firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

관리자 CSRF 취약점 수정

Browse Source
This commit is contained in:
chicpro
2015-11-23 18:22:10 +09:00
parent 976c9d0f9b
commit 32d09cff7d
49 changed files with 179 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
adm/contentformupdate.php
View File

@ -5,10 +5,13 @@ include_once('./_common.php');
if ($w == "u" || $w == "d")
check_demo();
if ($w == 'd')
if ($w == 'd') {
admin_referer_check();
auth_check($auth[$sub_menu], "d");
else
} else {
check_admin_token();
auth_check($auth[$sub_menu], "w");
}
@mkdir(G5_DATA_PATH."/content", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH."/content", G5_DIR_PERMISSION);