Prevent users bypassing extension limits by using range

2015-04-07 23:50:36 +00:00 · 2015-04-07 23:50:36 +00:00 · cd91c1e7d9
parent 1747103a66
commit cd91c1e7d9
1 changed files with 5 additions and 1 deletions
--- a/app/extensions/extension_edit.php
+++ b/app/extensions/extension_edit.php
@ -327,6 +327,10 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 				$user_context = $_SESSION['domain_name'];
 			}
 		}
+	//Prevent users from bypassing extension limit by using range
+	if ($total_extensions + $range > $_SESSION['limit']['extensions']['numeric']){
+		$range = $_SESSION['limit']['extensions']['numeric'] - $total_extensions;
+	}

 	//add or update the database
 	if ($_POST["persistformvar"] != "true") {
@ -1832,4 +1836,4 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 //include the footer
 	require_once "resources/footer.php";

-?>
+?>