From efe894174daea27745c2db57279972174f3f387a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Sun, 23 Oct 2011 02:21:00 +0200
Subject: bug 894: Limiting the points is still critical as the points are also
 used for authorization (e.g. maxpoints() relies on the value of sum(`points`)
 to calculate the points an assurer may issue)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 www/wot.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/www/wot.php b/www/wot.php
index eef8b38..61fbc1b 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -252,14 +252,13 @@ $iecho= "c";
 
 		$_POST['expire'] = 0;
 
-/* should not be necessary when 15.php is being used
 		if(($drow['total'] + $newpoints) > 100 && $max < 100)
 			$newpoints = 100 - $drow['total'];
 		if(($drow['total'] + $newpoints) > $max && $max >= 100)
 			$newpoints = $max - $drow['total'];
 		if($newpoints < 0)
 			$newpoints = 0;
-*/	
+		
 		if(mysql_escape_string(stripslashes($_POST['date'])) == "")
 			$_POST['date'] = date("Y-m-d H:i:s");
 
-- 
cgit v1.2.1