관리자 CSRF 취약점 수정

2015-11-24 16:12:22 +09:00
parent a75e00f9e0
commit bb1fd4d3ab
57 changed files with 191 additions and 64 deletions
--- a/adm/board_copy.php
+++ b/adm/board_copy.php
@ -8,11 +8,14 @@ $g5['title'] = '게시판 복사';
 include_once(G5_PATH.'/head.sub.php');
 ?>

+<script src="<?php echo G5_ADMIN_URL ?>/admin.js"></script>
+
 <div class="new_win">
    <h1><?php echo $g5['title']; ?></h1>

    <form name="fboardcopy" id="fboardcopy" action="./board_copy_update.php" onsubmit="return fboardcopy_check(this);" method="post">
    <input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table">
+    <input type="hidden" name="token" value="">

    <div class="tbl_frm01 tbl_wrap">
        <table>