X-Git-Url: https://ruin.nu/git/?a=blobdiff_plain;f=ND%2FWeb%2FPages%2FUsers.pm;h=42e09a709f91308c2e2d0c14316ac900771aacd4;hb=103c3c2ed9ccd4f5ef95a1f8ea7f700a7a38e2cd;hp=34a62bd948cd3abce1a655c4d9c3824c9f48f6af;hpb=571b019af4b9e3e051447f82135bb630a4fb4db8;p=ndwebbie.git

diff --git a/ND/Web/Pages/Users.pm b/ND/Web/Pages/Users.pm
index 34a62bd..42e09a7 100644
--- a/ND/Web/Pages/Users.pm
+++ b/ND/Web/Pages/Users.pm
@@ -40,7 +40,7 @@ sub render_body {
 	my $user;
 	if (defined param('user') && param('user') =~ /^(\d+)$/){
 		my $query = $DBH->prepare(q{
-			SELECT uid,username,hostmask,coords(x,y,z) AS planet,attack_points,defense_points,scan_points,humor_points  
+			SELECT uid,username,hostmask,coords(x,y,z) AS planet,attack_points,defense_points,scan_points,humor_points,info 
 			FROM users u LEFT OUTER JOIN current_planet_stats p ON u.planet = p.id
 			WHERE uid = ?;
 			}) or $error .= "<p> Something went wrong: </p>";
@@ -51,7 +51,7 @@ sub render_body {
 	if ($user && defined param('cmd') && param('cmd') eq 'change'){
 		$DBH->begin_work;
 		for my $param (param()){
-			if ($param =~ /^c:(\w+)$/){
+			if ($param =~ /^c:(planet|\w+_points|hostmask|info|username)$/){
 				my $column = $1;
 				my $value = param($column);
 				if ($column eq 'planet'){
@@ -106,6 +106,7 @@ sub render_body {
 		$BODY->param(Defense_points => $user->{defense_points});
 		$BODY->param(Scan_points => $user->{scan_points});
 		$BODY->param(humor_points => $user->{humor_points});
+		$BODY->param(info => escapeHTML $user->{info});
 
 		my $groups = $DBH->prepare(q{SELECT g.gid,g.groupname,uid FROM groups g LEFT OUTER JOIN (SELECT gid,uid FROM groupmembers WHERE uid = ?) AS gm ON g.gid = gm.gid});
 		$groups->execute($user->{uid});