26 @@ if(!empty($page) && preg_match('/^[A-z0-9\-]+$/', $page)) {
 		require SYSTEM . 'compat/pages.php';
 	}
 
-	$file = loadPageFromFileSystem($page, $found);
-	if(!$found) {
-		$file = false;
+	$foundRoute = false;
+
+	$tmp = null;
+	if ($cache->enabled() && $cache->fetch('routes_final', $tmp)) {
+		$routesFinal = unserialize($tmp);
+	}
+
+	foreach ($routesFinal as $route) {
+		if ($page === $route[1]) {
+			$file = $route[2];
+			$foundRoute = true;
+			break;
+		}
+	}
+
+	if (!$foundRoute) {
+		$file = loadPageFromFileSystem($page, $found);
+		if(!$found) {
+			$file = false;
+		}
 	}
 }
 else {

system/settings.php

@@ -737,6 +737,18 @@ Sent by MyAAC,<br/>
 			'desc' => 'should country of user be automatically recognized by his IP? This makes an external API call to http://ipinfo.io',
 			'default' => true,
 		],
+		'account_countries_most_popular' => [
+			'name' => 'Account Countries Most Popular',
+			'type' => 'text',
+			'desc' => 'Those countries will be display at the top of the list on the create account page. The short codes of countries can be found in file <i>system/countries.conf.php</i>',
+			'default' => 'pl,se,br,us,gb',
+			'callbacks' => [
+				'get' => function ($value) {
+					$tmp = array_map('trim', explode(',', $value));
+					return array_filter($tmp, function ($v) {return !empty($v); });
+				},
+			],
+		],
 		'characters_per_account' => [
 			'name' => 'Characters per Account',
 			'type' => 'number',

system/src/Cache/Cache.php

@@ -115,6 +115,11 @@ class Cache
 			return unserialize($value);
 		}
 
+		// -1 for infinite cache
+		if ($ttl == -1) {
+			$ttl = 10 * 365 * 24 * 60 * 60; // 10 years should be enough
+		}
+
 		$value = $callback();
 		$cache->set($key, serialize($value), $ttl);
 		return $value;

system/src/Cache/PHP.php

@@ -27,6 +27,9 @@ class PHP
 	{
 		$var = var_export($var, true);
 
+		ensureFolderExists($this->dir);
+		ensureIndexExists($this->dir);
+
 		// Write to temp file first to ensure atomicity
 		$tmp = $this->dir . "tmp_$key." . uniqid('', true) . '.tmp';
 		file_put_contents($tmp, '<?php $var = ' . $var . ';', LOCK_EX);

system/src/Commands/Env.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace MyAAC\Commands;
+
+use POT;
+
+trait Env
+{
+	protected function init(): void
+	{
+		global $config;
+		if (!isset($config['installed']) || !$config['installed']) {
+			throw new \RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
+		}
+
+		if(empty($config['server_path'])) {
+			throw new \RuntimeException('Server Path has been not set. Go to config.php and set it.');
+		}
+
+		// take care of trailing slash at the end
+		if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
+			$config['server_path'] .= '/';
+
+		$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
+
+		// POT
+		require_once SYSTEM . 'libs/pot/OTS.php';
+		$ots = POT::getInstance();
+		$eloquentConnection = null;
+
+		require_once SYSTEM . 'database.php';
+	}
+}

system/src/Commands/MigrateCommand.php

@@ -9,6 +9,8 @@ use Symfony\Component\Console\Style\SymfonyStyle;
 
 class MigrateCommand extends Command
 {
+	use Env;
+
 	protected function configure(): void
 	{
 		$this->setName('migrate')
@@ -17,9 +19,19 @@ class MigrateCommand extends Command
 
 	protected function execute(InputInterface $input, OutputInterface $output): int
 	{
-		require SYSTEM . 'init.php';
+		$this->init();
 
 		$io = new SymfonyStyle($input, $output);
+
+		$tmp = '';
+		if(fetchDatabaseConfig('database_version', $tmp)) { // we got version
+			$tmp = (int)$tmp;
+			if ($tmp >= DATABASE_VERSION) {
+				$io->success('Already on latest version.');
+				return Command::SUCCESS;
+			}
+		}
+
 		require SYSTEM . 'migrate.php';
 
 		$io->success('Migrated to latest version (' . DATABASE_VERSION . ')');

system/src/Commands/MigrateRunCommand.php

@@ -10,6 +10,8 @@ use Symfony\Component\Console\Style\SymfonyStyle;
 
 class MigrateRunCommand extends Command
 {
+	use Env;
+
 	protected function configure(): void
 	{
 		$this->setName('migrate:run')
@@ -23,12 +25,12 @@ class MigrateRunCommand extends Command
 
 	protected function execute(InputInterface $input, OutputInterface $output): int
 	{
-		require SYSTEM . 'init.php';
-
 		$io = new SymfonyStyle($input, $output);
 
 		$ids = $input->getArgument('id');
 
+		$this->init();
+
 		// pre-check
 		// in case one of the migrations doesn't exist - we won't execute any of them
 		foreach ($ids as $id) {

system/src/Commands/MigrateToCommand.php

@@ -11,6 +11,8 @@ use Symfony\Component\Console\Style\SymfonyStyle;
 
 class MigrateToCommand extends Command
 {
+	use Env;
+
 	protected function configure(): void
 	{
 		$this->setName('migrate:to')
@@ -32,7 +34,7 @@ class MigrateToCommand extends Command
 			return Command::FAILURE;
 		}
 
-		$this->initEnv();
+		$this->init();
 
 		$currentVersion = Config::where('name', 'database_version')->first()->value;
 		if ($currentVersion > $versionDest) {
@@ -80,29 +82,4 @@ class MigrateToCommand extends Command
 
 		updateDatabaseConfig('database_version', ($_up ? $id : $id - 1));
 	}
-
-	private function initEnv()
-	{
-		global $config;
-		if (!isset($config['installed']) || !$config['installed']) {
-			throw new \RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
-		}
-
-		if(empty($config['server_path'])) {
-			throw new \RuntimeException('Server Path has been not set. Go to config.php and set it.');
-		}
-
-		// take care of trailing slash at the end
-		if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
-			$config['server_path'] .= '/';
-
-		$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
-
-		// POT
-		require_once SYSTEM . 'libs/pot/OTS.php';
-		$ots = POT::getInstance();
-		$eloquentConnection = null;
-
-		require_once SYSTEM . 'database.php';
-	}
 }

system/src/Commands/PluginDisableCommand.php

@@ -13,6 +13,7 @@ class PluginDisableCommand extends Command
 	protected function configure(): void
 	{
 		$this->setName('plugin:disable')
+			->setAliases(['plugin:deactivate'])
 			->setDescription('This command disables plugin')
 			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to disable');
 	}

system/src/Commands/PluginEnableCommand.php

@@ -13,6 +13,7 @@ class PluginEnableCommand extends Command
 	protected function configure(): void
 	{
 		$this->setName('plugin:enable')
+			->setAliases(['plugin:activate'])
 			->setDescription('This command enables plugin')
 			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to enable');
 	}

system/src/Commands/PluginUninstallCommand.php

@@ -13,6 +13,7 @@ class PluginUninstallCommand extends Command
 	protected function configure(): void
 	{
 		$this->setName('plugin:uninstall')
+			->setAliases(['plugin:remove', 'plugin:delete'])
 			->setDescription('This command uninstalls plugin')
 			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to uninstall');
 	}

system/src/Items.php

@@ -76,10 +76,11 @@ class Items
 
 	public static function get($id) {
 		self::load();
-		return isset(self::$items[$id]) ? self::$items[$id] : [];
+		return self::$items[$id] ?? [];
 	}
 
-	public static function getDescription($id, $count = 1) {
+	public static function getDescription($id, $count = 1): string
+	{
 		$item = self::get($id);
 
 		$attr = $item['attributes'];
@@ -112,15 +113,15 @@ class Items
 			$s .= 'an item of type ' . $item['id'];
 
 		if(isset($attr['type']) && strtolower($attr['type']) == 'rune') {
-			$item = Spell::where('item_id', $id)->first();
-			if($item) {
-				if($item->level > 0 && $item->maglevel > 0) {
-					$s .= '. ' . ($count > 1 ? "They" : "It") . ' can only be used by ';
+			$spell = Spell::where('item_id', $id)->first();
+			if($spell) {
+				if($spell->level > 0 && $spell->maglevel > 0) {
+					$s .= '. ' . ($count > 1 ? 'They' : 'It') . ' can only be used by ';
 				}
 
 				$configVocations = config('vocations');
-				if(!empty(trim($item->vocations))) {
-					$vocations = json_decode($item->vocations);
+				if(!empty(trim($spell->vocations))) {
+					$vocations = json_decode($spell->vocations);
 					if(count($vocations) > 0) {
 						foreach($vocations as $voc => $show) {
 							$vocations[$configVocations[$voc]] = $show;
@@ -133,8 +134,39 @@ class Items
 
 				$s .= ' with';
 
+				if ($spell->level > 0) {
+					$s .= ' level ' . $spell->level;
+				}
+
+				if ($spell->maglevel > 0) {
+					if ($spell->level > 0) {
+						$s .= ' and';
+					}
+
+					$s .= ' magic level ' . $spell->maglevel;
+				}
+
+				$s .= ' or higher';
 			}
 		}
+
+		if (!empty($item['weaponType'])) {
+			if ($item['weaponType'] == 'distance' && isset($item['ammoType'])) {
+				$s .= ' (Range:' . $item['range'];
+			}
+
+			if (isset($item['attack']) && $item['attack'] != 0) {
+				$s .= ', Atk ' . ($item['attack'] > 0 ? '+' . $item['attack'] : '-' . $item['attack']);
+			}
+
+			if (isset($item['hitChance']) && $item['hitChance'] != -1) {
+				$s .= ', Hit% ' . ($item['hitChance'] > 0 ? '+' . $item['hitChance'] : '-' . $item['hitChance']);
+			}
+			elseif ($item['weaponType'] != 'ammo') {
+				
+			}
+		}
+
 		return $s;
 	}
 }

system/src/Models/Account.php

@@ -5,11 +5,15 @@ namespace MyAAC\Models;
 use Illuminate\Database\Eloquent\Model;
 
 /**
+ * @property integer $premium_ends_at
+ * @property integer $premend
  * @property integer $lastday
  * @property integer $premdays
  */
 class Account extends Model {
 
+	const GRATIS_PREMIUM_DAYS = 65535;
+
 	protected $table = 'accounts';
 
 	public $timestamps = false;
@@ -33,32 +37,35 @@ class Account extends Model {
 
 	public function getPremiumDaysAttribute()
 	{
-		if(isset($this->premium_ends_at) || isset($this->premend)) {
-			$col = isset($this->premium_ends_at) ? 'premium_ends_at' : 'premend';
-			$ret = ceil(($this->{$col}- time()) / (24 * 60 * 60));
-			return $ret > 0 ? $ret : 0;
+		if(isset($this->premium_ends_at) || isset($this->premend) ||
+			(isCanary() && isset($this->lastday))) {
+				$col = (isset($this->premium_ends_at) ? 'premium_ends_at' : (isset($this->lastday) ? 'lastday' : 'premend'));
+				$ret = ceil(($this->{$col} - time()) / (24 * 60 * 60));
+				return max($ret, 0);
 		}
 
 		if($this->premdays == 0) {
 			return 0;
 		}
 
-		if($this->premdays == 65535){
-			return 65535;
+		if($this->premdays == self::GRATIS_PREMIUM_DAYS){
+			return self::GRATIS_PREMIUM_DAYS;
 		}
 
 		$ret = ceil($this->premdays - ((int)date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->lastday))) - date("z", $this->lastday)));
 		return max($ret, 0);
 	}
 
-	public function getIsPremiumAttribute()
+	public function getIsPremiumAttribute(): bool
 	{
-		if(isset($this->premium_ends_at)) {
-			return $this->premium_ends_at > time();
+		if(isset($this->premium_ends_at) || isset($this->premend) ||
+			(isCanary() && isset($this->lastday))) {
+			$col = (isset($this->premium_ends_at) ? 'premium_ends_at' : (isset($this->lastday) ? 'lastday' : 'premend'));
+			return $this->{$col} > time();
 		}
 
-		if(isset($this->premend)) {
-			return $this->premend > time();
+		if($this->premdays == self::GRATIS_PREMIUM_DAYS){
+			return true;
 		}
 
 		return ($this->premdays - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->lastday))) - date("z", $this->lastday)) > 0);

system/src/Models/AccountAction.php

@@ -9,6 +9,6 @@ class AccountAction extends Model {
 
 	public $timestamps = false;
 
-	protected $fillable = ['account_id', 'ip', 'ipv6', 'date', 'action'];
+	protected $fillable = ['account_id', 'ip', 'date', 'action'];
 
 }

system/src/Models/AccountEmailVerify.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace MyAAC\Models;
+use Illuminate\Database\Eloquent\Model;
+
+class AccountEmailVerify extends Model
+{
+
+	protected $table = TABLE_PREFIX . 'account_emails_verify';
+
+	public $timestamps = false;
+
+	protected $fillable = ['account_id', 'hash', 'sent_at'];
+
+}

system/src/Models/Changelog.php

@@ -18,7 +18,16 @@ class Changelog extends Model {
 
 	public $timestamps = false;
 
+	protected $fillable = [
+		'body', 'type', 'where',
+		'date', 'player_id', 'hide',
+	];
+
 	public function scopeIsPublic($query) {
 		$query->where('hide', '!=', 1);
 	}
+
+	public function player() {
+		return $this->belongsTo(Player::class);
+	}
 }

system/src/Models/ForumBoard.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace MyAAC\Models;
+use Illuminate\Database\Eloquent\Model;
+
+class ForumBoard extends Model {
+
+	protected $table = TABLE_PREFIX . 'forum_boards';
+
+	public $timestamps = false;
+
+	protected $fillable = [
+		'name', 'description', 'ordering',
+		'guild', 'access', 'closed', 'hide',
+	];
+}

system/src/Models/Gallery.php

@@ -10,4 +10,9 @@ class Gallery extends Model {
 
 	public $timestamps = false;
 
+	protected $fillable = [
+		'comment', 'image', 'thumb',
+		'author', 'ordering', 'hide',
+	];
+
 }

system/src/Models/Menu.php

@@ -9,6 +9,6 @@ class Menu extends Model {
 
 	public $timestamps = false;
 
-	protected $fillable = ['template', 'name', 'link', 'blank', 'color', 'category', 'ordering', 'enabled'];
+	protected $fillable = ['template', 'name', 'link', 'access', 'blank', 'color', 'category', 'ordering', 'enabled'];
 
 }

system/src/Models/NewsCategory.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace MyAAC\Models;
+use Illuminate\Database\Eloquent\Model;
+
+class NewsCategory extends Model {
+
+	protected $table = TABLE_PREFIX . 'news_categories';
+
+	public $timestamps = false;
+
+	protected $fillable = [
+		'name', 'description', 'icon_id', 'hide'
+	];
+}

system/src/Plugins.php

@@ -513,6 +513,9 @@ class Plugins {
 			return false;
 		}
 
+		ensureFolderExists($cachePlugins = CACHE . 'plugins');
+		ensureIndexExists($cachePlugins);
+
 		self::$error = 'There was a problem with extracting zip archive.';
 		$file_name = $plugin_temp_dir . $json_file;
 		if(!file_exists($file_name)) {
@@ -549,21 +552,21 @@ class Plugins {
 		if(isset($plugin_json['require'])) {
 			$require = $plugin_json['require'];
 
-			$myaac_satified = true;
+			$myaac_satisfied = true;
 			if(isset($require['myaac_'])) {
 				$require_myaac = $require['myaac_'];
 				if(!Semver::satisfies(MYAAC_VERSION, $require_myaac)) {
-					$myaac_satified = false;
+					$myaac_satisfied = false;
 				}
 			}
 			else if(isset($require['myaac'])) {
 				$require_myaac = $require['myaac'];
 				if(version_compare(MYAAC_VERSION, $require_myaac, '<')) {
-					$myaac_satified = false;
+					$myaac_satisfied = false;
 				}
 			}
 
-			if(!$myaac_satified) {
+			if(!$myaac_satisfied) {
 				self::$error = "Your AAC version doesn't meet the requirement of this plugin. Required version is: " . $require_myaac . ", and you're using version " . MYAAC_VERSION . ".";
 				return false;
 			}

system/src/Settings.php

@@ -248,7 +248,7 @@ class Settings implements \ArrayAccess
 						echo '<div class="input-group" id="show-hide-' . $key . '">';
 					}
 
-					echo '<input class="form-control" type="' . $setting['type'] . '" name="settings[' . $key . ']" value="' . ($settingsDb[$key] ?? ($setting['default'] ?? '')) . '" id="' . $key . '"' . $min . $max . $step . '/>';
+					echo '<input class="form-control" type="' . $setting['type'] . '" name="settings[' . $key . ']" value="' . escapeHtml($settingsDb[$key] ?? ($setting['default'] ?? '')) . '" id="' . $key . '"' . $min . $max . $step . '/>';
 
 					if ($setting['type'] === 'password') {
 						echo '<div class="input-group-append input-group-text"><a href=""><i class="fas fa-eye-slash" ></i></a></div></div>';
@@ -266,7 +266,7 @@ class Settings implements \ArrayAccess
 					if ($rows < 2) {
 						$rows = 2; // always min 2 rows for textarea
 					}
-					echo '<textarea class="form-control" rows="' . $rows . '" name="settings[' . $key . ']" id="' . $key . '">' . $value . '</textarea>';
+					echo '<textarea class="form-control" rows="' . $rows . '" name="settings[' . $key . ']" id="' . $key . '">' . escapeHtml($value) . '</textarea>';
 				}
 
 				else if ($setting['type'] === 'options') {

system/src/global.php

@@ -28,6 +28,8 @@ define('HOOK_CHARACTERS_AFTER_CHARACTERS', ++$i);
 define('HOOK_LOGIN', ++$i);
 define('HOOK_LOGIN_ATTEMPT', ++$i);
 define('HOOK_LOGOUT', ++$i);
+define('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_OLD_PASSWORD', ++$i);
+define('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_NEW_PASSWORD', ++$i);
 define('HOOK_ACCOUNT_CHANGE_PASSWORD_POST', ++$i);
 define('HOOK_ACCOUNT_CREATE_BEFORE_FORM', ++$i);
 define('HOOK_ACCOUNT_CREATE_BEFORE_BOXES', ++$i);

system/status.php

@@ -145,13 +145,7 @@ function updateStatus() {
 		}
 
 		$uptime = $status['uptime'] = $serverStatus->getUptime();
-		$m = date('m', $uptime);
-		$m = $m > 1 ? "$m months, " : ($m == 1 ? 'month, ' : '');
-		$d = date('d', $uptime);
-		$d = $d > 1 ? "$d days, " : ($d == 1 ? 'day, ' : '');
-		$h = date('H', $uptime);
-		$min = date('i', $uptime);
-		$status['uptimeReadable'] = "{$m}{$d}{$h}h {$min}m";
+		$status['uptimeReadable'] = getStatusUptimeReadable($uptime);
 
 		$status['monsters'] = $serverStatus->getMonstersCount();
 		$status['motd'] = $serverStatus->getMOTD();

system/template.php

@@ -146,10 +146,10 @@ if($twig_loader) {
 
 function get_template_menus(): array
 {
-	global $template_name;
+	global $template_name, $logged_access;
 
 	$result = Cache::remember('template_menus_' . $template_name, 10 * 60, function () use ($template_name) {
-		$result = Menu::select(['name', 'link', 'blank', 'color', 'category'])
+		$result = Menu::select(['name', 'link', 'access', 'blank', 'color', 'category'])
 			->where('template', $template_name)
 			->orderBy('category')
 			->orderBy('ordering')
@@ -163,6 +163,10 @@ function get_template_menus(): array
 
 	$menus = [];
 	foreach($result as $menu) {
+		if ($menu['access'] > $logged_access) {
+			continue;
+		}
+
 		if (empty($menu['link'])) {
 			$menu['link'] = 'news';
 		}

system/templates/account.change-password.html.twig

@@ -9,23 +9,29 @@ Please enter your current password and a new password. For your security, please
 			<span>Current Password:</span>
 		</td>
 		<td>
-			<input form="form" type="password" name="oldpassword" size="30" maxlength="29">
+			<input form="form" type="password" id="old_password" name="old_password" size="30" maxlength="29">
 		</td>
 	</tr>
+
+	{{ hook('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_OLD_PASSWORD') }}
+
 	<tr>
 		<td class="LabelV">
 			<span>New Password:</span>
 		</td>
 		<td style="width:90%;">
-			<input form="form" type="password" name="newpassword" size="30" maxlength="29">
+			<input form="form" type="password" id="new_password" name="new_password" size="30" maxlength="29">
 		</td>
 	</tr>
+
+	{{ hook('HOOK_ACCOUNT_CHANGE_PASSWORD_AFTER_NEW_PASSWORD') }}
+
 	<tr>
 		<td class="LabelV">
 			<span>New Password Again:</span>
 		</td>
 		<td>
-			<input form="form" type="password" name="newpassword_confirm" size="30" maxlength="29">
+			<input form="form" type="password" id="new_password_confirm" name="new_password_confirm" size="30" maxlength="29">
 		</td>
 	</tr>
 </table>

system/templates/account.resend-email-verify.html.twig

@@ -0,0 +1,45 @@
+Please enter your account Email address.<br/><br/>
+{% set title = 'Resend Email' %}
+{% set background = config('darkborder') %}
+{% set content %}
+	<table style="width:100%;">
+		<tr>
+			<td class="LabelV" >
+				<span><label for="email">Email Address:</label></span>
+			</td>
+			<td style="width:90%;">
+				<input type="email" form="form" id="email" name="email" size="30" maxlength="50" autofocus/>
+			</td>
+		</tr>
+	</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+<br/>
+<table style="width:100%;">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0;">
+						<form id="form" action="{{ getLink('account/resend-email-verify') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="submit" value="1"/>
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				<tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0;">
+						<form action="{{ getLink('news') }}" method="post">
+							{{ include('buttons.back.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>

system/templates/admin.menus.header.html.twig

@@ -2,7 +2,8 @@
 	<p class="note">You are editing: {{ template }}<br/><br/>
 		Hint: You can drag menu items.<br/>
 		Hint: Add links to external sites using: <b>http://</b> or <b>https://</b> prefix.<br/>
-		Not all templates support blank and colorful links.
+		Not all templates support blank and colorful links.<br/>
+		* Guest means everyone will see the link. Player means registered and logged-in user.
 	</p>
 	<div class="row text-center">
 		<div class="col-md-2 col-sm-1"></div>

system/templates/admin.menus.js.html.twig

@@ -14,42 +14,62 @@
 	colors[{{ cat }}] = '{{ options['default_links_color'] ?? (menuDefaultLinksColor ?? config('menu_default_color')) }}';
 	{% endfor %}
 
+	function confirmRemoveMenuItem(that)
+	{
+		let id = $(that).attr("id");
+		if (confirm('Are you sure, that you want to remove this element?')) {
+			$('#list-' + id.replace('remove-button-', '')).remove();
+		}
+	}
+
 	$(function () {
 		const $sortable = $(".sortable");
 		$sortable.sortable();
 		$sortable.disableSelection();
 
 		$(".remove-button").on('click', function () {
-			var id = $(this).attr("id");
-			$('#list-' + id.replace('remove-button-', '')).remove();
+			confirmRemoveMenuItem(this);
 		});
 
 		$(".add-button").on('click', function () {
-			var cat = $(this).attr("id").replace('add-button-', '');
-			var id = last_id[cat];
+			let cat = $(this).attr("id").replace('add-button-', '');
+			let id = last_id[cat];
 			last_id[cat]++;
 			const color = colors[cat];
-			$('#sortable-' + cat).append('<li class="ui-state-default" id="list-' + cat + '-' + id + '"><label>Name:</label> <input type="text" name="menu[' + cat + '][]" value=""/> <label>Link:</label> <input type="text" name="menu_link[' + cat + '][]" value=""/><input type="hidden" name="menu_blank[' + cat + '][]" value="0" /> <label><input class="blank-checkbox" type="checkbox"/><span title="Open in New Window">New Window</span></label> <input class="color-picker" type="text" name="menu_color[' + cat + '][]" value="#' + color + '" /> <a class="remove-button" id="remove-button-' + cat + '-' + id + '"><i class="fas fa-trash"></i></a></li>'); //add input bo
-			$('#remove-button-' + cat + '-' + id).on('click', function () {
-				$('#list-' + $(this).attr("id").replace('remove-button-', '')).remove();
-			});
 
-			initializeSpectrum();
+			let copy = $('.ui-state-default:first').clone();
+
+			copy.attr('id', 'list-' + cat + '-' + id);
+
+			copy.find('.menu-name').val('').attr('name', 'menu[' + cat + '][]');
+			copy.find('.menu-link').val('').attr('name', 'menu_link[' + cat + '][]');
+			copy.find('.menu-access').val('0').attr('name', 'menu_access[' + cat + '][]');
+			copy.find('.menu-color').val(color).attr('name', 'menu_color[' + cat + '][]');
+			copy.find('.menu-blank').attr('name', 'menu_blank[' + cat + '][]');
+			copy.find('.menu-blank-checkbox').prop('checked', false);
+
+			copy.find('.remove-button').attr('id', 'remove-button-' + cat + '-' + id);
+
+			$('#sortable-' + cat).append(copy);
+
+			$('#remove-button-' + cat + '-' + id).on('click', function () {
+				confirmRemoveMenuItem(this);
+			});
 		});
 
 		$("#menus-form").on('submit', function (e) {
-			$('.blank-checkbox:not(:checked)').each(function (i, obj) {
+			$('.menu-blank-checkbox:not(:checked)').each(function (i, obj) {
 				$(obj).parent().prev().val("off");
 			});
 
-			$('.blank-checkbox:checked').each(function (i, obj) {
+			$('.menu-blank-checkbox:checked').each(function (i, obj) {
 				$(obj).parent().prev().val("on");
 			});
 		});
 
 	});
 </script>
-<style type="text/css">
+<style>
 	.sortable {
 		list-style-type: none;
 		margin: 0;
@@ -60,24 +80,16 @@
 	.remove-button, .add-button {
 		cursor: pointer;
 	}
-</style>
-<script type="text/javascript" src="{{ constant('BASE_URL') }}tools/js/spectrum.js"></script>
-<link type="text/css" rel="stylesheet" href="{{ constant('BASE_URL') }}tools/css/spectrum.css"/>
-<script type="text/javascript">
-	$(function () {
-		initializeSpectrum();
-	});
 
-	function initializeSpectrum() {
-		$(".color-picker").spectrum({
-			preferredFormat: "hex",
-			showInput: true,
-			showPalette: true,
-			palette: [
-				['black', 'white', 'blanchedalmond',
-					'rgb(255, 128, 0);', 'hsv 100 70 50'],
-				['red', 'yellow', 'green', 'blue', 'violet']
-			]
-		});
+	.ui-sortable-handle {
+		padding: 10px;
 	}
-</script>
+
+	.label_menu_name, .label_menu_link {
+		width: 45%;
+	}
+
+	.menu-name, .menu-link {
+		width: 100%;
+	}
+</style>

system/templates/characters.html.twig

@@ -9,7 +9,7 @@
 <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr>
 	<td><img src="{{ template_path }}/images/general/blank.gif" width="10" height="1" border="0"></td>
 	<td>
-        {{ hook(constant('HOOK_CHARACTERS_BEFORE_INFORMATIONS')) }}
+        {{ hook('HOOK_CHARACTERS_BEFORE_INFORMATIONS') }}
 		{% if canEdit %}
 			<a href="{{ constant('ADMIN_URL') }}?p=players&id={{ player.getId() }}" title="Edit in Admin Panel" target="_blank">
 				<img src="images/edit.png"/>Edit
@@ -153,11 +153,11 @@
 				<td>{% if account.isPremium() %}Premium Account{% else %}Free Account{% endif %}</td>
 			</tr>
 		</table>
-		{{ hook(constant('HOOK_CHARACTERS_AFTER_INFORMATIONS')) }}
+		{{ hook('HOOK_CHARACTERS_AFTER_INFORMATIONS') }}
 		<br/>
 		<table border="0" width="100%">
 			<tr>
-				{{ hook(constant('HOOK_CHARACTERS_BEFORE_SKILLS')) }}
+				{{ hook('HOOK_CHARACTERS_BEFORE_SKILLS') }}
 
 				{% if config.characters.skills %}
 				<!-- SKILLS -->
@@ -179,7 +179,7 @@
 				<!-- SKILLS_END -->
 				{% endif %}
 
-				{{ hook(constant('HOOK_CHARACTERS_AFTER_SKILLS')) }}
+				{{ hook('HOOK_CHARACTERS_AFTER_SKILLS') }}
 
 				{% if quests_enabled %}
 				<!-- QUESTS -->
@@ -201,7 +201,7 @@
 				<!-- QUESTS_END -->
 				{% endif %}
 
-				{{ hook(constant('HOOK_CHARACTERS_AFTER_QUESTS')) }}
+				{{ hook('HOOK_CHARACTERS_AFTER_QUESTS') }}
 
 				{% if config.characters.equipment %}
 				<!-- EQUIPMENT -->
@@ -239,11 +239,11 @@
 				<!-- EQUIPMENT_END -->
 				{% endif %}
 
-				{{ hook(constant('HOOK_CHARACTERS_AFTER_EQUIPMENT')) }}
+				{{ hook('HOOK_CHARACTERS_AFTER_EQUIPMENT') }}
 			</tr>
 		</table>
 
-		{{ hook(constant('HOOK_CHARACTERS_BEFORE_DEATHS')) }}
+		{{ hook('HOOK_CHARACTERS_BEFORE_DEATHS') }}
 
 		{% if deaths|length > 0 %}
 		<!-- DEATHS -->
@@ -283,7 +283,7 @@
 		<!-- FRAGS_END -->
 		{% endif %}
 
-		{{ hook(constant('HOOK_CHARACTERS_BEFORE_SIGNATURE')) }}
+		{{ hook('HOOK_CHARACTERS_BEFORE_SIGNATURE') }}
 
 		{% if setting('core.signature_enabled') %}
 		<!-- SIGNATURE -->
@@ -327,7 +327,7 @@
 		</table>
 		<!-- SIGNATURE_END -->
 		{% endif %}
-		{{ hook(constant('HOOK_CHARACTERS_AFTER_SIGNATURE')) }}
+		{{ hook('HOOK_CHARACTERS_AFTER_SIGNATURE') }}
 		{% if not player.isHidden() %}
 		{% set rows = 0 %}
 		<!-- ACCOUNT_INFORMATION -->
@@ -377,7 +377,7 @@
 			</tr>
 		</table>
 		<!-- ACCOUNT_INFORMATION_END -->
-		{{ hook(constant('HOOK_CHARACTERS_AFTER_ACCOUNT')) }}
+		{{ hook('HOOK_CHARACTERS_AFTER_ACCOUNT') }}
 		<!-- CHARACTERS_LIST -->
 		<br/><br/>
 		<table border="0" cellspacing="1" cellpadding="4" width="100%">
@@ -421,7 +421,7 @@
 		</table>
 		<!-- CHARACTERS_LIST_END -->
 		{% endif %}
-		{{ hook(constant('HOOK_CHARACTERS_AFTER_CHARACTERS')) }}
+		{{ hook('HOOK_CHARACTERS_AFTER_CHARACTERS') }}
 		{% if canEdit %}
 			<a href="{{ constant('ADMIN_URL') }}?p=players&id={{ player.getId() }}" title="Edit in Admin Panel" target="_blank">
 				<img src="images/edit.png"/>Edit

system/templates/error_box.html.twig

@@ -9,7 +9,7 @@
 			<div class="AttentionSign" style="background-image:url({{ template_path }}/images/content/attentionsign.gif);"></div>
 			<b>The Following Errors Have Occurred:</b><br/>
 			{% for error in errors %}
-			<li>{{ error|striptags('<b>')|raw }}</li>
+			<li>{{ error|striptags('<b><a>')|raw }}</li>
 			{% endfor %}
 		</div>
 		<div class="BoxFrameHorizontal" style="background-image:url({{ template_path }}/images/content/box-frame-horizontal.gif);"></div>
@@ -17,4 +17,4 @@
 		<div class="BoxFrameEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></div>
 	</div>
 </div>
-<br/>
+<br/>

system/templates/mail.account.resend-email-verify.html.twig

@@ -0,0 +1,7 @@
+Hello {{ account }}!<br/>
+<br/>
+You requested to resend the verify Email on {{ config.lua.serverName }}!<br/>
+<br/>
+
+To verify your email address please click the link below:<br/>
+{{ verify_url|raw }}

system/templates/online.html.twig

@@ -101,7 +101,7 @@
 
 	<tr>
 		<td class="LabelV150"><b>Location Datacenter:</b></td>
-		<td>{{ setting('core.online_datacenter') }} <small>(Server date & time: - {{ "now"|date("d/m/Y H:i:s") }})</small></td>
+		<td>{{ setting('core.online_datacenter')|raw }} <small>(Server date & time: - {{ "now"|date("d/m/Y H:i:s") }})</small></td>
 	</tr>
 	<tr>
 		<td class="LabelV150"><b>PvP Type:</b></td>

system/twig.php

@@ -101,6 +101,10 @@ $twig->addFunction($function);
 $function = new TwigFunction('hook', function ($context, $hook, array $params = []) {
 	global $hooks;
 
+	if (config('hooks_debug')) {
+		note($hook);
+	}
+
 	if(is_string($hook)) {
 		if (defined($hook)) {
 			$hook = constant($hook);

templates/tibiacom/index.php

@@ -27,26 +27,18 @@ if(isset($config['boxes']))
 		var loginStatus="<?php echo ($logged ? 'true' : 'false'); ?>";
 		<?php
 			if(PAGE !== 'news') {
-				if(isset($_REQUEST['subtopic'])) {
-					$tmp = escapeHtml($_REQUEST['subtopic']);
-					if($tmp === 'accountmanagement') {
-						$tmp = 'accountmanage';
+				$tmp = str_replace('/', '_', isset($_REQUEST['subtopic']) ? escapeHtml($_REQUEST['subtopic']) :  PAGE);
+				$exp = explode('/', PAGE);
+				if(PAGE !== 'account/create' && PAGE !== 'account/lost' && isset($exp[1])) {
+					if ($exp[0] === 'account' && $exp[1] === 'lost') {
+						$tmp = 'account_lost';
+					} elseif ($exp[0] === 'account') {
+						$tmp = 'account_manage';
+					} else if ($exp[0] === 'news' && $exp[1] === 'archive') {
+						$tmp = 'news_archive';
 					}
-				}
-				else {
-					$tmp = str_replace('/', '_', PAGE);
-					$exp = explode('/', PAGE);
-					if(PAGE !== 'account/create' && PAGE !== 'account/lost' && isset($exp[1])) {
-						if ($exp[0] === 'account' && $exp[1] === 'lost') {
-							$tmp = 'account_lost';
-						} elseif ($exp[0] === 'account') {
-							$tmp = 'account_manage';
-						} else if ($exp[0] === 'news' && $exp[1] === 'archive') {
-							$tmp = 'news_archive';
-						}
-						else if (in_array($exp[0], ['characters', 'highscores', 'guilds', 'forum'])) {
-							$tmp = $exp[0];
-						}
+					else if (in_array($exp[0], ['characters', 'highscores', 'guilds', 'forum'])) {
+						$tmp = $exp[0];
 					}
 				}
 			}

tools/css/spectrum.css

@@ -1,507 +0,0 @@
-/***
-Spectrum Colorpicker v1.8.0
-https://github.com/bgrins/spectrum
-Author: Brian Grinstead
-License: MIT
-***/
-
-.sp-container {
-    position:absolute;
-    top:0;
-    left:0;
-    display:inline-block;
-    *display: inline;
-    *zoom: 1;
-    /* https://github.com/bgrins/spectrum/issues/40 */
-    z-index: 9999994;
-    overflow: hidden;
-}
-.sp-container.sp-flat {
-    position: relative;
-}
-
-/* Fix for * { box-sizing: border-box; } */
-.sp-container,
-.sp-container * {
-    -webkit-box-sizing: content-box;
-       -moz-box-sizing: content-box;
-            box-sizing: content-box;
-}
-
-/* http://ansciath.tumblr.com/post/7347495869/css-aspect-ratio */
-.sp-top {
-  position:relative;
-  width: 100%;
-  display:inline-block;
-}
-.sp-top-inner {
-   position:absolute;
-   top:0;
-   left:0;
-   bottom:0;
-   right:0;
-}
-.sp-color {
-    position: absolute;
-    top:0;
-    left:0;
-    bottom:0;
-    right:20%;
-}
-.sp-hue {
-    position: absolute;
-    top:0;
-    right:0;
-    bottom:0;
-    left:84%;
-    height: 100%;
-}
-
-.sp-clear-enabled .sp-hue {
-    top:33px;
-    height: 77.5%;
-}
-
-.sp-fill {
-    padding-top: 80%;
-}
-.sp-sat, .sp-val {
-    position: absolute;
-    top:0;
-    left:0;
-    right:0;
-    bottom:0;
-}
-
-.sp-alpha-enabled .sp-top {
-    margin-bottom: 18px;
-}
-.sp-alpha-enabled .sp-alpha {
-    display: block;
-}
-.sp-alpha-handle {
-    position:absolute;
-    top:-4px;
-    bottom: -4px;
-    width: 6px;
-    left: 50%;
-    cursor: pointer;
-    border: 1px solid black;
-    background: white;
-    opacity: .8;
-}
-.sp-alpha {
-    display: none;
-    position: absolute;
-    bottom: -14px;
-    right: 0;
-    left: 0;
-    height: 8px;
-}
-.sp-alpha-inner {
-    border: solid 1px #333;
-}
-
-.sp-clear {
-    display: none;
-}
-
-.sp-clear.sp-clear-display {
-    background-position: center;
-}
-
-.sp-clear-enabled .sp-clear {
-    display: block;
-    position:absolute;
-    top:0px;
-    right:0;
-    bottom:0;
-    left:84%;
-    height: 28px;
-}
-
-/* Don't allow text selection */
-.sp-container, .sp-replacer, .sp-preview, .sp-dragger, .sp-slider, .sp-alpha, .sp-clear, .sp-alpha-handle, .sp-container.sp-dragging .sp-input, .sp-container button  {
-    -webkit-user-select:none;
-    -moz-user-select: -moz-none;
-    -o-user-select:none;
-    user-select: none;
-}
-
-.sp-container.sp-input-disabled .sp-input-container {
-    display: none;
-}
-.sp-container.sp-buttons-disabled .sp-button-container {
-    display: none;
-}
-.sp-container.sp-palette-buttons-disabled .sp-palette-button-container {
-    display: none;
-}
-.sp-palette-only .sp-picker-container {
-    display: none;
-}
-.sp-palette-disabled .sp-palette-container {
-    display: none;
-}
-
-.sp-initial-disabled .sp-initial {
-    display: none;
-}
-
-
-/* Gradients for hue, saturation and value instead of images.  Not pretty... but it works */
-.sp-sat {
-    background-image: -webkit-gradient(linear,  0 0, 100% 0, from(#FFF), to(rgba(204, 154, 129, 0)));
-    background-image: -webkit-linear-gradient(left, #FFF, rgba(204, 154, 129, 0));
-    background-image: -moz-linear-gradient(left, #fff, rgba(204, 154, 129, 0));
-    background-image: -o-linear-gradient(left, #fff, rgba(204, 154, 129, 0));
-    background-image: -ms-linear-gradient(left, #fff, rgba(204, 154, 129, 0));
-    background-image: linear-gradient(to right, #fff, rgba(204, 154, 129, 0));
-    -ms-filter: "progid:DXImageTransform.Microsoft.gradient(GradientType = 1, startColorstr=#FFFFFFFF, endColorstr=#00CC9A81)";
-    filter : progid:DXImageTransform.Microsoft.gradient(GradientType = 1, startColorstr='#FFFFFFFF', endColorstr='#00CC9A81');
-}
-.sp-val {
-    background-image: -webkit-gradient(linear, 0 100%, 0 0, from(#000000), to(rgba(204, 154, 129, 0)));
-    background-image: -webkit-linear-gradient(bottom, #000000, rgba(204, 154, 129, 0));
-    background-image: -moz-linear-gradient(bottom, #000, rgba(204, 154, 129, 0));
-    background-image: -o-linear-gradient(bottom, #000, rgba(204, 154, 129, 0));
-    background-image: -ms-linear-gradient(bottom, #000, rgba(204, 154, 129, 0));
-    background-image: linear-gradient(to top, #000, rgba(204, 154, 129, 0));
-    -ms-filter: "progid:DXImageTransform.Microsoft.gradient(startColorstr=#00CC9A81, endColorstr=#FF000000)";
-    filter : progid:DXImageTransform.Microsoft.gradient(startColorstr='#00CC9A81', endColorstr='#FF000000');
-}
-
-.sp-hue {
-    background: -moz-linear-gradient(top, #ff0000 0%, #ffff00 17%, #00ff00 33%, #00ffff 50%, #0000ff 67%, #ff00ff 83%, #ff0000 100%);
-    background: -ms-linear-gradient(top, #ff0000 0%, #ffff00 17%, #00ff00 33%, #00ffff 50%, #0000ff 67%, #ff00ff 83%, #ff0000 100%);
-    background: -o-linear-gradient(top, #ff0000 0%, #ffff00 17%, #00ff00 33%, #00ffff 50%, #0000ff 67%, #ff00ff 83%, #ff0000 100%);
-    background: -webkit-gradient(linear, left top, left bottom, from(#ff0000), color-stop(0.17, #ffff00), color-stop(0.33, #00ff00), color-stop(0.5, #00ffff), color-stop(0.67, #0000ff), color-stop(0.83, #ff00ff), to(#ff0000));
-    background: -webkit-linear-gradient(top, #ff0000 0%, #ffff00 17%, #00ff00 33%, #00ffff 50%, #0000ff 67%, #ff00ff 83%, #ff0000 100%);
-    background: linear-gradient(to bottom, #ff0000 0%, #ffff00 17%, #00ff00 33%, #00ffff 50%, #0000ff 67%, #ff00ff 83%, #ff0000 100%);
-}
-
-/* IE filters do not support multiple color stops.
-   Generate 6 divs, line them up, and do two color gradients for each.
-   Yes, really.
- */
-.sp-1 {
-    height:17%;
-    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff0000', endColorstr='#ffff00');
-}
-.sp-2 {
-    height:16%;
-    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffff00', endColorstr='#00ff00');
-}
-.sp-3 {
-    height:17%;
-    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#00ff00', endColorstr='#00ffff');
-}
-.sp-4 {
-    height:17%;
-    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#00ffff', endColorstr='#0000ff');
-}
-.sp-5 {
-    height:16%;
-    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#0000ff', endColorstr='#ff00ff');
-}
-.sp-6 {
-    height:17%;
-    filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff00ff', endColorstr='#ff0000');
-}
-
-.sp-hidden {
-    display: none !important;
-}
-
-/* Clearfix hack */
-.sp-cf:before, .sp-cf:after { content: ""; display: table; }
-.sp-cf:after { clear: both; }
-.sp-cf { *zoom: 1; }
-
-/* Mobile devices, make hue slider bigger so it is easier to slide */
-@media (max-device-width: 480px) {
-    .sp-color { right: 40%; }
-    .sp-hue { left: 63%; }
-    .sp-fill { padding-top: 60%; }
-}
-.sp-dragger {
-   border-radius: 5px;
-   height: 5px;
-   width: 5px;
-   border: 1px solid #fff;
-   background: #000;
-   cursor: pointer;
-   position:absolute;
-   top:0;
-   left: 0;
-}
-.sp-slider {
-    position: absolute;
-    top:0;
-    cursor:pointer;
-    height: 3px;
-    left: -1px;
-    right: -1px;
-    border: 1px solid #000;
-    background: white;
-    opacity: .8;
-}
-
-/*
-Theme authors:
-Here are the basic themeable display options (colors, fonts, global widths).
-See http://bgrins.github.io/spectrum/themes/ for instructions.
-*/
-
-.sp-container {
-    border-radius: 0;
-    background-color: #ECECEC;
-    border: solid 1px #f0c49B;
-    padding: 0;
-}
-.sp-container, .sp-container button, .sp-container input, .sp-color, .sp-hue, .sp-clear {
-    font: normal 12px "Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Geneva, Verdana, sans-serif;
-    -webkit-box-sizing: border-box;
-    -moz-box-sizing: border-box;
-    -ms-box-sizing: border-box;
-    box-sizing: border-box;
-}
-.sp-top {
-    margin-bottom: 3px;
-}
-.sp-color, .sp-hue, .sp-clear {
-    border: solid 1px #666;
-}
-
-/* Input */
-.sp-input-container {
-    float:right;
-    width: 100px;
-    margin-bottom: 4px;
-}
-.sp-initial-disabled  .sp-input-container {
-    width: 100%;
-}
-.sp-input {
-   font-size: 12px !important;
-   border: 1px inset;
-   padding: 4px 5px;
-   margin: 0;
-   width: 100%;
-   background:transparent;
-   border-radius: 3px;
-   color: #222;
-}
-.sp-input:focus  {
-    border: 1px solid orange;
-}
-.sp-input.sp-validation-error {
-    border: 1px solid red;
-    background: #fdd;
-}
-.sp-picker-container , .sp-palette-container {
-    float:left;
-    position: relative;
-    padding: 10px;
-    padding-bottom: 300px;
-    margin-bottom: -290px;
-}
-.sp-picker-container {
-    width: 172px;
-    border-left: solid 1px #fff;
-}
-
-/* Palettes */
-.sp-palette-container {
-    border-right: solid 1px #ccc;
-}
-
-.sp-palette-only .sp-palette-container {
-    border: 0;
-}
-
-.sp-palette .sp-thumb-el {
-    display: block;
-    position:relative;
-    float:left;
-    width: 24px;
-    height: 15px;
-    margin: 3px;
-    cursor: pointer;
-    border:solid 2px transparent;
-}
-.sp-palette .sp-thumb-el:hover, .sp-palette .sp-thumb-el.sp-thumb-active {
-    border-color: orange;
-}
-.sp-thumb-el {
-    position:relative;
-}
-
-/* Initial */
-.sp-initial {
-    float: left;
-    border: solid 1px #333;
-}
-.sp-initial span {
-    width: 30px;
-    height: 25px;
-    border:none;
-    display:block;
-    float:left;
-    margin:0;
-}
-
-.sp-initial .sp-clear-display {
-    background-position: center;
-}
-
-/* Buttons */
-.sp-palette-button-container,
-.sp-button-container {
-    float: right;
-}
-
-/* Replacer (the little preview div that shows up instead of the <input>) */
-.sp-replacer {
-    margin:0;
-    overflow:hidden;
-    cursor:pointer;
-    padding: 4px;
-    display:inline-block;
-    *zoom: 1;
-    *display: inline;
-    border: solid 1px #91765d;
-    background: #eee;
-    color: #333;
-    vertical-align: middle;
-}
-.sp-replacer:hover, .sp-replacer.sp-active {
-    border-color: #F0C49B;
-    color: #111;
-}
-.sp-replacer.sp-disabled {
-    cursor:default;
-    border-color: silver;
-    color: silver;
-}
-.sp-dd {
-    padding: 2px 0;
-    height: 16px;
-    line-height: 16px;
-    float:left;
-    font-size:10px;
-}
-.sp-preview {
-    position:relative;
-    width:25px;
-    height: 20px;
-    border: solid 1px #222;
-    margin-right: 5px;
-    float:left;
-    z-index: 0;
-}
-
-.sp-palette {
-    *width: 220px;
-    max-width: 220px;
-}
-.sp-palette .sp-thumb-el {
-    width:16px;
-    height: 16px;
-    margin:2px 1px;
-    border: solid 1px #d0d0d0;
-}
-
-.sp-container {
-    padding-bottom:0;
-}
-
-
-/* Buttons: http://hellohappy.org/css3-buttons/ */
-.sp-container button {
-  background-color: #eeeeee;
-  background-image: -webkit-linear-gradient(top, #eeeeee, #cccccc);
-  background-image: -moz-linear-gradient(top, #eeeeee, #cccccc);
-  background-image: -ms-linear-gradient(top, #eeeeee, #cccccc);
-  background-image: -o-linear-gradient(top, #eeeeee, #cccccc);
-  background-image: linear-gradient(to bottom, #eeeeee, #cccccc);
-  border: 1px solid #ccc;
-  border-bottom: 1px solid #bbb;
-  border-radius: 3px;
-  color: #333;
-  font-size: 14px;
-  line-height: 1;
-  padding: 5px 4px;
-  text-align: center;
-  text-shadow: 0 1px 0 #eee;
-  vertical-align: middle;
-}
-.sp-container button:hover {
-    background-color: #dddddd;
-    background-image: -webkit-linear-gradient(top, #dddddd, #bbbbbb);
-    background-image: -moz-linear-gradient(top, #dddddd, #bbbbbb);
-    background-image: -ms-linear-gradient(top, #dddddd, #bbbbbb);
-    background-image: -o-linear-gradient(top, #dddddd, #bbbbbb);
-    background-image: linear-gradient(to bottom, #dddddd, #bbbbbb);
-    border: 1px solid #bbb;
-    border-bottom: 1px solid #999;
-    cursor: pointer;
-    text-shadow: 0 1px 0 #ddd;
-}
-.sp-container button:active {
-    border: 1px solid #aaa;
-    border-bottom: 1px solid #888;
-    -webkit-box-shadow: inset 0 0 5px 2px #aaaaaa, 0 1px 0 0 #eeeeee;
-    -moz-box-shadow: inset 0 0 5px 2px #aaaaaa, 0 1px 0 0 #eeeeee;
-    -ms-box-shadow: inset 0 0 5px 2px #aaaaaa, 0 1px 0 0 #eeeeee;
-    -o-box-shadow: inset 0 0 5px 2px #aaaaaa, 0 1px 0 0 #eeeeee;
-    box-shadow: inset 0 0 5px 2px #aaaaaa, 0 1px 0 0 #eeeeee;
-}
-.sp-cancel {
-    font-size: 11px;
-    color: #d93f3f !important;
-    margin:0;
-    padding:2px;
-    margin-right: 5px;
-    vertical-align: middle;
-    text-decoration:none;
-
-}
-.sp-cancel:hover {
-    color: #d93f3f !important;
-    text-decoration: underline;
-}
-
-
-.sp-palette span:hover, .sp-palette span.sp-thumb-active {
-    border-color: #000;
-}
-
-.sp-preview, .sp-alpha, .sp-thumb-el {
-    position:relative;
-    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAwAAAAMCAIAAADZF8uwAAAAGUlEQVQYV2M4gwH+YwCGIasIUwhT25BVBADtzYNYrHvv4gAAAABJRU5ErkJggg==);
-}
-.sp-preview-inner, .sp-alpha-inner, .sp-thumb-inner {
-    display:block;
-    position:absolute;
-    top:0;left:0;bottom:0;right:0;
-}
-
-.sp-palette .sp-thumb-inner {
-    background-position: 50% 50%;
-    background-repeat: no-repeat;
-}
-
-.sp-palette .sp-thumb-light.sp-thumb-active .sp-thumb-inner {
-    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAIVJREFUeNpiYBhsgJFMffxAXABlN5JruT4Q3wfi/0DsT64h8UD8HmpIPCWG/KemIfOJCUB+Aoacx6EGBZyHBqI+WsDCwuQ9mhxeg2A210Ntfo8klk9sOMijaURm7yc1UP2RNCMbKE9ODK1HM6iegYLkfx8pligC9lCD7KmRof0ZhjQACDAAceovrtpVBRkAAAAASUVORK5CYII=);
-}
-
-.sp-palette .sp-thumb-dark.sp-thumb-active .sp-thumb-inner {
-    background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABIAAAASCAYAAABWzo5XAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAadEVYdFNvZnR3YXJlAFBhaW50Lk5FVCB2My41LjEwMPRyoQAAAMdJREFUOE+tkgsNwzAMRMugEAahEAahEAZhEAqlEAZhEAohEAYh81X2dIm8fKpEspLGvudPOsUYpxE2BIJCroJmEW9qJ+MKaBFhEMNabSy9oIcIPwrB+afvAUFoK4H0tMaQ3XtlrggDhOVVMuT4E5MMG0FBbCEYzjYT7OxLEvIHQLY2zWwQ3D+9luyOQTfKDiFD3iUIfPk8VqrKjgAiSfGFPecrg6HN6m/iBcwiDAo7WiBeawa+Kwh7tZoSCGLMqwlSAzVDhoK+6vH4G0P5wdkAAAAASUVORK5CYII=);
-}
-
-.sp-clear-display {
-    background-repeat:no-repeat;
-    background-position: center;
-    background-image: url(data:image/gif;base64,R0lGODlhFAAUAPcAAAAAAJmZmZ2dnZ6enqKioqOjo6SkpKWlpaampqenp6ioqKmpqaqqqqurq/Hx8fLy8vT09PX19ff39/j4+Pn5+fr6+vv7+wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAP8ALAAAAAAUABQAAAihAP9FoPCvoMGDBy08+EdhQAIJCCMybCDAAYUEARBAlFiQQoMABQhKUJBxY0SPICEYHBnggEmDKAuoPMjS5cGYMxHW3IiT478JJA8M/CjTZ0GgLRekNGpwAsYABHIypcAgQMsITDtWJYBR6NSqMico9cqR6tKfY7GeBCuVwlipDNmefAtTrkSzB1RaIAoXodsABiZAEFB06gIBWC1mLVgBa0AAOw==);
-}

tools/generate_account_number.php

@@ -9,6 +9,8 @@
  * @link      https://my-aac.org
  */
 
+const IGNORE_SET_LAST_VISIT = true;
+
 // we need some functions
 require '../common.php';
 require SYSTEM . 'functions.php';

tools/signature/index.php

@@ -53,6 +53,9 @@
 		exit;
 	}
 
+	ensureFolderExists(SIGNATURES_CACHE);
+	ensureIndexExists(SIGNATURES_CACHE);
+
 	$cached = SIGNATURES_CACHE.$player->getId() . '.png';
 	if(file_exists($cached) && (time() < (filemtime($cached) + (60 * setting('core.signature_cache_time')))))
 	{

tools/status.php

@@ -1,4 +1,7 @@
 <?php
+
+const IGNORE_SET_LAST_VISIT = true;
+
 require '../common.php';
 require SYSTEM . 'init.php';
 require SYSTEM . 'functions.php';

tools/validate.php

@@ -12,6 +12,8 @@
 use MyAAC\CreateCharacter;
 use MyAAC\Models\Account;
 
+const IGNORE_SET_LAST_VISIT = true;
+
 // we need some functions
 require '../common.php';
 require SYSTEM . 'functions.php';