if ($c->req->param('cmd') eq 'Submit'){
my $logmess = '';
if ($c->req->param('ctick')){
+ my $tick = $c->req->param('tick');
$dbh->do(q{UPDATE calls SET landing_tick = ? WHERE call = ?}
- ,undef,$c->req->param('tick'),$call->{call});
+ ,undef,$tick,$call->{call});
$logmess .= "Updated landing tick from [B] $call->{landing_tick} [/B]\n";
}
if ($c->req->param('cinfo')){
+ my $info = $c->req->param('info');
$dbh->do(q{UPDATE calls SET info = ? WHERE call = ?}
- ,undef,$c->req->param('info'),$call->{call});
+ ,undef,$info,$call->{call});
$logmess .= "Updated info\n";
}
if ($c->req->param('ccalc')){
$logmess .= html_escape('Updated calc to: [URL]'.$calc."[/URL]\n");
}
if ($c->req->param('cstatus')){
+ my $status = $c->req->param('status');
$dbh->do(q{UPDATE calls SET status = $1, dc = $2 WHERE call = $3}
- ,undef,$c->req->param('status'),$c->user->id,$call->{call});
+ ,undef,$status,$c->user->id,$call->{call});
$logmess .= "Changed status to: ".$c->req->param('status')."\n";
}
$log->execute($c->user->id,$call->{ftid},$logmess) if $log;
my ( $self, $c, $board ) = @_;
my $dbh = $c->model;
- $c->forward('findBoard',[$c->req->param('board')]);
+ my $b = $c->req->param('board');
+ $c->forward('findBoard',[$b]);
my $toboard = $c->stash->{board};
unless ($toboard->{moderate}){
$c->acl_access_denied('test',$c->action,'No moderator access for target board.')
my ( $self, $c, $board ) = @_;
my $dbh = $c->model;
+ my $subject = html_escape($c->req->param('subject'));
my $insert = $dbh->prepare(q{INSERT INTO forum_threads (ftid,fbid,subject,uid)
VALUES(DEFAULT,$1,$2,$3) RETURNING (ftid);
});
- $insert->execute($board,html_escape($c->req->param('subject')),$c->stash->{UID});
+ $insert->execute($board,$subject,$c->stash->{UID});
$c->stash(thread => $insert->fetchrow);
$insert->finish;
}
sub previewPost : Private {
my ( $self, $c) = @_;
+ my $message = html_escape $c->req->param('message');
push @{$c->stash->{posts}}, {
unread => 1,
username => 'PREVIEW',
- message => parseMarkup(html_escape $c->req->param('message')),
+ message => parseMarkup($message),
};
- $c->stash(previewMessage => html_escape $c->req->param('message'));
+ $c->stash(previewMessage => $message);
}
sub insertPost : Private {
my ( $self, $c, $thread ) = @_;
my $dbh = $c->model;
+ my $message = html_escape($c->req->param('message'));
my $insert = $dbh->prepare(q{INSERT INTO forum_posts (ftid,message,uid)
VALUES($1,$2,$3)});
- $insert->execute($thread,html_escape($c->req->param('message')),$c->stash->{UID});
+ $insert->execute($thread,$message,$c->stash->{UID});
}
sub listModeratorBoards : Private {
my ( $self, $c ) = @_;
my $dbh = $c->model;
+ my $hostname = html_escape $c->req->param('hostname');
$dbh->do(q{UPDATE users SET hostmask = ? WHERE uid = ?
- },undef, html_escape $c->req->param('hostname'), $c->user->id);
+ },undef, $hostname, $c->user->id);
$c->res->redirect($c->uri_for(''));
}
my $dbh = $c->model;
my $callme = $c->req->param('callme') || 0;
+ my $sms = html_escape $c->req->param('sms');
+ my $smsnote = $c->req->param('smsnote');
$dbh->do(q{
UPDATE users SET sms = $1, call_if_needed = $2, sms_note = $3 WHERE uid = $4
- },undef, html_escape $c->req->param('sms'),$callme
- ,$c->req->param('smsnote'), $c->user->id);
+ },undef, $sms, $callme, $smsnote, $c->user->id);
$c->res->redirect($c->uri_for(''));
}
$c->flash(error => "No planet at coords: $x:$y:$z");
}
}else{
- $c->flash(error => $c->req->param('planet') . " are not valid coords.");
+ my $error = $c->req->param('planet') . " are not valid coords.";
+ $c->flash(error => $error);
}
$c->res->redirect($c->uri_for('/'.$c->session->{referrer}));
my ( $self, $c ) = @_;
my $dbh = $c->model;
+ my $message = $c->req->param('message');
if ($c->req->param('channel')){
my $query = $dbh->prepare(q{
INSERT INTO irc_requests (uid,channel,message) VALUES($1,$2,$3)
});
- $query->execute($c->user->id,$c->req->param('channel'),$c->req->param('message'));
+ my $channel = $c->user->id,$c->req->param('channel');
+ $query->execute($channel, $message);
$c->signal_bots;
- $c->flash(reply => "Msg sent to: ".$c->req->param('channel'));
+ $c->flash(reply => "Msg sent to: ".$channel);
$c->res->redirect($c->uri_for('ircrequest'));
}else{
- $c->stash(ircmessage => $c->req->param('message'));
+ $c->stash(ircmessage => $message);
$c->go('ircrequest');
}
}
SELECT coords(x,y,z), tick() FROM current_planet_stats WHERE pid = $1
}, undef, $c->user->planet);
- $c->req->param(message => "[i]Posted by $coords at tick $tick [/i]\n\n" . $c->req->param('message'));
+ my $message = "[i]Posted by $coords at tick $tick [/i]\n\n" . $c->req->param('message');
+ $c->req->param(message => $message);
$c->forward('/forum/insertThread',[12]);
$c->forward('/forum/insertPost',[$c->stash->{thread}]);
$c->flash(intelmessage => 1);
my $fullfleet = $dbh->prepare(q{INSERT INTO full_fleets
(fid,uid) VALUES (?,?)});
$dbh->begin_work;
- my @missions = parseconfirmations($c->req->param('mission'), $c->stash->{TICK});
+ my $mission = $c->req->param('mission');
+ my @missions = parseconfirmations($mission, $c->stash->{TICK});
for my $m (@missions){
if ($m->{mission} eq 'Return'){
$c->forward("addReturnFleet", [$m]);
my $dbh = $c->model;
$dbh->begin_work;
+ my $tick = $c->req->param('tick');
+ my $waves = $c->req->param('waves');
$dbh->do(q{UPDATE raids SET message = ?, tick = ?, waves = ? WHERE id = ?}
,undef,html_escape $c->req->param('message')
- ,$c->req->param('tick'),$c->req->param('waves')
- ,$raid);
+ ,$tick,$waves,$raid);
$c->forward('log',[$raid, 'BC updated raid']);
$dbh->begin_work;
my $query = $dbh->prepare(q{INSERT INTO raids (tick,waves,message) VALUES(?,?,?) RETURNING (id)});
- $query->execute($c->req->param('tick'),$c->req->param('waves')
- ,html_escape $c->req->param('message'));
+ my $tick = $c->req->param('tick');
+ my $waves = $c->req->param('waves');
+ my $message = html_escape $c->req->param('message');
+ $query->execute($tick,$waves,$message);
my $raid = $query->fetchrow_array;
- $c->forward('log',[$raid,"Created raid landing at tick: ".$c->req->param('tick')]);
+ $c->forward('log',[$raid,"Created raid landing at tick: ".$tick]);
if ($c->req->param('gal') || $c->req->param('target')) {
my @gals = $c->req->param('gal');
)
)
});
- $addtarget->execute($raid,\@targets,\@gals,$c->req->param('sizelimit'));
+ my $sizelimit = $c->req->param('sizelimit');
+ $addtarget->execute($raid,\@targets,\@gals,$sizelimit);
$c->forward('log',[$raid,"BC added planets (@targets) and the gals for (@gals)"]);
}
$dbh->do(q{INSERT INTO raid_access (raid,gid) VALUES(?,'M')}
my $dbh = $c->model;
$dbh->begin_work;
+ my $tick = $c->req->param('tick');
+ my $waves = $c->req->param('waves');
+ my $message = html_escape $c->req->param('message');
my $query = $dbh->prepare(q{INSERT INTO raids (tick,waves,message) VALUES(?,?,?) RETURNING (id)});
- $query->execute($c->req->param('tick'),$c->req->param('waves')
- ,html_escape $c->req->param('message'));
+ $query->execute($tick, $waves, $message);
my $raid = $query->fetchrow_array;
$c->forward('log',[$raid,"Created retal raid landing at tick: ".$c->req->param('tick')]);
WHERE msgid = $1
});
- $sms->execute($c->req->param('apiMsgId')
- ,$clickatellstatus{$c->req->param('status')}
- ,$c->req->param('charge')
- ,$c->req->param('timestamp'));
+ my $apiMsgId = $c->req->param('apiMsgId');
+ my $status = $c->req->param('status');
+ my $charge = $c->req->param('charge');
+ my $timestamp = $c->req->param('timestamp');
+ $sms->execute($apiMsgId
+ ,$clickatellstatus{$status}
+ ,$charge
+ ,$timestamp);
}
my $query = $dbh->prepare(q{UPDATE users SET css = NULLIF($2,'Default')
WHERE uid = $1
});
- $query->execute($c->user->id,html_escape $c->req->param('stylesheet'));
+ my $css = html_escape $c->req->param('stylesheet');
+ $query->execute($c->user->id,$css);
$c->res->redirect($c->uri_for(''));
}
WHERE uid = $1
});
eval{
- $query->execute($c->user->id,html_escape $c->req->param('birthday'));
+ my $birthday = html_escape $c->req->param('birthday');
+ $query->execute($c->user->id,$birthday);
};
if ($@){
if ($@ =~ /invalid input syntax for type date/){
my ( $self, $c ) = @_;
my $dbh = $c->model;
- if (length $c->req->param('pass') < 4) {
+ my $pass = $c->req->param('pass');
+ if (length $pass < 4) {
$c->flash(error => "Your password need to be at least 4 characters");
} else {
my $query = $dbh->prepare(q{UPDATE users SET password = $1
WHERE password = crypt($2,password) AND uid = $3
});
- $query->execute($c->req->param('pass'),$c->req->param('oldpass'),$c->user->id);
+ my $oldpass = $c->req->param('oldpass');
+ $query->execute($pass,$oldpass,$c->user->id);
$c->flash(error => "Old password was invalid") unless $query->rows;
}
my $email = $c->req->param('email');
- if ($email =~ /^s?$/) {
+ if ($email =~ /^\s*$/) {
my $update = $dbh->prepare(q{
UPDATE users SET email = NULL WHERE uid = $1;
});
my ( $self, $c ) = @_;
my $dbh = $c->model;
+ my $group = $c->req->param('group');
my $emails = $dbh->prepare(q{SELECT email FROM users
WHERE uid IN (SELECT uid FROM groupmembers WHERE gid = $1)
AND email is not null});
- $emails->execute($c->req->param('group'));
+ $emails->execute($group);
my @emails;
while (my $email = $emails->fetchrow_hashref){
push @emails,$email->{email};
}
+ my $subject = $c->req->param('subject');
+ my $message = $c->req->param('message');
my %mail = (
smtp => 'localhost',
BCC => (join ',',@emails),
From => 'NewDawn Command <nd@ruin.nu>',
'Content-type' => 'text/plain; charset="UTF-8"',
- Subject => $c->req->param('subject'),
- Message => $c->req->param('message'),
+ Subject => $subject,
+ Message => $message,
);
if (sendmail %mail) {
$c->flash(ok => \@emails);
}else {
$c->flash(error => $Mail::Sendmail::error);
- $c->flash(subject => $c->req->param('subject'));
- $c->flash(message => $c->req->param('message'));
+ $c->flash(subject => $subject);
+ $c->flash(message => $message);
}
$c->res->redirect($c->uri_for('mail'));
$c->req->parameters->{uid} = [$c->req->parameters->{uid}]
unless ref $c->req->parameters->{uid} eq 'ARRAY';
+ my $message = $c->req->param('message');
my $query = $dbh->prepare(q{INSERT INTO sms (uid,message,number)
(SELECT $1,$2, trim(leading '+' FROM sms) FROM users u WHERE uid = ANY ($3) AND sms SIMILAR TO '\+\d+' )});
- $query->execute($c->user->id,$c->req->param('message'),$c->req->parameters->{uid});
+ $query->execute($c->user->id,$message,$c->req->parameters->{uid});
$c->res->redirect($c->uri_for('sms'));
}
my ( $self, $c, $p ) = @_;
my $dbh = $c->model;
+ my $ns = $c->req->param('namespace');
+ my $name = $c->req->param('name');
+ my $text = $c->req->param('text');
eval {
$dbh->begin_work;
my $namespace = $dbh->selectrow_array(q{SELECT namespace
FROM wiki_namespace_access
WHERE namespace = $1 AND post AND gid IN (SELECT groups($2))
- },undef,$c->req->param('namespace'), $c->stash->{UID});
+ },undef,$ns, $c->stash->{UID});
my $query = $dbh->prepare(q{INSERT INTO wiki_pages (namespace,name) VALUES($1,$2) RETURNING wpid});
- $query->execute($namespace,$c->req->param('name'));
+ $query->execute($namespace,$name);
$wpid = $query->fetchrow;
}
$c->forward('findPage',[$wpid]);
RETURNING wprev
});
$c->req->params->{parent}||= undef;
- $query->execute($wpid,$c->req->param('parent'),$c->req->param('text')
- ,$c->req->param('comment'),$c->stash->{UID});
+ my $parent = $c->req->param('parent');
+ my $comment = $c->req->param('comment');
+ $query->execute($wpid,$parent,$text
+ ,$comment,$c->stash->{UID});
my $rev = $query->fetchrow;
$dbh->do(q{UPDATE wiki_pages SET wprev = $1 WHERE wpid = $2}
,undef,$rev,$wpid);
$c->forward('findPage') if $p;
$c->forward('findNamespaces');
- $c->stash->{page}->{namespace} = $c->req->param('namespace');
- $c->stash->{page}->{name} = $c->req->param('name');
+ $c->stash->{page}->{namespace} = $ns;
+ $c->stash->{page}->{name} = $name;
- $c->stash(text => $c->req->param('text'));
+ $c->stash(text => $text);
$c->stash(template => 'wiki/edit.tt2');
}
ORDER BY rank DESC
});
eval {
- $posts->execute($c->stash->{UID},$c->req->param('search'));
+ my $search = $c->req->param('search');
+ $posts->execute($c->stash->{UID},$search);
my @posts;
while (my $post = $posts->fetchrow_hashref){
push @posts,$post;