댓글 삭제 토큰 코드 수정
This commit is contained in:
chicpro
@ -2,8 +2,8 @@
|
|||||||
// 코멘트 삭제
|
// 코멘트 삭제
|
||||||
include_once('./_common.php');
|
include_once('./_common.php');
|
||||||
|
|
||||||
$delete_comment_token = get_session('ss_delete_comment_token');
|
$delete_comment_token = get_session('ss_delete_comment_'.$comment_id.'_token');
|
||||||
set_session('ss_delete_comment_token', '');
|
set_session('ss_delete_comment_'.$comment_id.'_token', '');
|
||||||
|
|
||||||
if (!($token && $delete_comment_token == $token))
|
if (!($token && $delete_comment_token == $token))
|
||||||
alert('토큰 에러로 삭제 불가합니다.');
|
alert('토큰 에러로 삭제 불가합니다.');
|
||||||
|
|||||||
@ -14,7 +14,7 @@ switch ($w) {
|
|||||||
$return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$wr_id;
|
$return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$wr_id;
|
||||||
break;
|
break;
|
||||||
case 'x' :
|
case 'x' :
|
||||||
set_session('ss_delete_comment_token', $token = uniqid(time()));
|
set_session('ss_delete_comment_'.$comment_id.'_token', $token = uniqid(time()));
|
||||||
$action = './delete_comment.php?token='.$token;
|
$action = './delete_comment.php?token='.$token;
|
||||||
$row = sql_fetch(" select wr_parent from $write_table where wr_id = '$comment_id' ");
|
$row = sql_fetch(" select wr_parent from $write_table where wr_id = '$comment_id' ");
|
||||||
$return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$row['wr_parent'];
|
$return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$row['wr_parent'];
|
||||||
|
|||||||
@ -73,7 +73,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
|
|||||||
{
|
{
|
||||||
if ($row['mb_id'] == $member['mb_id'] || $is_admin)
|
if ($row['mb_id'] == $member['mb_id'] || $is_admin)
|
||||||
{
|
{
|
||||||
set_session('ss_delete_comment_token', $token = uniqid(time()));
|
set_session('ss_delete_comment_'.$row['wr_id'].'_token', $token = uniqid(time()));
|
||||||
$list[$i]['del_link'] = './delete_comment.php?bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
|
$list[$i]['del_link'] = './delete_comment.php?bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
|
||||||
$list[$i]['is_edit'] = true;
|
$list[$i]['is_edit'] = true;
|
||||||
$list[$i]['is_del'] = true;
|
$list[$i]['is_del'] = true;
|
||||||
@ -82,7 +82,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (!$row['mb_id']) {
|
if (!$row['mb_id']) {
|
||||||
$list[$i]['del_link'] = './password.php?w=x&bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
|
$list[$i]['del_link'] = './password.php?w=x&bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&page='.$page.$qstr;
|
||||||
$list[$i]['is_del'] = true;
|
$list[$i]['is_del'] = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user