댓글 수정 CSRF 취약점 수정

2016-08-08 17:44:29 +09:00
parent 15bd8b9632
commit ec32f64bc4
11 changed files with 55 additions and 0 deletions
--- a/theme/basic/mobile/skin/board/basic/view_comment.skin.php
+++ b/theme/basic/mobile/skin/board/basic/view_comment.skin.php
@ -250,6 +250,8 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대

        <?php if($is_guest) echo chk_captcha_js(); ?>

+        set_comment_token(f);
+
        document.getElementById("btn_submit").disabled = "disabled";

        return true;
--- a/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
+++ b/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
@ -250,6 +250,8 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대

        <?php if($is_guest) echo chk_captcha_js(); ?>

+        set_comment_token(f);
+
        document.getElementById("btn_submit").disabled = "disabled";

        return true;
--- a/theme/basic/skin/board/basic/view_comment.skin.php
+++ b/theme/basic/skin/board/basic/view_comment.skin.php
@ -258,6 +258,8 @@ function fviewcomment_submit(f)

    <?php if($is_guest) echo chk_captcha_js();  ?>

+    set_comment_token(f);
+
    document.getElementById("btn_submit").disabled = "disabled";

    return true;
--- a/theme/basic/skin/board/gallery/view_comment.skin.php
+++ b/theme/basic/skin/board/gallery/view_comment.skin.php
@ -258,6 +258,8 @@ function fviewcomment_submit(f)

    <?php if($is_guest) echo chk_captcha_js();  ?>

+    set_comment_token(f);
+
    document.getElementById("btn_submit").disabled = "disabled";

    return true;