summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-10-23 02:21:00 +0200
committerMichael Tänzer <neo@nhng.de>2011-10-23 02:21:00 +0200
commitefe894174daea27745c2db57279972174f3f387a (patch)
treedbc04ec5ff3ceae281a49f2dc6fb19bfef9d6917 /www
parent5c12fb422ce9a446f9ccef4eba5070d9a33739a9 (diff)
downloadcacert-devel-efe894174daea27745c2db57279972174f3f387a.tar.gz
cacert-devel-efe894174daea27745c2db57279972174f3f387a.tar.xz
cacert-devel-efe894174daea27745c2db57279972174f3f387a.zip
bug 894: Limiting the points is still critical as the points are also used
for authorization (e.g. maxpoints() relies on the value of sum(`points`) to calculate the points an assurer may issue) Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'www')
-rw-r--r--www/wot.php3
1 files changed, 1 insertions, 2 deletions
diff --git a/www/wot.php b/www/wot.php
index eef8b38..61fbc1b 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -252,14 +252,13 @@ $iecho= "c";
$_POST['expire'] = 0;
-/* should not be necessary when 15.php is being used
if(($drow['total'] + $newpoints) > 100 && $max < 100)
$newpoints = 100 - $drow['total'];
if(($drow['total'] + $newpoints) > $max && $max >= 100)
$newpoints = $max - $drow['total'];
if($newpoints < 0)
$newpoints = 0;
-*/
+
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
$_POST['date'] = date("Y-m-d H:i:s");