Skip to content
This repository has been archived by the owner on Jun 24, 2021. It is now read-only.

Commit

Permalink
댓글 삭제 토큰 코드 수정
Browse files Browse the repository at this point in the history
  • Loading branch information
chicpro committed Jun 28, 2016
1 parent ba55459 commit 7a2b979
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 5 deletions.
4 changes: 2 additions & 2 deletions bbs/delete_comment.php
View file
Expand Up @@ -2,8 +2,8 @@
// 코멘트 삭제
include_once('./_common.php');

$delete_comment_token = get_session('ss_delete_comment_token');
set_session('ss_delete_comment_token', '');
$delete_comment_token = get_session('ss_delete_comment_'.$comment_id.'_token');
set_session('ss_delete_comment_'.$comment_id.'_token', '');

if (!($token && $delete_comment_token == $token))
alert('토큰 에러로 삭제 불가합니다.');
Expand Down
2 changes: 1 addition & 1 deletion bbs/password.php
View file
Expand Up @@ -14,7 +14,7 @@
$return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$wr_id;
break;
case 'x' :
set_session('ss_delete_comment_token', $token = uniqid(time()));
set_session('ss_delete_comment_'.$comment_id.'_token', $token = uniqid(time()));
$action = './delete_comment.php?token='.$token;
$row = sql_fetch(" select wr_parent from $write_table where wr_id = '$comment_id' ");
$return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$row['wr_parent'];
Expand Down
4 changes: 2 additions & 2 deletions bbs/view_comment.php
View file
Expand Up @@ -73,7 +73,7 @@
{
if ($row['mb_id'] == $member['mb_id'] || $is_admin)
{
set_session('ss_delete_comment_token', $token = uniqid(time()));
set_session('ss_delete_comment_'.$row['wr_id'].'_token', $token = uniqid(time()));
$list[$i]['del_link'] = './delete_comment.php?bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
$list[$i]['is_edit'] = true;
$list[$i]['is_del'] = true;
Expand All @@ -82,7 +82,7 @@
else
{
if (!$row['mb_id']) {
$list[$i]['del_link'] = './password.php?w=x&bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
$list[$i]['del_link'] = './password.php?w=x&bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&page='.$page.$qstr;
$list[$i]['is_del'] = true;
}
}
Expand Down

0 comments on commit 7a2b979

Please sign in to comment.