Exploit fixes

Bind Wound was spammable via packet sending. You could buy a larger
stack than the max StackSize of an item from merchants that had
unlimited of those stackable items.

zone/client.cpp

@@ -2471,11 +2471,13 @@ void Client::LogMerchant(Client* player, Mob* merchant, uint32 quantity, uint32
 
 bool Client::BindWound(Mob* bindmob, bool start, bool fail){
 	EQApplicationPacket* outapp = 0;
-	if(!fail) {
+	if(!fail) 
+	{
 		outapp = new EQApplicationPacket(OP_Bind_Wound, sizeof(BindWound_Struct));
 		BindWound_Struct* bind_out = (BindWound_Struct*) outapp->pBuffer;
 		// Start bind
-		if(!bindwound_timer.Enabled()) {
+		if(!bindwound_timer.Enabled()) 
+		{
 			//make sure we actually have a bandage... and consume it.
 			int16 bslot = m_inv.HasItemByUse(ItemTypeBandage, 1, invWhereWorn|invWherePersonal);
 			if (bslot == INVALID_INDEX) {
@@ -2521,7 +2523,9 @@ bool Client::BindWound(Mob* bindmob, bool start, bool fail){
 					; // Binding self
 				}
 			}
-		} else {
+		} 
+		else if (bindwound_timer.Check()) // Did the timer finish? No? Then why the hell do they get free hpz?! -Lecht
+		{ 
 		// finish bind
 			// disable complete timer
 			bindwound_timer.Disable();