쇼핑몰 관리자 CSRF 취약점 수정

2015-11-24 14:43:42 +09:00
parent bfaa429721
commit a155f4d659
34 changed files with 72 additions and 27 deletions
--- a/adm/shop_admin/orderformupdate.php
+++ b/adm/shop_admin/orderformupdate.php
@ -2,6 +2,8 @@
 $sub_menu = '400400';
 include_once('./_common.php');

+check_admin_token();
+
 if($_POST['mod_type'] == 'info') {
    $od_zip1   = substr($_POST['od_zip'], 0, 3);
    $od_zip2   = substr($_POST['od_zip'], 3);