Merge branch 'main' into fix/char-bazaar

.gitignore

@@ -78,6 +78,7 @@ plugins/*
 !plugins/email-confirmed-reward.json
 !plugins/email-confirmed-reward
 landing
+!plugins/pagseguro
 
 # others/rest
 system/pages/downloads.php

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## [0.8.16 - 14.02.2024]
+
+### Fixed
+* database and finish step warnings/errors
+* silently ignore if the hook does not exist
+
 ## [0.8.15 - 09.12.2023]
 
 More security fixes, especially in bugtracker.

VERSION

@@ -1 +1 @@
-0.8.15
+0.8.16

admin/pages/dashboard.php

@@ -1,4 +1,5 @@
 <?php
+global $db, $twig, $twig_loader, $status;
 /**
  * Dashboard
  *
@@ -46,27 +47,18 @@
 if (fetchDatabaseConfig('site_closed_message', $tmp))
     $closed_message = $tmp;
 
-$query = $db->query('SELECT count(*) as `how_much` FROM `accounts`;');
-$query = $query->fetch();
-$total_accounts = $query['how_much'];
-
-$query = $db->query('SELECT count(*) as `how_much` FROM `players`;');
-$query = $query->fetch();
-$total_players = $query['how_much'];
-
-$query = $db->query('SELECT count(*) as `how_much` FROM `guilds`;');
-$query = $query->fetch();
-$total_guilds = $query['how_much'];
-
-$query = $db->query('SELECT count(*) as `how_much` FROM `houses`;');
-$query = $query->fetch();
-$total_houses = $query['how_much'];
+$total_accounts = $db->query('SELECT `id` FROM `accounts`;')->rowCount();
+$total_players = $db->query('SELECT `id` FROM `players`;')->rowCount();
+$total_guilds = $db->query('SELECT `id` FROM `guilds`;')->rowCount();
+$total_houses = $db->query('SELECT `id` FROM `houses`;')->rowCount();
+$total_donates = $db->query("SELECT `id` FROM `pagseguro_transactions` WHERE `payment_status` <> 'CANCELLED'")->rowCount();
 
 $twig->display('admin.statistics.html.twig', array(
     'total_accounts' => $total_accounts,
     'total_players' => $total_players,
     'total_guilds' => $total_guilds,
-    'total_houses' => $total_houses
+    'total_houses' => $total_houses,
+    'total_donates' => $total_donates,
 ));
 
 $twig->display('admin.dashboard.html.twig', array(

admin/pages/modules/donates.php

@@ -0,0 +1,28 @@
+<?php
+global $db, $twig;
+/**
+ * Automatic PagSeguro payment system gateway.
+ *
+ * @name      myaac-pagseguro
+ * @author    Elson <[email protected]>
+ * @author    OpenTibiaBR
+ * @copyright 2024 MyAAC
+ * @link      https://github.com/opentibiabr/myaac
+ * @version   2.0
+ */
+
+$result = [];
+if ($db->hasTable('pagseguro_transactions')) {
+    $query = $db->query("SELECT `account_id`, SUM(`code`) as total, payment_status FROM `pagseguro_transactions` WHERE `payment_status` = 'AVAILABLE' GROUP BY account_id ORDER BY total DESC LIMIT 10;")->fetchAll();
+    foreach ($query as $item) {
+        if ($acc = $db->query("SELECT `id`, `name`, `email` FROM `accounts` WHERE `id` = {$item['account_id']}")->fetch()) {
+            $result[$acc['id']] = [
+                'name'    => $acc['name'],
+                'email'   => $acc['email'],
+                'players' => getPlayerByAccountId($acc['id']),
+                'value'   => "R$ " . number_format((float)$item['total'], 2, ',', '.')
+            ];
+        }
+    }
+}
+$twig->display('most_donates.html.twig', ['result' => $result]);

admin/pages/modules/templates/coins.html.twig

@@ -10,7 +10,7 @@
           <tr>
             <th>#</th>
             <th>Account {{ account_type }}</th>
-            <th>Tibia coins</th>
+            <th>Coins</th>
           </tr>
           {% set i = 0 %}
           {% for item in result %}

admin/pages/modules/templates/coinstransferable.html.twig

@@ -10,7 +10,7 @@
           <tr>
             <th>#</th>
             <th>Account {{ account_type }}</th>
-            <th>Points</th>
+            <th>Coins</th>
           </tr>
           {% set i = 0 %}
           {% for item in result %}

admin/pages/modules/templates/most_donates.html.twig

@@ -0,0 +1,33 @@
+{% if result is iterable %}
+  <div class="col-8">
+    <div class="box">
+      <div class="box-header">
+        <h3 class="box-title">Top 10 - Most donates</h3>
+      </div>
+      <div class="box-body no-padding">
+        <table class="table table-condensed">
+          <tbody>
+          <tr>
+            <th style="width: 40px">#</th>
+            <th style="width: 100px;">Account {{ account_type }}</th>
+            <th style="width: 100px;">E-mail</th>
+            <th>Characters</th>
+            <th style="width: 100px;">Total</th>
+          </tr>
+          {% set i = 0 %}
+          {% for item in result %}
+            {% set i = i + 1 %}
+            <tr>
+              <td>{{ i }}</td>
+              <td>{{ item.name }}</td>
+              <td>{{ item.email }}</td>
+              <td>{{ item.players | raw }}</td>
+              <td>{{ item.value }}</td>
+            </tr>
+          {% endfor %}
+          </tbody>
+        </table>
+      </div>
+    </div>
+  </div>
+{% endif %}

admin/pages/pag_transactions.php

@@ -0,0 +1,70 @@
+<?php
+global $db, $config;
+require_once(PLUGINS . 'pagseguro/config.php');
+
+/**
+ * Lista de donates
+ *
+ * @package   MyAAC
+ * @author    Elson
+ * @author    OpenTibiaBR
+ * @copyright 2023 MyAAC
+ * @link      https://github.com/opentibiabr/myaac
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+
+$count = $db->query("SELECT `id` FROM `pagseguro_transactions` WHERE `id` > 0 AND `payment_status` <> 'CANCELLED'")->rowCount();
+$title = "$count donates até o momento";
+$base = BASE_URL . 'admin/?p=pag_transactions';
+$donates = $db->query("SELECT * FROM `pagseguro_transactions` WHERE `id` > 0 ORDER BY `id` DESC")->fetchAll();
+?>
+<div class="row">
+    <div class="col-md-12">
+        <div class="box">
+            <div class="box-body no-padding">
+                <table id="tb_donates" class="table table-striped">
+                    <tbody>
+                    <tr>
+                        <th style="width: 40px">#</th>
+                        <th style="width: 60px">ID</th>
+                        <th style="width: 140px;">Transação</th>
+                        <th>Account & Players</th>
+                        <th style="width: 160px; text-align: center">Valor / Qtd.</th>
+                        <th style="width: 70px; text-align: center">Método Pag.</th>
+                        <th style="width: 70px; text-align: center">Double</th>
+                        <th style="width: 40px; text-align: center">Status</th>
+                        <th style="width: 40px; text-align: center">Entregue</th>
+                        <th style="width: 160px;">Donatado em</th>
+                    </tr>
+                    <?php foreach ($donates as $k => $donate) {
+                        $account = $db->query("SELECT `id`, `email` FROM `accounts` WHERE `id` = {$donate['account_id']} LIMIT 1;")->fetch();
+                        $players = getPlayerByAccountId($donate['account_id']);
+                        ?>
+                        <tr style="background-color: <?= $donate['payment_status'] == 'CANCELLED' ? '#502a2a' : '' ?>">
+                            <td><?= $k + 1 ?></td>
+                            <td><?= $donate['id'] ?></td>
+                            <td><small><?= $donate['transaction_code'] ?></small></td>
+                            <td><?= $account['email'] ?> (<?= $players ?>)</td>
+                            <td style="text-align: center">
+                                R$ <?= number_format($config['pagSeguro']['donates'][$donate['code']]['value'], 2, ',', '.') ?>
+                                (<?= $donate['coins_amount'] ?> TC)
+                            </td>
+                            <td style="text-align: center"><?= $donate['payment_method'] ?? 'PIX' ?></td>
+                            <td style="text-align: center"><?= $donate['in_double'] ? 'Sim' : 'Não' ?></td>
+                            <td style="text-align: center"><?= $donate['payment_status'] ?></td>
+                            <td style="text-align: center"><?= $donate['delivered'] ? 'Sim' : 'Não' ?></td>
+                            <td><?= date("d/m/Y H:i:s", strtotime($donate['created_at'])) ?></td>
+                        </tr>
+                    <?php } ?>
+                    </tbody>
+                </table>
+            </div>
+        </div>
+    </div>
+</div>
+
+<script>
+    $(function () {
+        $('#tb_donates').DataTable()
+    })
+</script>

admin/template/template.php

@@ -84,6 +84,7 @@
                     ),
                     'Items' => 'items',
                     'Tools' => array(
+                        'Donates' => 'pag_transactions',
                         'Premium/VIP Updater' => 'premiumvipupdater',
                         'Notepad' => 'notepad',
                         'phpinfo' => 'phpinfo',

common.php

@@ -28,7 +28,7 @@
 if (version_compare(phpversion(), '7.4', '<')) die('PHP version 7.4 or higher is required.');
 
 define('MYAAC', true);
-define('MYAAC_VERSION', '0.8.15');
+define('MYAAC_VERSION', '0.8.16');
 define('DATABASE_VERSION', 34);
 define('TABLE_PREFIX', 'myaac_');
 define('START_TIME', microtime(true));
@@ -106,7 +106,7 @@
 $basedir = str_replace(array('/admin', '/install', '/tools'), '', $basedir);
 define('BASE_DIR', $basedir);
 
-if (file_exists(BASE . 'config.local.php')) {
+if (file_exists(BASE . 'config.local.php') && !defined('MYAAC_INSTALL')) {
     require BASE . 'config.local.php';
 }
 

config.php

@@ -366,7 +366,7 @@
 	'status_interval' => 60,
 
 	// admin panel
-	'admin_panel_modules' => 'lastlogin,coinstransferable,coins',
+	'admin_panel_modules' => 'lastlogin,coinstransferable,coins,donates',
 
 	// other
 	'email_lai_sec_interval' => 60, // time in seconds between e-mails to one account from lost account interface, block spam
@@ -384,4 +384,6 @@
         'names' => [],
         'words' => [],
     ],
+
+    'enablePagseguroLocal' => false, // set true to enable donate and boxes page on localhost.
 );

install/includes/schema.sql

@@ -187,7 +187,8 @@ INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VA
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'My Auctions', 'owncharactertrades', 7, 3);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Create Auction', 'createcharacterauction', 7, 4);
 /* MENU_CATEGORY_SHOP tibiacom */
-INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Buy Points', 'points', 6, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Donate', 'donate', 6, 0);
+INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Boxes', 'boxes', 6, 0);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop Offer', 'gifts', 6, 1);
 INSERT INTO `myaac_menu` (`template`, `name`, `link`, `category`, `ordering`) VALUES ('tibiacom', 'Shop History', 'gifts/history', 6, 2);
 

install/tools/5-database.php

@@ -11,8 +11,10 @@
 require BASE . 'install/includes/config.php';
 
 ini_set('max_execution_time', 300);
+
+@ob_end_flush();
 ob_implicit_flush();
-ob_end_flush();
+
 header('X-Accel-Buffering: no');
 
 if (!$error) {

install/tools/7-finish.php

@@ -8,8 +8,10 @@
 require BASE . 'install/includes/locale.php';
 
 ini_set('max_execution_time', 300);
+
+@ob_end_flush();
 ob_implicit_flush();
-ob_end_flush();
+
 header('X-Accel-Buffering: no');
 
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {

payments/buybox.php

@@ -0,0 +1,80 @@
+<?php
+/**
+ * Automatic PagSeguro payment system gateway.
+ *
+ * @name      myaac-pagseguro
+ * @author    Elson <[email protected]>
+ * @author    OpenTibiaBR
+ * @copyright 2024 MyAAC
+ * @link      https://github.com/opentibiabr/myaac
+ * @version   2.0
+ */
+
+//https://dev.pagbank.uol.com.br/v1/docs/api-notificacao-v1
+
+global $db;
+require_once('../common.php');
+require_once(SYSTEM . 'functions.php');
+require_once(SYSTEM . 'init.php');
+require_once(PLUGINS . 'pagseguro/config.php');
+require_once(LIBS . 'PagSeguroLibrary/PagSeguroLibrary.php');
+
+if (!isset($config['pagSeguro']) || !count($config['pagSeguro']) || !count($config['pagSeguro']['boxes'])) {
+    echo "PagSeguro is disabled. If you're an admin please configure this script in config.local.php.";
+    return;
+}
+
+header("access-control-allow-origin: https://pagseguro.uol.com.br");
+
+$table  = "myaac_send_items";
+$method = $_SERVER['REQUEST_METHOD'];
+if ('post' == strtolower($method)) {
+    $type = $_POST['notificationType'];
+    $notificationCode = $_POST['notificationCode'];
+
+    if ($type === 'transaction') {
+        try {
+            $credentials = PagSeguroConfig::getAccountCredentials();
+            $transaction = PagSeguroNotificationService::checkTransaction($credentials, $notificationCode);
+
+            $transaction_code = $transaction->getCode();
+            $account_id       = (int)$transaction->getReference();
+            $payment_method   = $transaction->getPaymentMethod()->getType()->getTypeFromValue();
+            $payment_status   = $transaction->getStatus()->getTypeFromValue();
+            $request          = json_encode($_POST);
+
+            $transactionDB    = $db->query("SELECT * FROM `{$table}` WHERE `transaction_code` = {$db->quote($transaction_code)} AND `account_id` = {$account_id}")->fetch();
+
+            if (!$boxSelected = $config['pagSeguro']['boxes'][$transaction->getItems()[0]->getId()] ?? null) {
+                return false;
+            }
+
+            if (!$id = $transactionDB['id'] ?? null) {
+                $createdAt  = date('Y-m-d H:i:s');
+                $values     = "{$db->quote($transaction_code)}, {$db->quote($boxSelected['id'])}, {$db->quote($boxSelected['name'])}, 1, {$account_id}, {$db->quote($payment_method)}, {$db->quote($payment_status)}, {$db->quote($request)}, {$db->quote($createdAt)}";
+                $db->exec("INSERT INTO `{$table}` (`transaction_code`, `item_id`, `item_name`, `item_count`, `account_id`, `payment_method`, `payment_status`, `request`, `created_at`) VALUES ({$values})");
+                $transactionDB = $db->query("SELECT * FROM `{$table}` WHERE `id` = {$db->lastInsertId()}")->fetch();
+                $id = $transactionDB['id'];
+            }
+
+            $request  = $transactionDB['request'] . $request . PHP_EOL;
+            $updateAt = date('Y-m-d H:i:s');
+
+            if ($transactionDB['status'] == "0" && (($payment_method == 'CREDIT_CARD' && $payment_status == 'PAID') || ($payment_method == 'PIX' && $payment_status == 'AVAILABLE'))) {
+                $db->exec("UPDATE `{$table}` SET `status` = '1', `request` = {$db->quote($request)}, `updated_at` = {$db->quote($updateAt)} WHERE `id` = {$id}");
+            } else {
+                $db->exec("UPDATE `{$table}` SET `request` = {$db->quote($request)}, `updated_at` = {$db->quote($updateAt)} WHERE `id` = {$id}");
+                if (in_array($transactionDB['status'], ['1', '2']) && $payment_method != 'PIX' && $payment_status == 'CANCELLED') {
+                    $now    = time();
+                    $banAt  = $now + (86400 * 30);
+                    $values = "({$account_id}, 3, 22, {$now}, {$banAt}, {$account_id})";
+                    $db->exec("INSERT INTO `account_bans` (`account_id`, `type`, `reason`, `banned_at`, `expired_at`, `banned_by`) VALUES {$values};");
+                }
+            }
+
+        } catch (PagSeguroServiceException|\Exception $e) {
+            log_append('pagseguro_buybox_errors.log', date('Y-m-d H:i:s') . ': ' . $e->getMessage());
+            die($e->getMessage());
+        }
+    }
+}