Be more paranoid with param in list context

[ndwebbie.git] / lib / NDWeb / Controller / Raids.pm

diff --git a/lib/NDWeb/Controller/Raids.pm b/lib/NDWeb/Controller/Raids.pm
index a6492591be35f365abd670729144da410708f716..61956b27226465cfacf6af7858523de40f264f0b 100644 (file)
--- a/lib/NDWeb/Controller/Raids.pm
+++ b/lib/NDWeb/Controller/Raids.pm
@@ -158,8 +158,11 @@ ORDER BY name,tick DESC
                        WHERE fid = ? ORDER BY num
                });
                my @missions;
+               my $tick = 0;
                while (my $mission = $unitscans->fetchrow_hashref){
                        my @ships;
+                       last if $mission->{tick} <= $tick;
+                       $tick = $mission->{tick};
                        $ships->execute($mission->{fid});
                        while (my $ship = $ships->fetchrow_hashref){
                                push @ships,$ship;
@@ -308,10 +311,11 @@ sub postraidupdate : Local {
        my $dbh = $c->model;
 
        $dbh->begin_work;
+       my $tick = $c->req->param('tick');
+       my $waves = $c->req->param('waves');
        $dbh->do(q{UPDATE raids SET message = ?, tick = ?, waves = ? WHERE id = ?}
                ,undef,html_escape $c->req->param('message')
-               ,$c->req->param('tick'),$c->req->param('waves')
-               ,$raid);
+               ,$tick,$waves,$raid);
 
        $c->forward('log',[$raid, 'BC updated raid']);
 
@@ -513,10 +517,12 @@ sub postcreate : Local {
 
        $dbh->begin_work;
        my $query = $dbh->prepare(q{INSERT INTO raids (tick,waves,message) VALUES(?,?,?) RETURNING (id)});
-       $query->execute($c->req->param('tick'),$c->req->param('waves')
-               ,html_escape $c->req->param('message'));
+       my $tick = $c->req->param('tick');
+       my $waves = $c->req->param('waves');
+       my $message = html_escape $c->req->param('message');
+       $query->execute($tick,$waves,$message);
        my $raid = $query->fetchrow_array;
-       $c->forward('log',[$raid,"Created raid landing at tick: ".$c->req->param('tick')]);
+       $c->forward('log',[$raid,"Created raid landing at tick: ".$tick]);
 
        if ($c->req->param('gal') || $c->req->param('target')) {
                my @gals = $c->req->param('gal');
@@ -530,7 +536,8 @@ sub postcreate : Local {
                                )
                        )
                });
-               $addtarget->execute($raid,\@targets,\@gals,$c->req->param('sizelimit'));
+               my $sizelimit = $c->req->param('sizelimit');
+               $addtarget->execute($raid,\@targets,\@gals,$sizelimit);
                $c->forward('log',[$raid,"BC added planets (@targets) and the gals for (@gals)"]);
        }
        $dbh->do(q{INSERT INTO raid_access (raid,gid) VALUES(?,'M')}
@@ -719,9 +726,11 @@ sub postcreateretal : Local {
        my $dbh = $c->model;
 
        $dbh->begin_work;
+       my $tick = $c->req->param('tick');
+       my $waves = $c->req->param('waves');
+       my $message = html_escape $c->req->param('message');
        my $query = $dbh->prepare(q{INSERT INTO raids (tick,waves,message) VALUES(?,?,?) RETURNING (id)});
-       $query->execute($c->req->param('tick'),$c->req->param('waves')
-               ,html_escape $c->req->param('message'));
+       $query->execute($tick, $waves, $message);
        my $raid = $query->fetchrow_array;
        $c->forward('log',[$raid,"Created retal raid landing at tick: ".$c->req->param('tick')]);