게시글 댓글 삭제 때 토큰 체크 추가

2016-06-24 17:17:02 +09:00
parent e724ef7291
commit 2a9e72da41
5 changed files with 20 additions and 24 deletions
--- a/bbs/password.php
+++ b/bbs/password.php
@ -9,11 +9,13 @@ switch ($w) {
        $return_url = './board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id;
        break;
    case 'd' :
-        $action = './delete.php';
+        set_session('ss_delete_token', $token = uniqid(time()));
+        $action = './delete.php?token='.$token;
        $return_url = './board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id;
        break;
    case 'x' :
-        $action = './delete_comment.php';
+        set_session('ss_delete_comment_token', $token = uniqid(time()));
+        $action = './delete_comment.php?token='.$token;
        $row = sql_fetch(" select wr_parent from $write_table where wr_id = '$comment_id' ");
        $return_url = './board.php?bo_table='.$bo_table.'&amp;wr_id='.$row['wr_parent'];
        break;