MyAAC Global Layout

[Lucas Giovanni]

MyAAC Global Layout

Credits
Slawkens (MyAAC)
Lucas Giovanni (Updated MyAAC with Global Layout)

MyAAC v0.8.6

News
Changed box shadow image to css
Changed buttons, removed image and added by css
Created new buttons based on colors (green and red)
Added page load, configurable in config.php
Added status bar with configurable social networks
Added slide and collapse status bar, configurable in config.php
Added swipe effect in menu
Created client download page, configurable link in config.php
Created event calendar, getting information directly from events.xml
Char Bazaar with configurable rates in config.php
Changed login by email
Editable themebox
Themebox: discord, donate and search character
Banner starting on the news page
Updated font awesome
Global modifiers for characters and accounts
Being able to change position, town, coins and premium
New login page
news soon...


​

 

[vexler222]

Wow, very nice

 

[cocacola13]

I have a mistake searching for characters

 

[Leesne]

You are missing the bcdiv.

you need to install this.

sudo apt install php7.0-bcmath
sudo apt install php-bcmath

depending on which version of php you use etc.. (If you break stuff not my fault, lookup bcmath php before running commands)

Post automatically merged: Mar 10, 2022

I would be a bit cautious about using this on your servers currently.

I had a quick check of some of the new code in comparison to myaac and noticed a few lines of code that could potentially be exploitable. Bear in mind, it was me who found the last big exploit in myaac, which allowed users to take over servers if they knew what they were doing. (still in the sticky news at top)
I do NOT believe this to be intentional from Lucas.

Once I actually free up some time (I am currently not coding or working on any projects due to RL stuff.) I will have a proper check and install this on a test web server.
Lucas, I will drop you a quick PM but I honestly don't have time to go through it all.

 

[Lucas Giovanni]

@Leesne Several fixes have been posted on the project's github, being vulnerability fixes

 

[Leesne]

No worries Lucas, I found the github just now and had a quick check but I don't have any time spare to assist further.
It is what I expected just by viewing the code.

These are my current chars:


This is an example of a char you can add by sending false data to the server.


Its a good effort to get a Bazaar looking char trade system in MyAAC but to improve it you should look into adding more PHP server checks to data.
You can see examples of how to extra secure the pages with extra checks under these files:

myaac/system/pages/account at main · lucasgiovannibr/myaac

A free and open-source Automatic Account Creator (AAC) written in PHP - myaac/system/pages/account at main · lucasgiovannibr/myaac

github.com

Hope that helps for now.. Good luck.

 

[danio4don]

works with tfs 1.5 12.81?

 

[Lucas Giovanni]

News

• Fix Char Baazar
• Achievements Page (File to configure /tools/achievements.php)
• Achievements Points
• Creatures Page
• Spells Page (File to configure /tools/spells.json)
• Gallery Page
• Server Info Page
• Online Page
• Experience Table Page
• Highscores Page
• Polls Page
• Guilds Page
• Guild Wars Management
• Bans List Page
• Support List Page
• Downloads Page
• Event Schedule Page (data/XML/events.xml)
• Install Myaac
• Countdown server save
• Countdown auctions
• New widgets

 

[Lucas Giovanni]

New style in widgets

 

[drakylucas]

Does it works with canary (otservbr) ? (without most of xmls). The original myaac doesn't load creatures, spells and stages for canary (because all is configured in Lua).

Pretty nice job! Amazing screenshots

 

[Lucas Giovanni]

Does it works with canary (otservbr) ? (without most of xmls). The original myaac doesn't load creatures, spells and stages for canary (because all is configured in Lua).

Pretty nice job! Amazing screenshots

Yes is being tested with Canary. Creatures and spells I exported all from the official website, it's not importing directly from the server.

Post automatically merged: Apr 9, 2022

Revamped installation page.

 

[danio4don]

will you add support for tfs 1.5 12.86?

 

[Odisk]

why do I have this problem ?

I have xampp Php 5.6

OTX 3

 

[leik meris]

why do I have this problem ?

I have xampp Php 5.6

OTX 3

View attachment 67037

-- Table structure `boosted_creature`
CREATE TABLE IF NOT EXISTS `boosted_creature` (
    `boostname` TEXT,
    `date` varchar(250) NOT NULL DEFAULT '',
    `raceid` varchar(250) NOT NULL DEFAULT '',
    `looktype` int(11) NOT NULL DEFAULT "136",
    `lookfeet` int(11) NOT NULL DEFAULT "0",
    `looklegs` int(11) NOT NULL DEFAULT "0",
    `lookhead` int(11) NOT NULL DEFAULT "0",
    `lookbody` int(11) NOT NULL DEFAULT "0",
    `lookaddons` int(11) NOT NULL DEFAULT "0",
    `lookmount` int(11) DEFAULT "0",
    PRIMARY KEY (`date`)
) AS SELECT 0 AS date, "default" AS boostname, 0 AS raceid;

insert in data base

 

[Odisk]

-- Table structure `boosted_creature`
CREATE TABLE IF NOT EXISTS `boosted_creature` (
    `boostname` TEXT,
    `date` varchar(250) NOT NULL DEFAULT '',
    `raceid` varchar(250) NOT NULL DEFAULT '',
    `looktype` int(11) NOT NULL DEFAULT "136",
    `lookfeet` int(11) NOT NULL DEFAULT "0",
    `looklegs` int(11) NOT NULL DEFAULT "0",
    `lookhead` int(11) NOT NULL DEFAULT "0",
    `lookbody` int(11) NOT NULL DEFAULT "0",
    `lookaddons` int(11) NOT NULL DEFAULT "0",
    `lookmount` int(11) DEFAULT "0",
    PRIMARY KEY (`date`)
) AS SELECT 0 AS date, "default" AS boostname, 0 AS raceid;

insert in data base

Good
you Have query column 'timestamp' ?

 

[Lucas Giovanni]

Good
you Have query column 'timestamp' ?

You need to create a column called timestamp in the record players table

ALTER TABLE `server_config` ADD `timestamp` TIMESTAMP on update CURRENT_TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP AFTER `value`;

 

[DarkLua]

Hey,

Clear installed TFS 1.4, it's scheme.

Which tables needed to be added in order to not get errors?

Also, setting password to an account won't hash it on the db but will fill it as a string , rendering the password creation system buggy.

Can you provide solution? thanks.

 

[Methxs]

Hey,

Clear installed TFS 1.4, it's scheme.

Which tables needed to be added in order to not get errors?

Also, setting password to an account won't hash it on the db but will fill it as a string , rendering the password creation system buggy.

Can you provide solution? thanks.

CREATE TABLE IF NOT EXISTS `boosted_creature` (
    `boostname` TEXT,
    `date` varchar(250) NOT NULL DEFAULT '',
    `raceid` varchar(250) NOT NULL DEFAULT '',
    `looktype` int(11) NOT NULL DEFAULT "136",
    `lookfeet` int(11) NOT NULL DEFAULT "0",
    `looklegs` int(11) NOT NULL DEFAULT "0",
    `lookhead` int(11) NOT NULL DEFAULT "0",
    `lookbody` int(11) NOT NULL DEFAULT "0",
    `lookaddons` int(11) NOT NULL DEFAULT "0",
    `lookmount` int(11) DEFAULT "0",
    PRIMARY KEY  (`date`)
) AS SELECT 0 AS date, "default" AS boostname, 0 AS raceid;

 

[DarkLua]

CREATE TABLE IF NOT EXISTS `boosted_creature` (
    `boostname` TEXT,
    `date` varchar(250) NOT NULL DEFAULT '',
    `raceid` varchar(250) NOT NULL DEFAULT '',
    `looktype` int(11) NOT NULL DEFAULT "136",
    `lookfeet` int(11) NOT NULL DEFAULT "0",
    `looklegs` int(11) NOT NULL DEFAULT "0",
    `lookhead` int(11) NOT NULL DEFAULT "0",
    `lookbody` int(11) NOT NULL DEFAULT "0",
    `lookaddons` int(11) NOT NULL DEFAULT "0",
    `lookmount` int(11) DEFAULT "0",
    PRIMARY KEY  (`date`)
) AS SELECT 0 AS date, "default" AS boostname, 0 AS raceid;

Thanks, it helped solving the errors.

About the password saved on the DB as plain text and not encrypted. Any solution to save it as SHA1 as expected when creating new account/changing password?

both encryptionType, passwordType set to sha1 on config.lua

meanwhile i've changed to encrypt function to:
function encrypt($str)
{
return sha1($str);
}

Another question:
What is the best practice of modifying new created character's starting level and equipment?

Many thanks

 

[Pedrook]

good job!