From 6b10271891d2cbafbad1446051fcf3866ea728e3 Mon Sep 17 00:00:00 2001
From: Intel <chemicstry@gmail.com>
Date: Mon, 29 Dec 2014 21:39:33 +0200
Subject: Core/Quests: Fixed WPE exploit that allowed to accept any quest

---
 src/server/game/Handlers/QuestHandler.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/server')

diff --git a/src/server/game/Handlers/QuestHandler.cpp b/src/server/game/Handlers/QuestHandler.cpp
index 851e6e89e97..08345bc59d7 100644
--- a/src/server/game/Handlers/QuestHandler.cpp
+++ b/src/server/game/Handlers/QuestHandler.cpp
@@ -455,6 +455,12 @@ void WorldSession::HandleQuestConfirmAccept(WorldPacket& recvData)
         if (!_player->IsInSameRaidWith(originalPlayer))
             return;
 
+        if (!!originalPlayer->CanShareQuest(questId))
+            return;
+
+        if (!_player->CanTakeQuest(quest, true))
+            return;
+
         if (_player->CanAddQuest(quest, true))
             _player->AddQuestAndCheckCompletion(quest, NULL); // NULL, this prevent DB script from duplicate running
 
-- 
cgit v1.2.3