관리자 CSRF 취약점 수정

2015-11-24 16:12:22 +09:00
parent a75e00f9e0
commit bb1fd4d3ab
57 changed files with 191 additions and 64 deletions
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@ -51,7 +51,7 @@ if ($_POST['act_button'] == "선택수정") {

    auth_check($auth[$sub_menu], 'd');

-    check_token();
+    check_admin_token();

    // _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함
    define('_BOARD_DELETE_', true);