게시글 CSRF 취약점(16-749 16-750) 수정

2016-10-05 10:34:07 +09:00
parent 468cca81d1
commit b69720836b
6 changed files with 92 additions and 2 deletions
--- a/bbs/write_token.php
+++ b/bbs/write_token.php
@ -0,0 +1,13 @@
+<?php
+include_once('./_common.php');
+include_once(G5_LIB_PATH.'/json.lib.php');
+
+if(!$bo_table)
+   die(json_encode(array('error'=>'게시판 정보가 올바르지 않습니다.', 'url'=>G5_URL)));
+
+set_session('ss_write_'.$bo_table.'_token', '');
+
+$token = get_write_token($bo_table);
+
+die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>'')));
+?>