diff --git a/GameEngine/Admin/Mods/addABTroops.php b/GameEngine/Admin/Mods/addABTroops.php
index 8c747018..d57d7850 100755
--- a/GameEngine/Admin/Mods/addABTroops.php
+++ b/GameEngine/Admin/Mods/addABTroops.php
@@ -50,7 +50,13 @@ $database->query($q);
* --------------------------------------------------------------------------- */
$adminId = (string)(int)$_SESSION['id'];
$time = time();
-$logText = "Changed troop upgrade levels in village
$id";
+
+// FIX: luăm numele satului
+$village = $database->getVillage($id); // dacă nu-l ai deja sus, lasă linia asta
+$villageName = $village['name'] ?? 'Village';
+$villageNameSafe = htmlspecialchars($villageName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Changed troop upgrade levels in village
$villageNameSafe";
// escapăm corect pentru coloana TEXT
$adminIdEsc = $database->escape($adminId);
diff --git a/GameEngine/Admin/Mods/addTroops.php b/GameEngine/Admin/Mods/addTroops.php
index 5e9d1142..ead2f178 100755
--- a/GameEngine/Admin/Mods/addTroops.php
+++ b/GameEngine/Admin/Mods/addTroops.php
@@ -57,7 +57,12 @@ $database->query($q);
* --------------------------------------------------------------------------- */
$adminId = (string)(int)$_SESSION['id'];
$time = time();
-$logText = "Changed troop amounts in village
$id";
+
+// FIX AICI
+$villageName = $village['name'] ?? 'Village';
+$villageNameSafe = htmlspecialchars($villageName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Changed troop amounts in village
$villageNameSafe";
$adminIdEsc = $database->escape($adminId);
$logEsc = $database->escape($logText);
diff --git a/GameEngine/Admin/Mods/additional.php b/GameEngine/Admin/Mods/additional.php
index 95b10dda..1e6c73e1 100755
--- a/GameEngine/Admin/Mods/additional.php
+++ b/GameEngine/Admin/Mods/additional.php
@@ -5,7 +5,7 @@
## --------------------------------------------------------------------------- ##
## Project: TravianZ (Refactor incremental) ##
## File: additional.tpl ##
-## Type BACKEND ##
+## Type BACKEND ##
## Description: Implement Gold Log ##
## Made by: Shadow ##
## License: TravianZ Project ##
@@ -35,6 +35,7 @@ $dp = (int)($_POST['def']?? 0);
$rr = (int)($_POST['res']?? 0);
$apall = (int)($_POST['ooff']?? 0);
$dpall = (int)($_POST['odef']?? 0);
+$vac_mode = (int)($_POST['vac_mode']?? 0);
if($id <= 0) die("Invalid user");
@@ -42,7 +43,7 @@ if($id <= 0) die("Invalid user");
$oldGold = (int)$database->getUserField($id, 'gold', 1);
$diffGold = $newGold - $oldGold;
-// --- UPDATE USER (prepared-style, fără escape manual) ---
+// --- UPDATE USER ---
$database->query("
UPDATE ".TB_PREFIX."users SET
access = $access,
@@ -55,7 +56,8 @@ $database->query("
dp = $dp,
RR = $rr,
apall = $apall,
- dpall = $dpall
+ dpall = $dpall,
+ vac_mode = $vac_mode
WHERE id = $id
");
@@ -74,6 +76,30 @@ if($diffGold!== 0){
");
}
+// --- LOG ADMIN (cu UID, nu nume) ---
+$adminUid = $admid > 0? $admid : (int)($_SESSION['id']?? 0); // FIX AICI
+$adminName = $database->getUserField($adminUid, 'username', 0)?: 'Admin';
+$playerName = $database->getUserField($id, 'username', 0)?: 'Unknown';
+$protectDays = (int)($_POST['protect']?? 0);
+
+$logParts = [];
+$logParts[] = "Gold: $oldGold → $newGold". ($diffGold!=0? " ($diffGold)" : "");
+$logParts[] = "VacMode: $vac_mode";
+$logParts[] = "Access: $access";
+$logParts[] = "Protect: {$protectDays}d";
+$logParts[] = "Sitters: $sit1/$sit2";
+
+$logText = "[$adminName] edited Additional for [$playerName] (UID:$id) - ". implode(' | ', $logParts);
+$logText = addslashes($logText);
+
+$now = time();
+$database->query("
+ INSERT INTO ".TB_PREFIX."admin_log
+ (`user`, `log`, `time`)
+ VALUES ('$adminUid', '$logText', $now)
+");
+
// --- REDIRECT ---
header("Location:../../../Admin/admin.php?p=player&uid=".$id);
-exit;
\ No newline at end of file
+exit;
+?>
\ No newline at end of file
diff --git a/GameEngine/Admin/Mods/editOverall.php b/GameEngine/Admin/Mods/editOverall.php
index 170fc7f6..3152534a 100755
--- a/GameEngine/Admin/Mods/editOverall.php
+++ b/GameEngine/Admin/Mods/editOverall.php
@@ -63,7 +63,12 @@ $database->query("UPDATE " . TB_PREFIX . "users SET apall = $off, dpall = $def W
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
-$logText = "Changed overall stats for user
$id (off=$off, def=$def)";
+
+// FIX: username + ID formatat
+$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
+$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Changed overall stats for user
$targetNameSafe (off=$off, def=$def)";
$logEsc = $database->escape($logText);
$database->query(
diff --git a/GameEngine/Admin/Mods/editPassword.php b/GameEngine/Admin/Mods/editPassword.php
index 07698811..3858a8dc 100755
--- a/GameEngine/Admin/Mods/editPassword.php
+++ b/GameEngine/Admin/Mods/editPassword.php
@@ -68,7 +68,12 @@ $database->query("UPDATE " . TB_PREFIX . "users SET password = '$passEsc' WHERE
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
-$logText = "Changed password for user
$id";
+
+// FIX: luăm username în loc de ID brut
+$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
+$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Changed password for user
$targetNameSafe";
$logEsc = $database->escape($logText);
$database->query(
diff --git a/GameEngine/Admin/Mods/editProtection.php b/GameEngine/Admin/Mods/editProtection.php
index cb3ef32e..e678c00c 100755
--- a/GameEngine/Admin/Mods/editProtection.php
+++ b/GameEngine/Admin/Mods/editProtection.php
@@ -64,7 +64,13 @@ $database->query("UPDATE " . TB_PREFIX . "users SET protect = $protection WHERE
// Log admin
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
-$logText = "Set protection for user
$id to $days days";
+$time = time(); // asigură-te că $time e definit înainte
+
+// FIX: username + ID formatat
+$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
+$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Set protection for user
$targetNameSafe to $days days";
$logEsc = $database->escape($logText);
$database->query(
diff --git a/GameEngine/Admin/Mods/editResources.php b/GameEngine/Admin/Mods/editResources.php
index 09d3a08f..a59ae493 100755
--- a/GameEngine/Admin/Mods/editResources.php
+++ b/GameEngine/Admin/Mods/editResources.php
@@ -80,7 +80,13 @@ $database->query(
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
-$logText = "Edited resources for village
$id (w:$wood c:$clay i:$iron cr:$crop)";
+
+// FIX: nume sat + ID formatat
+$village = $database->getVillage($id); // dacă nu e deja încărcat sus
+$villageName = $village['name'] ?? 'Village';
+$villageNameSafe = htmlspecialchars($villageName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Edited resources for village
$villageNameSafe (w:$wood c:$clay i:$iron cr:$crop)";
$logEsc = $database->escape($logText);
$database->query(
diff --git a/GameEngine/Admin/Mods/editSitter.php b/GameEngine/Admin/Mods/editSitter.php
index 511d52a7..9646b74f 100755
--- a/GameEngine/Admin/Mods/editSitter.php
+++ b/GameEngine/Admin/Mods/editSitter.php
@@ -63,7 +63,15 @@ $database->query("UPDATE " . TB_PREFIX . "users SET sit1 = $sit1, sit2 = $sit2 W
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
-$logText = "Changed sitters for user
$id (sit1=$sit1, sit2=$sit2)";
+
+// FIX: username pentru target + sitteri
+$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
+$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
+
+$sit1Name = $sit1 > 0 ? ($database->getUserField($sit1, 'username', 0) ?: $sit1) : 'none';
+$sit2Name = $sit2 > 0 ? ($database->getUserField($sit2, 'username', 0) ?: $sit2) : 'none';
+
+$logText = "Changed sitters for user
$targetNameSafe (sit1=$sit1Name, sit2=$sit2Name)";
$logEsc = $database->escape($logText);
$database->query(
diff --git a/GameEngine/Admin/Mods/editUser.php b/GameEngine/Admin/Mods/editUser.php
index 502d1720..071e37d7 100755
--- a/GameEngine/Admin/Mods/editUser.php
+++ b/GameEngine/Admin/Mods/editUser.php
@@ -80,7 +80,12 @@ $database->query(
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
-$logText = "Edited profile for user
$id";
+
+// FIX: username + ID formatat
+$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
+$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
+
+$logText = "Edited profile for user
$targetNameSafe";
$logEsc = $database->escape($logText);
$database->query(