diff --git a/spieler.php b/spieler.php
index 214fccb5..b507ee61 100644
--- a/spieler.php
+++ b/spieler.php
@@ -27,6 +27,16 @@ if(isset($_GET['newdid'])) {
 else {
 	$building->procBuild($_GET);
 }
+ 	
+if(isset($_POST['uid'])){
+if($_POST['uid'] != $session->uid){
+	die();
+  header("Location: ".$_SERVER['PHP_SELF']);
+}elseif($_POST['uid'] == $session->uid){
+    $database->updateUserField($session->uid,"password",md5($_POST['pw']),1);
+  header("Location: ".$_SERVER['PHP_SELF']);
+}
+}
 if(isset($_GET['s'])){
 $automation->isWinner();
 }