diff --git a/templates/bonus.html b/templates/bonus.html
index 94a843b..4fb6061 100644
--- a/templates/bonus.html
+++ b/templates/bonus.html
@@ -7,7 +7,7 @@
       <div class="question">
         <span class="question-string">Geef een beveiligingsprobleem aan met deze website (<a href="https://github.com/Avans/Security-Quiz">source</a>)</span>
         <div class="points"><span class="question-points">0</span> punten (je naam vereeuwigd op deze website als hacker)</div>
-        <textarea class="question-input" name="answer_bonus_fix_this_site">{{answers.answer_bonus_fix_this_site}}</textarea>
+        <textarea class="question-input" name="answer_bonus_fix_this_site">{{answers.answer_bonus_fix_this_site.string}}</textarea>
       </div>
 
       <div class="alert alert-warning">Het daadwerkelijk uitvoeren van dergelijke hacks voor eigen gewin of verstoren van de functionaliteit van de website is <strong>niet toegestaan</strong>!</div>
diff --git a/templates/path.html b/templates/path.html
index f0d0614..54cf1bd 100644
--- a/templates/path.html
+++ b/templates/path.html
@@ -19,13 +19,13 @@
       <div class="question">
         <span class="question-string">Wat staat er in /etc/geheim.txt? (Het is een supersecret TODO item)</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <input class="question-input" name="answer_path_secret" value="{{ answers.answer_path_secret }}"></input>
+        <input class="question-input" name="answer_path_secret" value="{{ answers.answer_path_secret.string }}"></input>
       </div>
 
       <div class="question">
         <span class="question-string">Plak het script dat je hebt gebruikt</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <textarea class="question-input" name="answer_path_secret_script">{{ answers.answer_path_secret_script }}</textarea>
+        <textarea class="question-input" name="answer_path_secret_script">{{ answers.answer_path_secret_script.string }}</textarea>
       </div>
 
 
@@ -38,7 +38,7 @@
       <div class="question">
         <span class="question-string">Met welke URL kan je nu rechtstreeks de inhoud van /etc/geheim.txt uitlezen?</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <input class="question-input" name="answer_path_image_url" value="{{ answers.answer_path_image_url }}">
+        <input class="question-input" name="answer_path_image_url" value="{{ answers.answer_path_image_url.string }}">
       </div>
 
       <p>Verander image.php in image_check_prefix.php (<a href="https://github.com/Avans/Security-Workshop/blob/master/image/image_check_prefix.php">source</a>) . In dit bestand is een extra beveiliging die checkt of het pad begint met de map 'uploads'</p>
@@ -46,7 +46,7 @@
       <div class="question">
         <span class="question-string">Met welke URL kan je met dit meer 'beveiligde' script de inhoud van /etc/geheim.txt uitlezen?</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <input class="question-input" name="answer_path_image_url_prefix" value="{{ answers.answer_path_image_url_prefix }}">
+        <input class="question-input" name="answer_path_image_url_prefix" value="{{ answers.answer_path_image_url_prefix.string }}">
       </div>
 
       <p>Verander de bestandsnaam in image_remove_traversal.php (<a href="https://github.com/Avans/Security-Workshop/blob/master/image/image_remove_traversal.php">source</a>) , dit script heeft nu een beveiliging die alle '../' uit de string verwijderd zodat je niet meer ../ in de URL kan gebruiken.</p>
@@ -56,7 +56,7 @@
       <div class="question">
         <span class="question-string">Met welke URL kan je via het image_remove_traversal.php script de inhoud van /etc/geheim.txt uitlezen?</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <input class="question-input" name="answer_path_image_url_remove_traversal" value="{{ answers.answer_path_image_url_remove_traversal }}">
+        <input class="question-input" name="answer_path_image_url_remove_traversal" value="{{ answers.answer_path_image_url_remove_traversal.string }}">
       </div>
 
       <p>Zoek op internet naar 'Directory traversal' en zoek uit wat voor technieken er nog meer mogelijk zijn.</p>
@@ -64,7 +64,7 @@
       <div class="question">
         <span class="question-string">Beschrijf hoe jij de site zou programmeren zodat alle directory traversal aanvallen niet meer mogelijk zijn.</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <textarea class="question-input" name="answer_path_image_fix">{{ answers.answer_path_image_fix }}</textarea>
+        <textarea class="question-input" name="answer_path_image_fix">{{ answers.answer_path_image_fix.string }}</textarea>
       </div>
 
       <img src="/static/img/parent_dir.png" class="center-block">
@@ -80,7 +80,7 @@
       <div class="question">
         <span class="question-string">Beschrijf hoe je met deze site de inhoud van /etc/geheim.txt kan achterhalen</span>
         <div class="points"><span class="question-points">0</span> punten</div>
-        <textarea class="question-input" name="answer_path_include_explain">{{ answers.answer_path_include_explain }}</textarea>
+        <textarea class="question-input" name="answer_path_include_explain">{{ answers.answer_path_include_explain.string }}</textarea>
       </div>
 
 {% endblock %}
\ No newline at end of file
diff --git a/templates/points.html b/templates/points.html
new file mode 100644
index 0000000..d0b1403
--- /dev/null
+++ b/templates/points.html
@@ -0,0 +1,7 @@
+<div class="points">
+  {% if points != None %}
+    <i>{{ points }} van de {{ max }} punten</i>
+  {% else %}
+    <span class="question-points">{{ max }}</span> punten
+  {% endif %}
+</div>
\ No newline at end of file
diff --git a/templates/sql.html b/templates/sql.html
index 46c92c7..f969dad 100644
--- a/templates/sql.html
+++ b/templates/sql.html
@@ -102,38 +102,38 @@
 
       <div class="question">
         <span class="question-string">Hoeveel geld heeft Alice op haar rekening staan?</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" name="answer_sql_money_alice" value="{{ answers.answer_sql_money_alice }}"></input>
+        {% include "points.html" with points=answers.answer_sql_money_alice.points max="5" %}
+        <input class="question-input" name="answer_sql_money_alice" value="{{ answers.answer_sql_money_alice.string }}"></input>
       </div>
 
       <div class="question">
         <span class="question-string">Wat heb je als gebruikersnaam ingevuld om zonder wachtwoord in te loggen als Alice?</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" name="answer_sql_username_alice" value="{{answers.answer_sql_username_alice}}"></input>
+        {% include "points.html" with points=answers.answer_sql_username_alice.points max="10" %}
+        <input class="question-input" name="answer_sql_username_alice" value="{{answers.answer_sql_username_alice.string}}"></input>
       </div>
 
       <p>Waarschijnlijk heb je SQL commentaar (--) gebruikt in de vorige opdracht. Voer nu een andere SQL injectie uit door alleen het wachtwoord veld te gebruiken. Gebruik niet de SQL commentaar techniek maar verander nu de logica van de query (AND, OR) zodat er niet meer gecontroleerd wordt op het wachtwoord.</p>
 
       <div class="question">
         <span class="question-string">Met welk 'wachtwoord' lukt het altijd om in te loggen? (gebruikersnaam moet je leeglaten)</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" name="answer_sql_always_password" value="{{answers.answer_sql_always_password}}"></input>
+        {% include "points.html" with points=answers.answer_sql_always_password.points max="10" %}
+        <input class="question-input" name="answer_sql_always_password" value="{{answers.answer_sql_always_password.string}}"></input>
       </div>
 
       <p class="hint"><strong>Hint:</strong> Maak er een query van die alle gebruikers teruggeeft, de site logt dan in als de eerste gebruiker. Het maakt voor de opdracht niet uit als wie je inlogt.</p>
 
       <div class="question">
         <span class="question-string">Bekijk de <a href="https://github.com/Avans/Security-Workshop/blob/master/bank/index.php#L51" target="_blank">PHP broncode</a> en los het probleem op. Type de regels code die je verbeterd hebt in onderstaand tekstveld. (denk terug aan je mysql WEBS2 practicum)</span>
-        <div class="points"><span class="question-points">15</span> punten</div>
-        <textarea class="question-input" name="answer_sql_fix_query">{{answers.answer_sql_fix_query}}</textarea>
+        {% include "points.html" with points=answers.answer_sql_fix_query.points max="15" %}
+        <textarea class="question-input" name="answer_sql_fix_query">{{answers.answer_sql_fix_query.string}}</textarea>
       </div>
 
 <p>Open de <span class="website">"Bank (multi_query)"</span> pagina. Op deze pagina werken ook SQL Injection technieken die gebruik maken van meerdere queries (queries gescheiden door een ; ).</p>
 
       <div class="question">
         <span class="question-string">Met welke <i>"gebruikersnaam"</i> kan je (alleen) Bob miljonair maken? (Het saldo staat in een kolom "balans")</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" name="answer_sql_bob_millionaire" value="{{answers.answer_sql_bob_millionaire}}"></input>
+        {% include "points.html" with points=answers.answer_sql_bob_millionaire.points max="10" %}
+        <input class="question-input" name="answer_sql_bob_millionaire" value="{{answers.answer_sql_bob_millionaire.string}}"></input>
       </div>
 
       <img src="/static/img/bank_schema.png">
@@ -156,20 +156,20 @@
 
       <div class="question">
         <span class="question-string">Wat zijn de gebruikersnamen en wachtwoorden van de 4 gebruikers in de database? (de id's van de gebruikers zijn 1,2,3 en 4)</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <textarea class="question-input" name="answer_sql_usernames_passwords_webshop">{{answers.answer_sql_usernames_passwords_webshop}}</textarea>
+        {% include "points.html" with points=answers.answer_sql_usernames_passwords_webshop.points max="5" %}
+        <textarea class="question-input" name="answer_sql_usernames_passwords_webshop">{{answers.answer_sql_usernames_passwords_webshop.string}}</textarea>
       </div>
 
       <div class="question">
         <span class="question-string">Met welke URL heb je het wachtwoord van Marco achterhaald?</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" type="url" name="answer_sql_url_marco_password" value="{{answers.answer_sql_url_marco_password}}"></input>
+        {% include "points.html" with points=answers.answer_sql_url_marco_password.points max="10" %}
+        <input class="question-input" type="url" name="answer_sql_url_marco_password" value="{{answers.answer_sql_url_marco_password.string}}"></input>
       </div>
 
       <div class="question">
         <span class="question-string">Bekijk de <a href="https://github.com/Avans/Security-Workshop/blob/master/webshop/product_detail.php#L62" target="_blank">broncode</a> en verbeter deze zodat je geen SQL injection meer kan gebruiken.</span>
-        <div class="points"><span class="question-points">15</span> punten</div>
-        <textarea class="question-input" name="answer_sql_fix_injection_webshop">{{answers.answer_sql_fix_injection_webshop}}</textarea>
+        {% include "points.html" with points=answers.answer_sql_fix_injection_webshop.points max="15" %}
+        <textarea class="question-input" name="answer_sql_fix_injection_webshop">{{answers.answer_sql_fix_injection_webshop.string}}</textarea>
       </div>
 
       <p>Open de pagina <span class="website">"Webshop (replace)"</span>. De maker van deze website heeft extra maatregelen genomen en woorden als SELECT en UNION uit de invoer gefilterd.</p>
@@ -178,8 +178,8 @@
 
       <div class="question">
         <span class="question-string">Met welke URL kan je nu het wachtwoord van Marco achterhalen?</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" type="url" name="answer_sql_url_marco_replace_password" value="{{answers.answer_sql_url_marco_replace_password}}"></input>
+        {% include "points.html" with points=answers.answer_sql_url_marco_replace_password.points max="5" %}
+        <input class="question-input" type="url" name="answer_sql_url_marco_replace_password" value="{{answers.answer_sql_url_marco_replace_password.string}}"></input>
       </div>
 
       <h2>Wereldwijs</h2>
@@ -190,14 +190,14 @@
 
       <div class="question">
         <span class="question-string">Wat is het onderwerp van de geheime pagina?</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" name="answer_sql_wereldwijs_title" value="{{answers.answer_sql_wereldwijs_title}}"></input>
+        {% include "points.html" with points=answers.answer_sql_wereldwijs_title.points max="5" %}
+        <input class="question-input" name="answer_sql_wereldwijs_title" value="{{answers.answer_sql_wereldwijs_title.string}}"></input>
       </div>
 
       <div class="question">
         <span class="question-string">Met welke URL heb je de website de geheime pagina laten tonen?</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <textarea class="question-input" type="url" name="answer_sql_wereldwijs_url">{{answers.answer_sql_wereldwijs_url}}</textarea>
+        {% include "points.html" with points=answers.answer_sql_wereldwijs_url.points max="10" %}
+        <textarea class="question-input" type="url" name="answer_sql_wereldwijs_url">{{answers.answer_sql_wereldwijs_url.string}}</textarea>
       </div>
 
 {% endblock %}
diff --git a/templates/wachtwoorden.html b/templates/wachtwoorden.html
index 53b5085..693eace 100644
--- a/templates/wachtwoorden.html
+++ b/templates/wachtwoorden.html
@@ -33,14 +33,14 @@
 
       <div class="question">
         <span class="question-string">Je hebt uit een database het volgende gehashte wachtwoord gehaald: d59084b66e167f13bef93b1a5d07acd2 Welk wachtwoord had deze gebruiker?</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" name="answer_password_crack" value="{{answers.answer_password_crack}}">
+        {% include "points.html" with points=answers.answer_password_crack.points max="5" %}
+        <input class="question-input" name="answer_password_crack" value="{{answers.answer_password_crack.string}}">
       </div>
 
       <div class="question">
         <span class="question-string">Hoe had de programmeur kunnen voorkomen dat jij achter het wachtwoord kon komen?</span>
-        <div class="points"><span class="question-points">15</span> punten</div>
-        <textarea class="question-input" name="answer_password_crack_prevent">{{answers.answer_password_crack_prevent}}</textarea>
+        {% include "points.html" with points=answers.answer_password_crack_prevent.points max="15" %}
+        <textarea class="question-input" name="answer_password_crack_prevent">{{answers.answer_password_crack_prevent.string}}</textarea>
       </div>
 
       <h2>Nieuws</h2>
@@ -56,14 +56,14 @@
 
       <div class="question">
         <span class="question-string">Wat is het wachtwoord van Pete?</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" name="answer_password_pete" value="{{answers.answer_password_pete}}">
+        {% include "points.html" with points=answers.answer_password_pete.points max="5" %}
+        <input class="question-input" name="answer_password_pete" value="{{answers.answer_password_pete.string}}">
       </div>
 
       <div class="question">
         <span class="question-string">Hoe had de programmeur kunnen voorkomen dat een hacker kon zien dat al deze gebruikers hetzelfde wachtwoord hebben?</span>
-        <div class="points"><span class="question-points">15</span> punten</div>
-        <textarea class="question-input" name="answer_password_brute_force_prevent">{{answers.answer_password_brute_force_prevent}}</textarea>
+        {% include "points.html" with points=answers.answer_password_brute_force_prevent.points max="15" %}
+        <textarea class="question-input" name="answer_password_brute_force_prevent">{{answers.answer_password_brute_force_prevent.string}}</textarea>
       </div>
 
       <p>Na een hoop manuren werk heeft Nieuws.nl hun huiswerk gedaan en slaan ze dit keer wachtwoorden op een echt veilige manier op. Niemand die dit keer de site kan kraken! Eindelijk kunnen mensen weer inloggen en gebruik maken van hun account, de site wordt feestelijk weer geopend.</p>
@@ -82,8 +82,8 @@
 
       <div class="question">
         <span class="question-string">Welke fout hebben de programmeurs van Nieuws.nl gemaakt? Beschrijf kort hoe je de site kan programmeren om deze aanval te voorkomen.</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <textarea class="question-input" name="answer_password_brute_force_login">{{answers.answer_password_brute_force_login}}</textarea>
+        {% include "points.html" with points=answers.answer_password_brute_force_login.points max="10" %}
+        <textarea class="question-input" name="answer_password_brute_force_login">{{answers.answer_password_brute_force_login.string}}</textarea>
       </div>
 
       <img src="/static/img/password2.jpg" class="center-block">
@@ -96,8 +96,8 @@
 
       <div class="question">
         <span class="question-string">Copy-paste het stukje PHP code waarmee je wachtwoorden opslaat en leg uit welke technieken je hebt gebruikt om dit veilig te doen.</span>
-        <div class="points"><span class="question-points">15</span> punten</div>
-        <textarea class="question-input" name="answer_password_project">{{answers.answer_password_project}}</textarea>
+        {% include "points.html" with points=answers.answer_password_project.points max="15" %}
+        <textarea class="question-input" name="answer_password_project">{{answers.answer_password_project.string}}</textarea>
       </div>
 
 <script>
diff --git a/templates/xss.html b/templates/xss.html
index 4d1ea3f..d27dc0c 100644
--- a/templates/xss.html
+++ b/templates/xss.html
@@ -90,20 +90,20 @@ figcaption {
 
       <div class="question">
         <span class="question-string">Maak een URL die Javascript aan de pagina toevoegd zodat deze 'XSS' in een alert-dialoog weergeeft.</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" type="url" name="answer_xss_add_alert" value="{{answers.answer_xss_add_alert}}">
+        {% include "points.html" with points=answers.answer_xss_add_alert.points max="5" %}
+        <input class="question-input" type="url" name="answer_xss_add_alert" value="{{answers.answer_xss_add_alert.string}}">
       </div>
 
       <div class="question">
         <span class="question-string">Maak een URL die een nep inlogformulier laat zien. Bij het verzenden van dit formulier wordt de informatie naar jouw eigen website verstuurd! Je hoeft informatie nog niet op te vangen. Dat doe je straks wel!</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" type="url" name="answer_xss_fake_form" value="{{answers.answer_xss_fake_form}}">
+        {% include "points.html" with points=answers.answer_xss_fake_form.points max="10" %}
+        <input class="question-input" type="url" name="answer_xss_fake_form" value="{{answers.answer_xss_fake_form.string}}">
       </div>
 
       <div class="question">
         <span class="question-string">Bekijk de <a href="https://github.com/Avans/Security-Workshop/blob/master/bank/message.php#L38" target="_blank">broncode</a>. Voeg een fix toe om deze aanval te voorkomen.</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <textarea class="question-input" name="answer_xss_fix_bank">{{answers.answer_xss_fix_bank}}</textarea>
+        {% include "points.html" with points=answers.answer_xss_fix_bank.points max="10" %}
+        <textarea class="question-input" name="answer_xss_fix_bank">{{answers.answer_xss_fix_bank.string}}</textarea>
       </div>
 
       <p>Een slimme gebruiker ziet aan de URL nu natuurlijk meteen dat er iets verdachts aan de hand is. Maar het is met een beetje extra Javascript mogelijk om de URL te veranderen zodat deze er weer onschuldig uitziet.</p>
@@ -112,8 +112,8 @@ figcaption {
 
       <div class="question">
         <span class="question-string">Maak weer een URL die een nep inlogformulier laat zien, en zorg ervoor dat in de adresbalk de URL van de echte inlogpagina komt te staan.</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" type="url" name="answer_xss_fake_form_fake_url" value="{{answers.answer_xss_fake_form_fake_url}}">
+        {% include "points.html" with points=answers.answer_xss_fake_form_fake_url.points max="10" %}
+        <input class="question-input" type="url" name="answer_xss_fake_form_fake_url" value="{{answers.answer_xss_fake_form_fake_url.string}}">
       </div>
 
       <h2>Webshop</h2>
@@ -135,22 +135,22 @@ figcaption {
 
       <div class="question">
         <span class="question-string">Met welke URL kan je de sessie cookies van gebruikers ontfutselen? (Dus doorsturen naar je eigen site)</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" type="url" name="answer_xss_url_redirect" value="{{answers.answer_xss_url_redirect}}">
+        {% include "points.html" with points=answers.answer_xss_url_redirect.points max="10" %}
+        <input class="question-input" type="url" name="answer_xss_url_redirect" value="{{answers.answer_xss_url_redirect.string}}">
       </div>
 
       <p class="hint"><strong>Hint:</strong> Op <a href="http://jdstiles.com/java/cct.html" target="_blank">deze site</a> kan je Javascript zonder quotejes genereren</a></p>
 
       <div class="question">
         <span class="question-string">Verander de url naar image_zoom_escapehtml.php. Alle speciale HTML tekens (&lt;&gt;"&amp;) zijn nu geëscapet. Maar het is nog steeds mogelijk om een aanval uit te voeren! Maak een nieuwe URL die de sessie cookie naar je eigen website verstuurd. Let goed op de quotejes.</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" type="url" name="answer_xss_url_redirect_escape" value="{{answers.answer_xss_url_redirect_escape}}">
+        {% include "points.html" with points=answers.answer_xss_url_redirect_escape.points max="10" %}
+        <input class="question-input" type="url" name="answer_xss_url_redirect_escape" value="{{answers.answer_xss_url_redirect_escap.string}}">
       </div>
 
       <div class="question">
         <span class="question-string">Bekijk de <a href="https://github.com/Avans/Security-Workshop/blob/master/webshop/image_zoom_escapehtml.php#L49" target="_blank">broncode</a>. Voeg een simpele fix toe die dit probleem oplost. Je kan dit op twee manieren doen: 1. HTML aanpassen 2. PHP aanpassen (lees documentatie op <a href="http://php.net/htmlspecialchars" target="_blank">http://php.net/htmlspecialchars</a> )</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <textarea class="question-input" name="answer_xss_webshop_fix">{{answers.answer_xss_webshop_fix}}</textarea>
+        {% include "points.html" with points=answers.answer_xss_webshop_fix.points max="10" %}
+        <textarea class="question-input" name="answer_xss_webshop_fix">{{answers.answer_xss_webshop_fix.string}}</textarea>
       </div>
 
 
@@ -174,20 +174,20 @@ figcaption {
 
       <div class="question">
         <span class="question-string">Welke reactie heb je geplaatst waardoor je achter de cookie van de administrator kwam?</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <textarea class="question-input" name="answer_xss_news_reaction">{{answers.answer_xss_news_reaction}}</textarea>
+        {% include "points.html" with points=answers.answer_xss_news_reaction.points max="10" %}
+        <textarea class="question-input" name="answer_xss_news_reaction">{{answers.answer_xss_news_reaction.string}}</textarea>
       </div>
 
       <div class="question">
         <span class="question-string">Wat is de geheime code die alleen administrators kunnen zien?</span>
-        <div class="points"><span class="question-points">5</span> punten</div>
-        <input class="question-input" name="answer_xss_news_secret_code" value="{{answers.answer_xss_news_secret_code}}">
+        {% include "points.html" with points=answers.answer_xss_news_secret_code.points max="5" %}
+        <input class="question-input" name="answer_xss_news_secret_code" value="{{answers.answer_xss_news_secret_code.string}}">
       </div>
 
       <div class="question">
         <span class="question-string">Plak het script dat je op je eigen website hebt gebruikt waarmee je de cookie van de admin hebt vastgelegd.</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <textarea class="question-input" name="answer_xss_news_script">{{answers.answer_xss_news_script}}</textarea>
+        {% include "points.html" with points=answers.answer_xss_news_script.points max="10" %}
+        <textarea class="question-input" name="answer_xss_news_script">{{answers.answer_xss_news_script.string}}</textarea>
       </div>
 
       <h2>Wereldwijs</h2>
@@ -200,8 +200,8 @@ figcaption {
 
       <div class="question">
         <span class="question-string">Met welke URL kan je 'XSS' in een alert printen?</span>
-        <div class="points"><span class="question-points">10</span> punten</div>
-        <input class="question-input" type="url" name="answer_xss_jquery" value="{{answers.answer_xss_jquery}}">
+        {% include "points.html" with points=answers.answer_xss_jquery.points max="10" %}
+        <input class="question-input" type="url" name="answer_xss_jquery" value="{{answers.answer_xss_jquery.string}}">
       </div>
 
 
diff --git a/views.py b/views.py
index 69196ec..944d843 100644
--- a/views.py
+++ b/views.py
@@ -97,7 +97,8 @@ def home(request, url):
     answers = Answer.objects.filter(user=request.user)
     answers_dict = {}
     for answer in answers:
-        answers_dict[answer.question] = answer.string
+
+        answers_dict[answer.question] = {'string': answer.string, 'points': answer.points}
 
     if url == 'sql' or url == '':
         template = 'sql.html'