package ND::Web::Pages::Users;
use strict;
-use warnings FATAL => 'all';
+use warnings;
use ND::Include;
use CGI qw/:standard/;
use ND::Web::Include;
-$ND::PAGES{users} = {parse => \&parse, process => \&process, render=> \&render};
+use base qw/ND::Web::XMLPage/;
-sub parse {
- my ($uri) = @_;
- #if ($uri =~ m{^/.*/(\w+)$}){
- # param('list',$1);
- #}
-}
-
-sub process {
-
-}
-
-sub render {
- my ($DBH,$BODY) = @_;
+$ND::Web::Page::PAGES{users} = __PACKAGE__;
- $ND::TEMPLATE->param(TITLE => 'Users');
+sub render_body {
+ my $self = shift;
+ my ($BODY) = @_;
+ $self->{TITLE} = 'Users';
+ my $DBH = $self->{DBH};
- return $ND::NOACCESS unless isHC();
+ return $self->noAccess unless $self->isHC;
my $error = '';
my $user;
if (defined param('user') && param('user') =~ /^(\d+)$/){
my $query = $DBH->prepare(q{
- SELECT uid,username,hostmask,coords(x,y,z) AS planet,attack_points,defense_points,scan_points,humor_points
+ SELECT uid,username,hostmask,CASE WHEN u.planet IS NULL THEN '' ELSE coords(x,y,z) END AS planet,attack_points,defense_points,scan_points,humor_points,info
FROM users u LEFT OUTER JOIN current_planet_stats p ON u.planet = p.id
WHERE uid = ?;
}) or $error .= "<p> Something went wrong: </p>";
if ($user && defined param('cmd') && param('cmd') eq 'change'){
$DBH->begin_work;
for my $param (param()){
- if ($param =~ /^c:(\w+)$/){
+ if ($param =~ /^c:(planet|\w+_points|hostmask|info|username)$/){
my $column = $1;
my $value = param($column);
if ($column eq 'planet'){
$BODY->param(Defense_points => $user->{defense_points});
$BODY->param(Scan_points => $user->{scan_points});
$BODY->param(humor_points => $user->{humor_points});
+ $BODY->param(info => escapeHTML $user->{info});
my $groups = $DBH->prepare(q{SELECT g.gid,g.groupname,uid FROM groups g LEFT OUTER JOIN (SELECT gid,uid FROM groupmembers WHERE uid = ?) AS gm ON g.gid = gm.gid});
$groups->execute($user->{uid});
FROM users u LEFT OUTER JOIN (groupmembers gm NATURAL JOIN groups g) ON gm.uid = u.uid
WHERE u.uid > 0
GROUP BY u.uid,username
- ORDER BY username})or $error .= $DBH->errstr;
+ ORDER BY lower(username)})or $error .= $DBH->errstr;
$query->execute or $error .= $DBH->errstr;
my @users;
my $i = 0;