New images for vocations (+ added Monk)

For better handling of vocations
Monk is supported now

.github/workflows/cypress.yml

@@ -22,7 +22,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
+        php-versions: [ '8.1', '8.2', '8.3', '8.4', '8.5' ]
         ots: ['tfs-1.4', 'canary-3.1.2'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
     name: Cypress (PHP ${{ matrix.php-versions }}, ${{ matrix.ots }})
     steps:

.gitignore

@@ -4,7 +4,7 @@ Thumbs.db
 
 #
 /.htaccess
-lua
+/lua
 
 # composer
 composer.phar
@@ -24,6 +24,7 @@ releases
 tmp
 
 config.local.php
+config2.local.php
 
 # all custom templates
 templates/*

CHANGELOG-1.x.md

@@ -1,5 +1,34 @@
 # Changelog
 
+## [1.8.6 - 14.12.2025]
+
+### Added
+* Added hook for adding custom rules to validate new character name (https://github.com/slawkens/myaac/commit/8e6749c59984631288e8e9803819b2f0ff389761)
+
+### Fixed
+* Highscores: Fix ordering by different skills (Adjust order by desc: skill_tries, manaspent, experience) - More exact results (https://github.com/slawkens/myaac/commit/c86257e6dacbad773aa09c0958eeaa106a967f2d)
+* Fix exception shown on first install, when there is no vendor - Before it displayed 500 white page, now it display the exception (https://github.com/slawkens/myaac/commit/18a1178e4b93607a350259679e0366cb83fb4126)
+* Fix typo $up -> $down, in migration nr 7, was failing due that (https://github.com/slawkens/myaac/commit/fd74f01291d0e9cdb92ee1b95021c9d7b591ad7c)
+
+### Changed
+* Ini set html_errors = 0, to show html code in exceptions (https://github.com/slawkens/myaac/commit/9ed06782e67772826d927ad847a077b99df5060d)
+
+## [1.8.5 - 21.11.2025]
+
+### Added
+* New Setting: Account Countries Most Popular (https://github.com/slawkens/myaac/commit/946364f59d7cd01472877108ab27ec78fb28307a)
+
+### Changed
+* Status: Write to status-error.log if there is connection error (https://github.com/slawkens/myaac/commit/780d4ccef741c1dd45a00bfc121fba9f1a175313)
+* Settings: escapeHtml in values (support for html code) (https://github.com/slawkens/myaac/commit/5861efdbe900ccd35309913af0c0a5f3d4cdc1a8)
+* News Page: Don't display hidden news for admin - it's confusing (https://github.com/slawkens/myaac/commit/175e97828b9a08ec3080cc8d3fb4eb3f1c08649f)
+* Plugins System: Add plugin:remove + plugin:delete as alias for plugin:uninstall + plugin:activate/deactivate (https://github.com/slawkens/myaac/commit/6367054487368c92741bfd1dc7c70c52aea9ee87, https://github.com/slawkens/myaac/commit/baec6c9ebf5c342b3b2f7123427c6ba21dbb93bc)
+
+### Fixed
+* Status: Fix $status['uptimeReadable'], was totally wrong (https://github.com/slawkens/myaac/commit/0a6d44bf21417562491aabc93543a2bc3a44b2df)
+* Guilds: Detect "deletion" column in guilds show/delete (https://github.com/slawkens/myaac/commit/6775a061bebc9ff449522f0173556d4a7a44fa5e, https://github.com/slawkens/myaac/commit/603d860b56bc7418db09e206f40aa06d0682c00e)
+* General: Ensure some cache folders & index.html exists (https://github.com/slawkens/myaac/commit/730a0f29124811f525207c24c06eb0d088fa3434)
+
 ## [1.8.4 - 27.10.2025]
 
 ### Changed

CHANGELOG-2.x.md

@@ -0,0 +1,4 @@
+## [2.0-dev - x.x.2025]
+
+### Changed
+* Reworked account action logs to use single IP column as varchar(45) for both ipv4 and ipv6 (https://github.com/slawkens/myaac/pull/289)

admin/pages/accounts.php

@@ -9,6 +9,7 @@
  */
 
 use MyAAC\Models\Account as AccountModel;
+use MyAAC\Models\AccountAction;
 use MyAAC\Models\Player;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -481,9 +482,8 @@ else if (isset($_REQUEST['search'])) {
 									</thead>
 									<tbody>
 										<?php
-											$accountActions = \MyAAC\Models\AccountAction::where('account_id', $account->getId())->orderByDesc('date')->get();
+											$accountActions = AccountAction::where('account_id', $account->getId())->orderByDesc('date')->get();
 											foreach ($accountActions as $i => $log):
-												$log->ip = ($log->ip != 0 ? long2ip($log->ip) : inet_ntop($log->ipv6));
 												?>
 											<tr>
 												<td><?php echo $i + 1; ?></td>

admin/template/menus.php

@@ -60,7 +60,7 @@ usort($menus, function ($a, $b) {
 
 foreach ($menus as $i => $menu) {
 	if (isset($menu['link']) && is_array($menu['link'])) {
-		usort($menus[$i]['link'], function ($a, $b) {
+		usort($menu['link'], function ($a, $b) {
 			return $a['order'] - $b['order'];
 		});
 	}

admin/tools/settings_save.php

@@ -12,7 +12,7 @@ require SYSTEM . 'login.php';
 
 if(!admin()) {
 	http_response_code(500);
-	die('Access denied.');
+	die('You are not logged in. Probably session expired. Please login again.');
 }
 
 csrfProtect();
@@ -40,3 +40,6 @@ if (count($errors) > 0) {
 if ($success) {
 	echo 'Saved at ' . date('H:i');
 }
+else {
+	echo 'Something unexpected happened - it was impossible to save the settings, please try again later. If problem persists - contact MyAAC developers.';
+}

common.php

@@ -26,8 +26,8 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.8.4';
-const DATABASE_VERSION = 46;
+const MYAAC_VERSION = '2.0-dev';
+const DATABASE_VERSION = 47;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -148,16 +148,17 @@ if(!IS_CLI) {
 
 /** @var array $config */
 ini_set('log_errors', 1);
-if(@$config['env'] === 'dev' || defined('MYAAC_INSTALL')) {
-	ini_set('display_errors', 1);
-	ini_set('display_startup_errors', 1);
-	error_reporting(E_ALL);
-}
-else {
+if(isset($config['env']) && $config['env'] !== 'dev' && !defined('MYAAC_INSTALL')) {
 	ini_set('display_errors', 0);
 	ini_set('display_startup_errors', 0);
 	error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
 }
+else {
+	ini_set('html_errors', 0);
+	ini_set('display_errors', 1);
+	ini_set('display_startup_errors', 1);
+	error_reporting(E_ALL);
+}
 
 $autoloadFile = VENDOR . 'autoload.php';
 if (!is_file($autoloadFile)) {

install/includes/schema.sql

@@ -1,11 +1,11 @@
 CREATE TABLE IF NOT EXISTS `myaac_account_actions`
 (
+	`id` int NOT NULL AUTO_INCREMENT,
 	`account_id` int NOT NULL,
-	`ip` int unsigned NOT NULL DEFAULT 0,
-	`ipv6` binary(16) NOT NULL DEFAULT 0,
+	`ip` varchar(45) NOT NULL DEFAULT '',
 	`date` int NOT NULL DEFAULT 0,
 	`action` varchar(255) NOT NULL DEFAULT '',
-	KEY (`account_id`)
+	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE IF NOT EXISTS `myaac_account_emails_verify`

system/compat/config.php

@@ -5,8 +5,6 @@ $deprecatedConfig = [
 	'genders',
 	'template',
 	'template_allow_change',
-	'vocations_amount',
-	'vocations',
 	'client',
 	'session_prefix',
 	'friendly_urls',

system/functions.php

@@ -433,16 +433,22 @@ function delete_guild($id)
 		$rank_list->orderBy('level');
 
 		global $db;
+
+		$deletedColumn = 'deleted';
+		if ($db->hasColumn('players', 'deletion')) {
+			$deletedColumn = 'deletion';
+		}
+
 		/**
 		 * @var OTS_GuildRank $rank_in_guild
 		 */
 		foreach($rank_list as $rank_in_guild) {
 			if($db->hasTable('guild_members'))
-				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` ORDER BY `name`;');
+				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` AND `' . $deletedColumn . '` = 0 ORDER BY `name`;');
 			else if($db->hasTable('guild_membership'))
-				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_membership`.`rank_id` as `rank_id` FROM `players`, `guild_membership` WHERE `guild_membership`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_membership`.`player_id` ORDER BY `name`;');
+				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_membership`.`rank_id` as `rank_id` FROM `players`, `guild_membership` WHERE `guild_membership`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_membership`.`player_id` AND `' . $deletedColumn . '` = 0 ORDER BY `name`;');
 			else
-				$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank_in_guild->getId() . ' AND `deleted` = 0;');
+				$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank_in_guild->getId() . ' AND `' . $deletedColumn . '` = 0;');
 
 			$players_with_rank_number = $players_with_rank->rowCount();
 			if($players_with_rank_number > 0) {
@@ -1177,7 +1183,8 @@ function getTopPlayers($limit = 5, $skill = 'level') {
 	});
 }
 
-function deleteDirectory($dir, $ignore = array(), $contentOnly = false) {
+function deleteDirectory($dir, $ignore = array(), $contentOnly = false): bool
+{
 	if(!file_exists($dir)) {
 		return true;
 	}
@@ -1203,6 +1210,21 @@ function deleteDirectory($dir, $ignore = array(), $contentOnly = false) {
 	return rmdir($dir);
 }
 
+function ensureFolderExists($dir): void
+{
+	if (!file_exists($dir)) {
+		mkdir($dir, 0777, true);
+	}
+}
+
+function ensureIndexExists($dir): void
+{
+	$dir = rtrim($dir, '/');
+	if (!file_exists($file = $dir . '/index.html')) {
+		touch($file);
+	}
+}
+
 function config($key) {
 	global $config;
 	if (is_array($key)) {
@@ -1712,6 +1734,43 @@ function isCanary(): bool
 	return isset($vipSystemEnabled);
 }
 
+function getStatusUptimeReadable(int $uptime): string
+{
+	$fullMinute = 60;
+	$fullHour = (60 * $fullMinute);
+	$fullDay = (24 * $fullHour);
+	$fullMonth = (30 * $fullDay);
+	$fullYear = (365 * $fullDay);
+
+	// years
+	$years = floor($uptime / $fullYear);
+	$y = ($years > 1 ? "$years years, " : ($years == 1 ? 'year, ' : ''));
+
+	$uptime -= $years * $fullYear;
+
+	// months
+	$months = floor($uptime / $fullMonth);
+	$m = ($months > 1 ? "$months months, " : ($months == 1 ? 'month, ' : ''));
+
+	$uptime -= $months * $fullMonth;
+
+	// days
+	$days = floor($uptime / $fullDay);
+	$d = ($days > 1 ? "$days days, " : ($days == 1 ? 'day, ' : ''));
+
+	$uptime -= $days * $fullDay;
+
+	// hours
+	$hours = floor($uptime / $fullHour);
+
+	$uptime -= $hours * $fullHour;
+
+	// minutes
+	$min = floor($uptime / $fullMinute);
+
+	return "{$y}{$m}{$d}{$hours}h {$min}m";
+}
+
 // validator functions
 require_once SYSTEM . 'compat/base.php';
 

system/init.php

@@ -14,10 +14,14 @@ use MyAAC\CsrfToken;
 use MyAAC\Hooks;
 use MyAAC\Plugins;
 use MyAAC\Models\Town;
+use MyAAC\Server\XML\Vocations;
 use MyAAC\Settings;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
+ensureIndexExists(CACHE);
+ensureIndexExists(CACHE . 'twig/');
+
 global $config;
 if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
@@ -211,3 +215,5 @@ if (count($towns) <= 0) {
 
 config(['towns', $towns]);
 unset($towns);
+
+new Vocations();

system/libs/pot/OTS_Account.php

@@ -12,6 +12,8 @@
  * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
  */
 
+use MyAAC\Models\AccountAction;
+
 /**
  * OTServ account abstraction.
  *
@@ -1007,26 +1009,16 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
 	public function logAction($action)
 	{
-		$ip = get_browser_real_ip();
-		if(!str_contains($ip, ":")) {
-			$ipv6 = '0';
-		}
-		else {
-			$ipv6 = $ip;
-			$ip = '';
-		}
-
-		return $this->db->exec('INSERT INTO `' . TABLE_PREFIX . 'account_actions` (`account_id`, `ip`, `ipv6`, `date`, `action`) VALUES (' . $this->db->quote($this->getId()).', ' . ($ip == '' ? '0' : $this->db->quote(ip2long($ip))) . ', (' . ($ipv6 == '0' ? $this->db->quote('') : $this->db->quote(inet_pton($ipv6))) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
+		AccountAction::create([
+			'account_id' => $this->getId(),
+			'ip' => get_browser_real_ip(),
+			'date' => time(),
+			'action' => $action,
+		]);
 	}
 
-	public function getActionsLog($limit1, $limit2)
-	{
-		$actions = array();
-
-		foreach($this->db->query('SELECT `ip`, `ipv6`, `date`, `action` FROM `' . TABLE_PREFIX . 'account_actions` WHERE `account_id` = ' . $this->data['id'] . ' ORDER by `date` DESC LIMIT ' . $limit1 . ', ' . $limit2 . '')->fetchAll() as $a)
-			$actions[] = array('ip' => $a['ip'], 'ipv6' => $a['ipv6'], 'date' => $a['date'], 'action' => $a['action']);
-
-		return $actions;
+	public function getActionsLog($limit) {
+		return AccountAction::where('account_id', $this->data['id'])->orderByDesc('date')->limit($limit)->get()->toArray();
 	}
 /**
  * Returns players iterator.

system/libs/pot/OTS_DB_MySQL.php

@@ -26,6 +26,7 @@ use MyAAC\Cache\Cache;
  */
 class OTS_DB_MySQL extends OTS_Base_DB
 {
+	private bool $hasCacheChanged = false;
 	private array $has_table_cache = [];
 	private array $has_column_cache = [];
 	private array $get_column_info_cache = [];
@@ -164,7 +165,7 @@ class OTS_DB_MySQL extends OTS_Base_DB
 				$cache->delete('database_columns_info');
 				$cache->delete('database_checksum');
 			}
-			else {
+			else if ($this->hasCacheChanged) {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
 				$cache->set('database_columns_info', serialize($this->get_column_info_cache), 3600);
@@ -228,6 +229,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 
 	private function hasTableInternal($name): bool
 	{
+		$this->hasCacheChanged = true;
+
 		return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote(config('database_name')) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
 	}
 
@@ -241,6 +244,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 	}
 
 	private function hasColumnInternal($table, $column): bool {
+		$this->hasCacheChanged = true;
+
 		return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE " . $this->quote($column))->fetchAll()) > 0);
 	}
 
@@ -272,11 +277,14 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			return false;
 		}
 
+		$this->hasCacheChanged = true;
+
 		$formatResult = function ($result) {
 			return [
 				'field' => $result['Field'],
 				'type' => $result['Type'],
 				'null' => strtolower($result['Null']),
+				'key' => strtolower($result['Key'] ?? ''),
 				'default' => $result['Default'],
 				'extra' => $result['Extra'],
 			];

system/libs/pot/OTS_Player.php

@@ -852,13 +852,7 @@ class OTS_Player extends OTS_Row_DAO
 			throw new E_OTS_NotLoaded();
 		}
 
-		if(isset($this->data['promotion'])) {
-			global $config;
-			if((int)$this->data['promotion'] > 0)
-				return ($this->data['vocation'] + ($this->data['promotion'] * $config['vocations_amount']));
-		}
-
-		return $this->data['vocation'];
+		return \OTS_Toolbox::getVocationFromPromotion($this->data['vocation'], $this->data['promotion'] ?? 0);
 	}
 
 

system/libs/pot/OTS_ServerInfo.php

@@ -97,6 +97,8 @@ class OTS_ServerInfo
 			return new OTS_Buffer($data);
 		}
 
+		log_append('status-error.log', "Cannot connect to {$this->server}:{$this->port} - Error code: $error, message: $message");
+
 		return false;
 	}
 

system/libs/pot/OTS_Toolbox.php

@@ -13,6 +13,8 @@
  * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
  */
 
+use MyAAC\Server\XML\Vocations;
+
 /**
  * Toolbox for common operations.
  *
@@ -110,14 +112,21 @@ class OTS_Toolbox
 		$list->setFilter($filter);
 		return $list;
 	}
-
-	public static function getVocationName($id, $promotion = 0): string
+	public static function getVocationFromPromotion($id, $promotion = 0): int
 	{
 		if($promotion > 0) {
-			$id = ($id + ($promotion * config('vocations_amount')));
+			for ($i = 0; $i < $promotion; $i++) {
+				if ($_id = Vocations::getPromoted($id)) {
+					$id = $_id;
+				}
+			}
 		}
 
-		return config('vocations')[$id] ?? 'Unknown';
+		return $id;
+	}
+
+	public static function getVocationName($id, $promotion = 0): string {
+		return config('vocations')[self::getVocationFromPromotion($id, $promotion)] ?? 'Unknown';
 	}
 }
 

system/migrations/47.php

@@ -0,0 +1,42 @@
+<?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+// 2025-02-27
+// remove ipv6, change to ip (for both ipv4 + ipv6) as VARCHAR(45)
+$up = function () use ($db) {
+	$accountActionsInfo = $db->getColumnInfo(TABLE_PREFIX . 'account_actions', 'account_id');
+	if ($accountActionsInfo && is_array($accountActionsInfo) && $accountActionsInfo['key'] == 'pri') {
+		$db->query("ALTER TABLE `myaac_account_actions` DROP KEY `account_id`;");
+	}
+
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'id')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'id', 'INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`)');
+	}
+
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "VARCHAR(45) NOT NULL DEFAULT ''");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_NTOA(`ip`) WHERE `ip` != '0';");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET6_NTOA(`ipv6`) WHERE `ip` = '0';");
+
+	if ($db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'account_actions', 'id')) {
+		$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` DROP `id`;");
+	}
+
+	$db->query("ALTER TABLE  `" . TABLE_PREFIX . "account_actions` ADD KEY (`account_id`);");
+
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0x00000000000000000000000000000000 AFTER ip");
+	}
+
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ipv6` = INET6_ATON(ip) WHERE NOT IS_IPV4(`ip`);");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_ATON(`ip`) WHERE IS_IPV4(`ip`);");
+	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = 0 WHERE `ipv6` != 0x00000000000000000000000000000000;");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) UNSIGNED NOT NULL DEFAULT 0;");
+};

system/migrations/7.php

@@ -9,7 +9,7 @@ $up = function () use ($db) {
 	}
 };
 
-$up = function () use ($db) {
+$down = function () use ($db) {
 	if (!$db->hasColumn(TABLE_PREFIX . 'screenshots', 'name')) {
 		$db->addColumn(TABLE_PREFIX . 'screenshots', 'name', 'VARCHAR(30) NOT NULL');
 	}

system/pages/account/create.php

@@ -367,7 +367,7 @@ if(!empty($errors))
 
 if (setting('core.account_country')) {
 	$countries = array();
-	foreach (array('pl', 'se', 'br', 'us', 'gb') as $c)
+	foreach (setting('core.account_countries_most_popular') ?? [] as $c)
 		$countries[$c] = $config['countries'][$c];
 
 	$countries['--'] = '----------';

system/pages/account/manage.php

@@ -96,12 +96,8 @@ if($email_new_time > 1)
 	}
 }
 
-$actions = array();
-foreach($account_logged->getActionsLog(0, 1000) as $action) {
-	$actions[] = array('action' => $action['action'], 'date' => $action['date'], 'ip' => $action['ip'] != 0 ? long2ip($action['ip']) : inet_ntop($action['ipv6']));
-}
+$actions = $account_logged->getActionsLog(1000);
 
-$players = array();
 /** @var OTS_Players_List $account_players */
 $account_players = $account_logged->getPlayersList();
 $account_players->orderBy('id');

system/pages/characters.php

@@ -202,36 +202,38 @@ if($player->isLoaded() && !$player->isDeleted())
 		unset($storage);
 	}
 
-	if($db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
+	if ($db->hasTableAndColumns('player_items', ['pid', 'sid', 'itemtype'])) {
 		$eq_sql = $db->query('SELECT `pid`, `itemtype` FROM player_items WHERE player_id = '.$player->getId().' AND (`pid` >= 1 and `pid` <= 10)');
-		$equipment = array();
-		foreach($eq_sql as $eq)
+		$equipment = [];
+		foreach($eq_sql as $eq) {
 			$equipment[$eq['pid']] = $eq['itemtype'];
+		}
 
-		$empty_slots = array("", "no_helmet", "no_necklace", "no_backpack", "no_armor", "no_handleft", "no_handright", "no_legs", "no_boots", "no_ring", "no_ammo");
-		for($i = 0; $i <= 10; $i++)
-		{
+		$empty_slots = ["", "no_helmet", "no_necklace", "no_backpack", "no_armor", "no_handleft", "no_handright", "no_legs", "no_boots", "no_ring", "no_ammo"];
+
+		for($i = 0; $i <= 10; $i++) {
 			if(!isset($equipment[$i]) || $equipment[$i] == 0)
 				$equipment[$i] = $empty_slots[$i];
 		}
 
-		for($i = 1; $i < 11; $i++)
-		{
-			if(Validator::number($equipment[$i]))
+		for($i = 1; $i < 11; $i++) {
+			if(Validator::number($equipment[$i])) {
 				$equipment[$i] = getItemImage($equipment[$i]);
-			else
+			}
+			else {
 				$equipment[$i] = '<img src="images/items/' . $equipment[$i] . '.gif" width="32" height="32" border="0" alt=" ' . $equipment[$i] . '" />';
+			}
 		}
-
-		$skulls = array(
-			1 => 'yellow_skull',
-			2 => 'green_skull',
-			3 => 'white_skull',
-			4 => 'red_skull',
-			5 => 'black_skull'
-		);
 	}
 
+	$skulls = [
+		1 => 'yellow_skull',
+		2 => 'green_skull',
+		3 => 'white_skull',
+		4 => 'red_skull',
+		5 => 'black_skull',
+	];
+
 	$dead_add_content = '';
 	$deaths = array();
 	if($db->hasTable('killers')) {
@@ -450,10 +452,8 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 	if($query->rowCount() > 0) {
 		echo 'Did you mean:<ul>';
 		foreach($query as $player) {
-			if(isset($player['promotion'])) {
-				if((int)$player['promotion'] > 0)
-					$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
-			}
+			$player['vocation'] = OTS_Toolbox::getVocationFromPromotion($player['vocation'], $player['promotion'] ?? 0);
+
 			echo '<li>' . getPlayerLink($player['name']) . ' (<small><strong>level ' . $player['level'] . ', ' . $config['vocations'][$player['vocation']] . '</strong></small>)</li>';
 		}
 		echo '</ul>';

system/pages/guilds/create.php

@@ -22,7 +22,7 @@ if(!$logged) {
 }
 
 $configLuaFreePremium = configLua('freePremium');
-$freePremium = (isset($configLuaFreePremium) && getBoolean($configLuaFreePremium)) || ($logged && $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS);
+$freePremium = (isset($configLuaFreePremium) && getBoolean($configLuaFreePremium));
 
 $array_of_player_nig = array();
 if(empty($errors))

system/pages/guilds/show.php

@@ -91,13 +91,18 @@ $guild_owner = $guild->getOwner();
 if($guild_owner->isLoaded())
 	$guild_owner_name = $guild_owner->getName();
 
+$deletedColumn = 'deleted';
+if ($db->hasColumn('players', 'deletion')) {
+	$deletedColumn = 'deletion';
+}
+
 $guild_members = array();
 foreach($rank_list as $rank)
 {
 	if($db->hasTable(GUILD_MEMBERS_TABLE))
-		$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `' . GUILD_MEMBERS_TABLE . '`.`rank_id` as `rank_id` FROM `players`, `' . GUILD_MEMBERS_TABLE . '` WHERE `' . GUILD_MEMBERS_TABLE . '`.`rank_id` = ' . $rank->getId() . ' AND `players`.`id` = `' . GUILD_MEMBERS_TABLE . '`.`player_id` ORDER BY `name`;');
+		$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `' . GUILD_MEMBERS_TABLE . '`.`rank_id` as `rank_id` FROM `players`, `' . GUILD_MEMBERS_TABLE . '` WHERE `' . GUILD_MEMBERS_TABLE . '`.`rank_id` = ' . $rank->getId() . ' AND `players`.`id` = `' . GUILD_MEMBERS_TABLE . '`.`player_id` AND `' . $deletedColumn . '` = 0 ORDER BY `name`;');
 	else if($db->hasColumn('players', 'rank_id'))
-		$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank->getId() . ' AND `deleted` = 0;');
+		$players_with_rank = $db->query('SELECT `id`, `rank_id` FROM `players` WHERE `rank_id` = ' . $rank->getId() . ' AND `' . $deletedColumn . '` = 0;');
 
 	$players_with_rank_number = $players_with_rank->rowCount();
 	if($players_with_rank_number > 0)

system/pages/highscores.php

@@ -13,6 +13,7 @@ use MyAAC\Cache\Cache;
 use MyAAC\Models\Player;
 use MyAAC\Models\PlayerDeath;
 use MyAAC\Models\PlayerKillers;
+use MyAAC\Server\XML\Vocations;
 
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Highscores';
@@ -35,24 +36,20 @@ if(!is_numeric($page) || $page < 1 || $page > PHP_INT_MAX) {
 $query = Player::query();
 
 $configVocations = config('vocations');
-$configVocationsAmount = config('vocations_amount');
 
 $vocationId = null;
 if($vocation !== 'all') {
 	foreach($configVocations as $id => $name) {
 		if(strtolower($name) == $vocation) {
 			$vocationId = $id;
-			$add_vocs = [$id];
+			$filterVocations = [$id];
 
-			if ($id !== 0) {
-				$i = $id + $configVocationsAmount;
-				while (isset($configVocations[$i])) {
-					$add_vocs[] = $i;
-					$i += $configVocationsAmount;
-				}
+			while($tmpVoc = Vocations::getPromoted($id)) {
+				$id = $tmpVoc;
+				$filterVocations[] = $tmpVoc;
 			}
 
-			$query->whereIn('players.vocation', $add_vocs);
+			$query->whereIn('players.vocation', $filterVocations);
 			break;
 		}
 	}
@@ -176,7 +173,9 @@ if (empty($highscores)) {
 				POT::SKILL_FISH => 'skill_fishing',
 			);
 
-			$query->addSelect($skill_ids[$skill] . ' as value');
+			$query
+				->addSelect($skill_ids[$skill] . ' as value')
+				->orderByDesc($skill_ids[$skill] . '_tries');
 		} else {
 			$query
 				->join('player_skills', 'player_skills.player_id', '=', 'players.id')
@@ -198,11 +197,11 @@ if (empty($highscores)) {
 		if ($skill == POT::SKILL__MAGLEVEL) {
 			$query
 				->addSelect('players.maglevel as value', 'players.maglevel')
-				->orderBy('manaspent');
+				->orderByDesc('manaspent');
 		} else { // level
 			$query
 				->addSelect('players.level as value', 'players.experience')
-				->orderBy('experience');
+				->orderByDesc('experience');
 			$list = 'experience';
 		}
 	}
@@ -323,4 +322,5 @@ $twig->display('highscores.html.twig', [
 	'page' => $page,
 	'baseLink' => $baseLink,
 	'updatedAt' => $updatedAt,
+	'baseVocations' => Vocations::getBase(true),
 ]);

system/pages/news.php

@@ -122,7 +122,7 @@ if(!$news_cached)
 		);
 	}
 
-	$tickers_db = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . TICKER .($canEdit ? '' : ' AND `hide` != 1') .' ORDER BY `date` DESC LIMIT ' . setting('core.news_ticker_limit'));
+	$tickers_db = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . TICKER . ' AND `hide` != 1 ORDER BY `date` DESC LIMIT ' . setting('core.news_ticker_limit'));
 	$tickers_content = '';
 	if($tickers_db->rowCount() > 0)
 	{
@@ -142,7 +142,8 @@ if(!$news_cached)
 	if($cache->enabled() && !$canEdit)
 		$cache->set('news_' . $template_name . '_' . TICKER, $tickers_content, 60 * 60);
 
-	$featured_article_db =$db->query('SELECT `id`, `title`, `article_text`, `article_image`, `hide` FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . ARTICLE . ($canEdit ? '' : ' AND `hide` != 1') .' ORDER BY `date` DESC LIMIT 1');
+	$featured_article_db =$db->query('SELECT `id`, `title`, `article_text`, `article_image`, `hide` FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . ARTICLE . ' AND `hide` != 1 ORDER BY `date` DESC LIMIT 1');
+
 	$article = '';
 	if($featured_article_db->rowCount() > 0) {
 		$article = $featured_article_db->fetch();
@@ -175,7 +176,7 @@ else {
 if(!$news_cached)
 {
 	ob_start();
-	$newses = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news') . ' WHERE type = ' . NEWS . ($canEdit ? '' : ' AND hide != 1') . ' ORDER BY date' . ' DESC LIMIT ' . setting('core.news_limit'));
+	$newses = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news') . ' WHERE type = ' . NEWS . ' AND hide != 1 ORDER BY date' . ' DESC LIMIT ' . setting('core.news_limit'));
 	if($newses->rowCount() > 0)
 	{
 		foreach($newses as $news)

system/pages/online.php

@@ -12,6 +12,7 @@
 use MyAAC\Cache\Cache;
 use MyAAC\Models\ServerConfig;
 use MyAAC\Models\ServerRecord;
+use MyAAC\Server\XML\Vocations;
 
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Who is online?';
@@ -56,15 +57,14 @@ $cached = Cache::remember("online_$order", setting('core.online_cache_ttl') * 60
 
 	$vocations = array_map(function ($name) {
 		return 0;
-	}, setting('core.vocations'));
+	}, config('vocations'));
 
 	if($db->hasTable('players_online')) // tfs 1.0
 		$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $orderSql);
 	else
 		$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $orderSql);
 
-	$settingVocations = setting('core.vocations');
-	$settingVocationsAmount = setting('core.vocations_amount');
+	$configVocations = config('vocations');
 
 	$players = [];
 	foreach($playersOnline as $player) {
@@ -81,22 +81,19 @@ $cached = Cache::remember("online_$order", setting('core.online_cache_ttl') * 60
 			}
 		}
 
-		if(isset($player['promotion'])) {
-			if((int)$player['promotion'] > 0)
-				$player['vocation'] += ($player['promotion'] * $settingVocationsAmount);
-		}
+		$player['vocation'] = OTS_Toolbox::getVocationFromPromotion($player['vocation'], $player['promotion'] ?? 0);
 
 		$players[] = array(
 			'name' => getPlayerLink($player['name']),
 			'player' => $player,
 			'level' => $player['level'],
-			'vocation' => $settingVocations[$player['vocation']],
+			'vocation' => $configVocations[$player['vocation']],
 			'skull' => $skull,
 			'country_image' => getFlagImage($player['country']),
 			'outfit' => setting('core.outfit_images_url') . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'],
 		);
 
-		$vocations[($player['vocation'] > $settingVocationsAmount ? $player['vocation'] - $settingVocationsAmount : $player['vocation'])]++;
+		$vocations[Vocations::getOriginal($player['vocation'])]++;
 	}
 
 	$record = '';
@@ -142,6 +139,7 @@ $twig->display('online.html.twig', array(
 	'vocations' => $cached['vocations'],
 	'vocs' => $cached['vocations'], // deprecated, to be removed
 	'order' => $order,
+	'baseVocations' => Vocations::getBase(false),
 ));
 
 // search bar

system/settings.php

@@ -219,7 +219,14 @@ return [
 		'cache_engine' => [
 			'name' => 'Cache Engine',
 			'type' => 'options',
-			'options' => ['auto' => 'Auto', 'file' => 'Files', 'apc' => 'APC', 'apcu' => 'APCu', 'disable' => 'Disable'],
+			'options' => [
+				'auto' => 'Auto',
+				'file' => 'Files',
+				'apc' => 'APC',
+				'apcu' => 'APCu',
+				'php' => 'PHP',
+				'disable' => 'Disable',
+			],
 			'desc' => 'Auto is most reasonable. It will detect the best cache engine',
 			'default' => 'auto',
 			'is_config' => true,
@@ -312,23 +319,6 @@ return [
 				},
 			],
 		],
-		'vocations_amount' => [
-			'name' => 'Vocations Amount',
-			'type' => 'number',
-			'desc' => 'How much basic vocations your server got (without promotion)',
-			'default' => 4,
-		],
-		'vocations' => [
-			'name' => 'Vocation Names',
-			'type' => 'textarea',
-			'desc' => 'Separated by comma. Must be in the same order as in vocations.xml, starting with id: 0.',
-			'default' => 'None, Sorcerer, Druid, Paladin, Knight, Master Sorcerer, Elder Druid,Royal Paladin, Elite Knight',
-			'callbacks' => [
-				'get' => function ($value) {
-					return array_map('trim', explode(',', $value));
-				},
-			],
-		],
 		[
 			'type' => 'category',
 			'title' => 'Database',
@@ -737,6 +727,18 @@ Sent by MyAAC,<br/>
 			'desc' => 'should country of user be automatically recognized by his IP? This makes an external API call to http://ipinfo.io',
 			'default' => true,
 		],
+		'account_countries_most_popular' => [
+			'name' => 'Account Countries Most Popular',
+			'type' => 'text',
+			'desc' => 'Those countries will be display at the top of the list on the create account page. The short codes of countries can be found in file <i>system/countries.conf.php</i>',
+			'default' => 'pl,se,br,us,gb',
+			'callbacks' => [
+				'get' => function ($value) {
+					$tmp = array_map('trim', explode(',', $value));
+					return array_filter($tmp, function ($v) {return !empty($v); });
+				},
+			],
+		],
 		'characters_per_account' => [
 			'name' => 'Characters per Account',
 			'type' => 'number',

system/src/Cache/APC.php

@@ -13,8 +13,8 @@ namespace MyAAC\Cache;
 
 class APC
 {
-	private $prefix;
-	private $enabled;
+	private string $prefix;
+	private bool $enabled;
 
 	public function __construct($prefix = '')
 	{
@@ -22,14 +22,14 @@ class APC
 		$this->enabled = function_exists('apc_fetch');
 	}
 
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$key = $this->prefix . $key;
 		apc_delete($key);
 		apc_store($key, $var, $ttl);
 	}
 
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($this->prefix . $key, $tmp)) {
@@ -39,18 +39,15 @@ class APC
 		return '';
 	}
 
-	public function fetch($key, &$var)
-	{
+	public function fetch($key, &$var): bool {
 		return ($var = apc_fetch($this->prefix . $key)) !== false;
 	}
 
-	public function delete($key)
-	{
+	public function delete($key): void {
 		apc_delete($this->prefix . $key);
 	}
 
-	public function enabled()
-	{
+	public function enabled(): bool {
 		return $this->enabled;
 	}
 }

system/src/Cache/APCu.php

@@ -13,8 +13,8 @@ namespace MyAAC\Cache;
 
 class APCu
 {
-	private $prefix;
-	private $enabled;
+	private string $prefix;
+	private bool $enabled;
 
 	public function __construct($prefix = '')
 	{
@@ -22,14 +22,14 @@ class APCu
 		$this->enabled = function_exists('apcu_fetch');
 	}
 
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$key = $this->prefix . $key;
 		apcu_delete($key);
 		apcu_store($key, $var, $ttl);
 	}
 
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($this->prefix . $key, $tmp)) {
@@ -39,18 +39,15 @@ class APCu
 		return '';
 	}
 
-	public function fetch($key, &$var)
-	{
+	public function fetch($key, &$var): bool {
 		return ($var = apcu_fetch($this->prefix . $key)) !== false;
 	}
 
-	public function delete($key)
-	{
+	public function delete($key): void {
 		apcu_delete($this->prefix . $key);
 	}
 
-	public function enabled()
-	{
+	public function enabled(): bool {
 		return $this->enabled;
 	}
 }

system/src/Cache/Cache.php

@@ -83,7 +83,7 @@ class Cache
 	/**
 	 * @return string
 	 */
-	public static function detect()
+	public static function detect(): string
 	{
 		if (function_exists('apc_fetch'))
 			return 'apc';
@@ -98,8 +98,7 @@ class Cache
 	/**
 	 * @return bool
 	 */
-	public function enabled()
-	{
+	public function enabled(): bool {
 		return false;
 	}
 

system/src/Cache/File.php

@@ -12,18 +12,22 @@ namespace MyAAC\Cache;
 
 class File
 {
-	private $prefix;
-	private $dir;
-	private $enabled;
+	private string $prefix;
+	private string $dir;
+	private bool $enabled;
 
 	public function __construct($prefix = '', $dir = '')
 	{
 		$this->prefix = $prefix;
 		$this->dir = $dir;
+
+		ensureFolderExists($this->dir);
+		ensureIndexExists($this->dir);
+
 		$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
 	}
 
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$file = $this->_name($key);
 		file_put_contents($file, $var);
@@ -35,7 +39,7 @@ class File
 		touch($file, time() + $ttl);
 	}
 
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($key, $tmp)) {
@@ -45,7 +49,7 @@ class File
 		return '';
 	}
 
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool
 	{
 		$file = $this->_name($key);
 		if (!file_exists($file) || filemtime($file) < time()) {
@@ -56,7 +60,7 @@ class File
 		return true;
 	}
 
-	public function delete($key)
+	public function delete($key): void
 	{
 		$file = $this->_name($key);
 		if (file_exists($file)) {
@@ -64,13 +68,11 @@ class File
 		}
 	}
 
-	public function enabled()
-	{
+	public function enabled(): bool {
 		return $this->enabled;
 	}
 
-	private function _name($key)
-	{
+	private function _name($key): string {
 		return sprintf('%s%s%s', $this->dir, $this->prefix, sha1($key));
 	}
 }

system/src/Cache/PHP.php

@@ -12,36 +12,40 @@ namespace MyAAC\Cache;
 
 class PHP
 {
-	private $prefix;
-	private $dir;
-	private $enabled;
+	private string $prefix;
+	private string $dir;
+	private bool $enabled;
 
 	public function __construct($prefix = '', $dir = '')
 	{
 		$this->prefix = $prefix;
 		$this->dir = $dir;
+
+		ensureFolderExists($this->dir);
+		ensureIndexExists($this->dir);
+
 		$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
 	}
 
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$var = var_export($var, true);
 
-		// Write to temp file first to ensure atomicity
-		$tmp = $this->dir . "tmp_$key." . uniqid('', true) . '.tmp';
-		file_put_contents($tmp, '<?php $var = ' . $var . ';', LOCK_EX);
-
-		$file = $this->_name($key);
-		rename($tmp, $file);
-
 		if ($ttl === 0) {
 			$ttl = 365 * 24 * 60 * 60; // 365 days
 		}
 
-		touch($file, time() + $ttl);
+		$expires = time() + $ttl;
+
+		// Write to temp file first to ensure atomicity
+		$tmp = $this->dir . "tmp_$key." . uniqid('', true) . '.tmp';
+		file_put_contents($tmp, "<?php return ['expires' => $expires, 'var' => $var];", LOCK_EX);
+
+		$file = $this->_name($key);
+		rename($tmp, $file);
 	}
 
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($key, $tmp)) {
@@ -51,19 +55,23 @@ class PHP
 		return '';
 	}
 
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool
 	{
 		$file = $this->_name($key);
-		if (!file_exists($file) || filemtime($file) < time()) {
+		if (!file_exists($file)) {
 			return false;
 		}
 
-		@include $file;
-		$var = isset($var) ? $var : null;
+		$content = include $file;
+		if (!isset($content) || $content['expires'] < time()) {
+			return false;
+		}
+
+		$var = $content['var'];
 		return true;
 	}
 
-	public function delete($key)
+	public function delete($key): void
 	{
 		$file = $this->_name($key);
 		if (file_exists($file)) {
@@ -71,13 +79,11 @@ class PHP
 		}
 	}
 
-	public function enabled()
-	{
+	public function enabled(): bool {
 		return $this->enabled;
 	}
 
-	private function _name($key)
-	{
+	private function _name($key): string {
 		return sprintf('%s%s%s', $this->dir, $this->prefix, sha1($key) . '.php');
 	}
 }

system/src/Cache/XCache.php

@@ -13,8 +13,8 @@ namespace MyAAC\Cache;
 
 class XCache
 {
-	private $prefix;
-	private $enabled;
+	private string $prefix;
+	private bool $enabled;
 
 	public function __construct($prefix = '')
 	{
@@ -22,14 +22,14 @@ class XCache
 		$this->enabled = function_exists('xcache_get') && ini_get('xcache.var_size');
 	}
 
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$key = $this->prefix . $key;
 		xcache_unset($key);
 		xcache_set($key, $var, $ttl);
 	}
 
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($this->prefix . $key, $tmp)) {
@@ -39,7 +39,7 @@ class XCache
 		return '';
 	}
 
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool
 	{
 		$key = $this->prefix . $key;
 		if (!xcache_isset($key)) {
@@ -50,13 +50,11 @@ class XCache
 		return true;
 	}
 
-	public function delete($key)
-	{
+	public function delete($key): void {
 		xcache_unset($this->prefix . $key);
 	}
 
-	public function enabled()
-	{
+	public function enabled(): bool {
 		return $this->enabled;
 	}
 }

system/src/Commands/PluginDisableCommand.php

@@ -13,6 +13,7 @@ class PluginDisableCommand extends Command
 	protected function configure(): void
 	{
 		$this->setName('plugin:disable')
+			->setAliases(['plugin:deactivate'])
 			->setDescription('This command disables plugin')
 			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to disable');
 	}

system/src/Commands/PluginEnableCommand.php

@@ -13,6 +13,7 @@ class PluginEnableCommand extends Command
 	protected function configure(): void
 	{
 		$this->setName('plugin:enable')
+			->setAliases(['plugin:activate'])
 			->setDescription('This command enables plugin')
 			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to enable');
 	}

system/src/Commands/PluginUninstallCommand.php

@@ -13,6 +13,7 @@ class PluginUninstallCommand extends Command
 	protected function configure(): void
 	{
 		$this->setName('plugin:uninstall')
+			->setAliases(['plugin:remove', 'plugin:delete'])
 			->setDescription('This command uninstalls plugin')
 			->addArgument('plugin-name', InputArgument::REQUIRED, 'Plugin that you want to uninstall');
 	}

system/src/Items.php

@@ -76,10 +76,11 @@ class Items
 
 	public static function get($id) {
 		self::load();
-		return isset(self::$items[$id]) ? self::$items[$id] : [];
+		return self::$items[$id] ?? [];
 	}
 
-	public static function getDescription($id, $count = 1) {
+	public static function getDescription($id, $count = 1): string
+	{
 		$item = self::get($id);
 
 		$attr = $item['attributes'];
@@ -112,15 +113,15 @@ class Items
 			$s .= 'an item of type ' . $item['id'];
 
 		if(isset($attr['type']) && strtolower($attr['type']) == 'rune') {
-			$item = Spell::where('item_id', $id)->first();
-			if($item) {
-				if($item->level > 0 && $item->maglevel > 0) {
-					$s .= '. ' . ($count > 1 ? "They" : "It") . ' can only be used by ';
+			$spell = Spell::where('item_id', $id)->first();
+			if($spell) {
+				if($spell->level > 0 && $spell->maglevel > 0) {
+					$s .= '. ' . ($count > 1 ? 'They' : 'It') . ' can only be used by ';
 				}
 
 				$configVocations = config('vocations');
-				if(!empty(trim($item->vocations))) {
-					$vocations = json_decode($item->vocations);
+				if(!empty(trim($spell->vocations))) {
+					$vocations = json_decode($spell->vocations);
 					if(count($vocations) > 0) {
 						foreach($vocations as $voc => $show) {
 							$vocations[$configVocations[$voc]] = $show;
@@ -133,8 +134,39 @@ class Items
 
 				$s .= ' with';
 
+				if ($spell->level > 0) {
+					$s .= ' level ' . $spell->level;
+				}
+
+				if ($spell->maglevel > 0) {
+					if ($spell->level > 0) {
+						$s .= ' and';
+					}
+
+					$s .= ' magic level ' . $spell->maglevel;
+				}
+
+				$s .= ' or higher';
 			}
 		}
+
+		if (!empty($item['weaponType'])) {
+			if ($item['weaponType'] == 'distance' && isset($item['ammoType'])) {
+				$s .= ' (Range:' . $item['range'];
+			}
+
+			if (isset($item['attack']) && $item['attack'] != 0) {
+				$s .= ', Atk ' . ($item['attack'] > 0 ? '+' . $item['attack'] : '-' . $item['attack']);
+			}
+
+			if (isset($item['hitChance']) && $item['hitChance'] != -1) {
+				$s .= ', Hit% ' . ($item['hitChance'] > 0 ? '+' . $item['hitChance'] : '-' . $item['hitChance']);
+			}
+			elseif ($item['weaponType'] != 'ammo') {
+				
+			}
+		}
+
 		return $s;
 	}
 }

system/src/Models/AccountAction.php

@@ -9,6 +9,6 @@ class AccountAction extends Model {
 
 	public $timestamps = false;
 
-	protected $fillable = ['account_id', 'ip', 'ipv6', 'date', 'action'];
+	protected $fillable = ['account_id', 'ip', 'date', 'action'];
 
 }

system/src/Models/Player.php

@@ -46,14 +46,8 @@ class Player extends Model {
 		});
 	}
 
-	public function getVocationNameAttribute()
-	{
-		$vocation = $this->vocation;
-		if (isset($this->promotion) && $this->promotion > 0) {
-			$vocation += ($this->promotion * setting('core.vocations_amount'));
-		}
-
-		return config('vocations')[$vocation] ?? 'Unknown';
+	public function getVocationNameAttribute() {
+		return \OTS_Toolbox::getVocationName($this->vocation, $this->promotion ?? 0);
 	}
 
 	public function getIsDeletedAttribute()

system/src/Plugins.php

@@ -513,6 +513,9 @@ class Plugins {
 			return false;
 		}
 
+		ensureFolderExists($cachePlugins = CACHE . 'plugins');
+		ensureIndexExists($cachePlugins);
+
 		self::$error = 'There was a problem with extracting zip archive.';
 		$file_name = $plugin_temp_dir . $json_file;
 		if(!file_exists($file_name)) {
@@ -549,21 +552,21 @@ class Plugins {
 		if(isset($plugin_json['require'])) {
 			$require = $plugin_json['require'];
 
-			$myaac_satified = true;
+			$myaac_satisfied = true;
 			if(isset($require['myaac_'])) {
 				$require_myaac = $require['myaac_'];
 				if(!Semver::satisfies(MYAAC_VERSION, $require_myaac)) {
-					$myaac_satified = false;
+					$myaac_satisfied = false;
 				}
 			}
 			else if(isset($require['myaac'])) {
 				$require_myaac = $require['myaac'];
 				if(version_compare(MYAAC_VERSION, $require_myaac, '<')) {
-					$myaac_satified = false;
+					$myaac_satisfied = false;
 				}
 			}
 
-			if(!$myaac_satified) {
+			if(!$myaac_satisfied) {
 				self::$error = "Your AAC version doesn't meet the requirement of this plugin. Required version is: " . $require_myaac . ", and you're using version " . MYAAC_VERSION . ".";
 				return false;
 			}

system/src/Server/XML/Vocations.php

@@ -0,0 +1,93 @@
+<?php
+
+namespace MyAAC\Server\XML;
+
+use MyAAC\Cache\Cache;
+
+class Vocations
+{
+	private static array $vocations;
+	private static array $vocationsFrom;
+
+	public function __construct()
+	{
+		$cached = Cache::remember('vocations', 10 * 60, function () {
+			$this->load();
+			$from = $this->getFrom();
+
+			$amount = 0;
+			foreach ($from as $vocId => $fromVocation) {
+				if ($vocId != 0 && $vocId == $fromVocation) {
+					$amount++;
+				}
+			}
+
+			return ['vocations' => $this->get(), 'vocationsFrom' => $from, 'amount' => $amount];
+		});
+
+		self::$vocations = $cached['vocations'];
+		self::$vocationsFrom = $cached['vocationsFrom'];
+
+		config(['vocations', self::$vocations]);
+		config(['vocations_amount', $cached['amount']]);
+	}
+
+	public function load(): void
+	{
+		if(!class_exists('DOMDocument')) {
+			throw new \RuntimeException('Please install PHP xml extension. MyAAC will not work without it.');
+		}
+
+		$vocationsXML = new \DOMDocument();
+		$file = config('data_path') . 'XML/vocations.xml';
+		if(!@file_exists($file)) {
+			$file = config('data_path') . 'vocations.xml';
+		}
+
+		if(!$vocationsXML->load($file)) {
+			throw new \RuntimeException('ERROR: Cannot load <i>vocations.xml</i> - the file is malformed. Check the file with xml syntax validator.');
+		}
+
+		foreach($vocationsXML->getElementsByTagName('vocation') as $vocation) {
+			$id = $vocation->getAttribute('id');
+
+			self::$vocations[$id] = $vocation->getAttribute('name');
+
+			$fromVocation = (int) $vocation->getAttribute('fromvoc');
+			self::$vocationsFrom[$id] = $fromVocation;
+		}
+	}
+
+	public static function get(): array {
+		return self::$vocations;
+	}
+
+	public static function getFrom(): array {
+		return self::$vocationsFrom;
+	}
+
+	public static function getPromoted(int $id): ?int {
+		foreach (self::$vocationsFrom as $vocId => $fromVocation) {
+			if ($id == $fromVocation && $vocId != $id) {
+				return $vocId;
+			}
+		}
+
+		return null;
+	}
+
+	public static function getOriginal(int $id): ?int {
+		return self::$vocationsFrom[$id] ?? null;
+	}
+
+	public static function getBase($includingRook = true): array {
+		$vocations = [];
+		foreach (self::$vocationsFrom as $vocId => $fromVoc) {
+			if ($vocId == $fromVoc && ($vocId != 0 || $includingRook)) {
+				$vocations[] = $vocId;
+			}
+		}
+
+		return $vocations;
+	}
+}

system/src/Settings.php

@@ -248,7 +248,7 @@ class Settings implements \ArrayAccess
 						echo '<div class="input-group" id="show-hide-' . $key . '">';
 					}
 
-					echo '<input class="form-control" type="' . $setting['type'] . '" name="settings[' . $key . ']" value="' . ($settingsDb[$key] ?? ($setting['default'] ?? '')) . '" id="' . $key . '"' . $min . $max . $step . '/>';
+					echo '<input class="form-control" type="' . $setting['type'] . '" name="settings[' . $key . ']" value="' . escapeHtml($settingsDb[$key] ?? ($setting['default'] ?? '')) . '" id="' . $key . '"' . $min . $max . $step . '/>';
 
 					if ($setting['type'] === 'password') {
 						echo '<div class="input-group-append input-group-text"><a href=""><i class="fas fa-eye-slash" ></i></a></div></div>';
@@ -266,7 +266,7 @@ class Settings implements \ArrayAccess
 					if ($rows < 2) {
 						$rows = 2; // always min 2 rows for textarea
 					}
-					echo '<textarea class="form-control" rows="' . $rows . '" name="settings[' . $key . ']" id="' . $key . '">' . $value . '</textarea>';
+					echo '<textarea class="form-control" rows="' . $rows . '" name="settings[' . $key . ']" id="' . $key . '">' . escapeHtml($value) . '</textarea>';
 				}
 
 				else if ($setting['type'] === 'options') {

system/src/Validator.php

@@ -342,6 +342,16 @@ class Validator
 			}
 		}
 
+		global $hooks;
+
+		$params = ['name' => $name, 'error' => ''];
+		$hooks->triggerFilter(HOOK_FILTER_VALIDATE_CHARACTER_NEW_NAME, $params);
+
+		if (!empty($params['error'])) {
+			self::$lastError = $params['error'];
+			return false;
+		}
+
 		return true;
 	}
 

system/src/global.php

@@ -108,6 +108,7 @@ define('HOOK_FILTER_ROUTES', ++$i);
 define('HOOK_FILTER_TWIG_DISPLAY', ++$i);
 define('HOOK_FILTER_TWIG_RENDER', ++$i);
 define('HOOK_FILTER_THEME_FOOTER', ++$i);
+define('HOOK_FILTER_VALIDATE_CHARACTER_NEW_NAME', ++$i);
 
 const HOOK_FIRST = HOOK_INIT;
 define('HOOK_LAST', $i);

system/status.php

@@ -145,13 +145,7 @@ function updateStatus() {
 		}
 
 		$uptime = $status['uptime'] = $serverStatus->getUptime();
-		$m = date('m', $uptime);
-		$m = $m > 1 ? "$m months, " : ($m == 1 ? 'month, ' : '');
-		$d = date('d', $uptime);
-		$d = $d > 1 ? "$d days, " : ($d == 1 ? 'day, ' : '');
-		$h = date('H', $uptime);
-		$min = date('i', $uptime);
-		$status['uptimeReadable'] = "{$m}{$d}{$h}h {$min}m";
+		$status['uptimeReadable'] = getStatusUptimeReadable($uptime);
 
 		$status['monsters'] = $serverStatus->getMonstersCount();
 		$status['motd'] = $serverStatus->getMOTD();

system/templates/highscores.html.twig

@@ -18,7 +18,7 @@
 						<label for="vocationFilter">Choose a vocation</label>
 						<select onchange="location = this.value;" id="vocationFilter">
 							<option value="{{ getLink('highscores') }}/{{ list|urlencode }}" class="size_xs">[ALL]</option>
-							{% for i in 0..config.vocations_amount %}
+							{% for i in baseVocations %}
 								<option value="{{ getLink('highscores') }}/{{ list|urlencode }}/{{ config.vocations[i]|lower|urlencode }}" class="size_xs" {% if vocationId is not null and vocationId == i %}selected{% endif %}>{{ config.vocations[i]}}</option>
 							{% endfor %}
 						</select>
@@ -120,7 +120,7 @@
 				<tr bgcolor="{{ config.lightborder }}">
 					<td>
 						<a href="{{ getLink('highscores') }}/{{ list|urlencode }}" class="size_xs">[ALL]</a><br/>
-						{% for i in 0..config.vocations_amount %}
+						{% for i in baseVocations %}
 							<a href="{{ getLink('highscores') }}/{{ list|urlencode }}/{{ config.vocations[i]|lower|urlencode }}" class="size_xs">{{ config.vocations[i]}}</a><br/>
 						{% endfor %}
 					</td>

system/templates/online.html.twig

@@ -10,22 +10,19 @@
 	{% if setting('core.online_vocations_images') %}
 	<table width="200" cellspacing="1" cellpadding="0" border="0" align="center">
 		<tr bgcolor="{{ config.darkborder }}">
-			<td><img src="images/sorcerer.png" /></td>
-			<td><img src="images/druid.png" /></td>
-			<td><img src="images/paladin.png" /></td>
-			<td><img src="images/knight.png" /></td>
+			{% for vocationId in baseVocations %}
+				<td><img src="images/{{ config('vocations')[vocationId]|lower }}.png" width="150" height="200"/></td>
+			{% endfor %}
 		</tr>
 		<tr bgcolor="{{ config.vdarkborder }}">
-			<td class="white" style="text-align: center;"><strong>Sorcerers</strong></td>
-			<td class="white" style="text-align: center;"><strong>Druids</strong></td>
-			<td class="white" style="text-align: center;"><strong>Paladins</strong></td>
-			<td class="white" style="text-align: center;"><strong>Knights</strong></td>
+			{% for vocationId in baseVocations %}
+				<td class="white" style="text-align: center;"><strong>{{ config('vocations')[vocationId] }}s</strong></td>
+			{% endfor %}
 		</tr>
 		<tr bgcolor="{{ config.lightborder }}">
-			<td style="text-align: center;">{{ vocs[1] }}</td>
-			<td style="text-align: center;">{{ vocs[2] }}</td>
-			<td style="text-align: center;">{{ vocs[3] }}</td>
-			<td style="text-align: center;">{{ vocs[4] }}</td>
+			{% for vocationId in baseVocations %}
+				<td style="text-align: center;">{{ vocs[vocationId] }}</td>
+			{% endfor %}
 		</tr>
 	</table>
 	<div style="text-align: center;">&nbsp;</div>
@@ -35,11 +32,14 @@
 			<td class="white" colspan="2"><b>Vocation statistics</b></td>
 		</tr>
 
-		{% for i in 1..config.vocations_amount %}
-		<tr bgcolor="{{ getStyle(i) }}">
-			<td width="25%">{{ config.vocations[i] }}</td>
-			<td width="75%">{{ vocs[i] }}</td>
-		</tr>
+		{% set i = 0 %}
+		{% for vocationId in baseVocations %}
+			<tr bgcolor="{{ getStyle(i) }}">
+				<td width="25%">{{ config.vocations[vocationId] }}</td>
+				<td width="75%">{{ vocs[vocationId] }}</td>
+			</tr>
+
+			{% set i = i + 1 %}
 		{% endfor %}
 	</table>
 <br/>

tools/signature/index.php

@@ -53,6 +53,9 @@
 		exit;
 	}
 
+	ensureFolderExists(SIGNATURES_CACHE);
+	ensureIndexExists(SIGNATURES_CACHE);
+
 	$cached = SIGNATURES_CACHE.$player->getId() . '.png';
 	if(file_exists($cached) && (time() < (filemtime($cached) + (60 * setting('core.signature_cache_time')))))
 	{