no need to use nbsp, and better to just sit it to null

[ndwebbie.git] / ND / Web / Pages / Users.pm

diff --git a/ND/Web/Pages/Users.pm b/ND/Web/Pages/Users.pm
index 34a62bd948cd3abce1a655c4d9c3824c9f48f6af..42e09a709f91308c2e2d0c14316ac900771aacd4 100644 (file)
--- a/ND/Web/Pages/Users.pm
+++ b/ND/Web/Pages/Users.pm
@@ -40,7 +40,7 @@ sub render_body {
        my $user;
        if (defined param('user') && param('user') =~ /^(\d+)$/){
                my $query = $DBH->prepare(q{
-                       SELECT uid,username,hostmask,coords(x,y,z) AS planet,attack_points,defense_points,scan_points,humor_points  
+                       SELECT uid,username,hostmask,coords(x,y,z) AS planet,attack_points,defense_points,scan_points,humor_points,info 
                        FROM users u LEFT OUTER JOIN current_planet_stats p ON u.planet = p.id
                        WHERE uid = ?;
                        }) or $error .= "<p> Something went wrong: </p>";
@@ -51,7 +51,7 @@ sub render_body {
        if ($user && defined param('cmd') && param('cmd') eq 'change'){
                $DBH->begin_work;
                for my $param (param()){
-                       if ($param =~ /^c:(\w+)$/){
+                       if ($param =~ /^c:(planet|\w+_points|hostmask|info|username)$/){
                                my $column = $1;
                                my $value = param($column);
                                if ($column eq 'planet'){
@@ -106,6 +106,7 @@ sub render_body {
                $BODY->param(Defense_points => $user->{defense_points});
                $BODY->param(Scan_points => $user->{scan_points});
                $BODY->param(humor_points => $user->{humor_points});
+               $BODY->param(info => escapeHTML $user->{info});
 
                my $groups = $DBH->prepare(q{SELECT g.gid,g.groupname,uid FROM groups g LEFT OUTER JOIN (SELECT gid,uid FROM groupmembers WHERE uid = ?) AS gm ON g.gid = gm.gid});
                $groups->execute($user->{uid});