게시글 댓글 삭제 때 토큰 체크 추가

bbs/delete.php

@@ -1,11 +1,11 @@
 <?php
 include_once('./_common.php');
 
-if ($is_admin)
-{
-    if (!($token && get_session('ss_delete_token') == $token))
-        alert('토큰 에러로 삭제 불가합니다.');
-}
+$delete_token = get_session('ss_delete_token');
+set_session('ss_delete_token', '');
+
+if (!($token && $delete_token == $token))
+    alert('토큰 에러로 삭제 불가합니다.');
 
 //$wr = sql_fetch(" select * from $write_table where wr_id = '$wr_id' ");
 

bbs/delete_comment.php

@@ -2,11 +2,11 @@
 // 코멘트 삭제
 include_once('./_common.php');
 
-if ($is_admin)
-{
-    if (!($token && get_session("ss_delete_token") == $token))
-        alert('토큰 에러로 삭제 불가합니다.');
-}
+$delete_comment_token = get_session('ss_delete_comment_token');
+set_session('ss_delete_comment_token', '');
+
+if (!($token && $delete_comment_token == $token))
+    alert('토큰 에러로 삭제 불가합니다.');
 
 // 4.1
 @include_once($board_skin_path.'/delete_comment.head.skin.php');

bbs/password.php

@@ -9,11 +9,13 @@
         $return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$wr_id;
         break;
     case 'd' :
-        $action = './delete.php';
+        set_session('ss_delete_token', $token = uniqid(time()));
+        $action = './delete.php?token='.$token;
         $return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$wr_id;
         break;
     case 'x' :
-        $action = './delete_comment.php';
+        set_session('ss_delete_comment_token', $token = uniqid(time()));
+        $action = './delete_comment.php?token='.$token;
         $row = sql_fetch(" select wr_parent from $write_table where wr_id = '$comment_id' ");
         $return_url = './board.php?bo_table='.$bo_table.'&wr_id='.$row['wr_parent'];
         break;

bbs/view.php

@@ -72,12 +72,8 @@
 // 로그인중이고 자신의 글이라면 또는 관리자라면 비밀번호를 묻지 않고 바로 수정, 삭제 가능
 if (($member['mb_id'] && ($member['mb_id'] == $write['mb_id'])) || $is_admin) {
     $update_href = './write.php?w=u&bo_table='.$bo_table.'&wr_id='.$wr_id.'&page='.$page.$qstr;
-    $delete_href = './delete.php?bo_table='.$bo_table.'&wr_id='.$wr_id.'&page='.$page.urldecode($qstr);
-    if ($is_admin)
-    {
-        set_session("ss_delete_token", $token = uniqid(time()));
-        $delete_href ='./delete.php?bo_table='.$bo_table.'&wr_id='.$wr_id.'&token='.$token.'&page='.$page.urldecode($qstr);
-    }
+    set_session('ss_delete_token', $token = uniqid(time()));
+    $delete_href ='./delete.php?bo_table='.$bo_table.'&wr_id='.$wr_id.'&token='.$token.'&page='.$page.urldecode($qstr);
 }
 else if (!$write['mb_id']) { // 회원이 쓴 글이 아니라면
     $update_href = './password.php?w=u&bo_table='.$bo_table.'&wr_id='.$wr_id.'&page='.$page.$qstr;

bbs/view_comment.php

@@ -9,11 +9,6 @@
 
 @include_once($board_skin_path.'/view_comment.head.skin.php');
 
-// 코멘트를 새창으로 여는 경우 세션값이 없으므로 생성한다.
-if ($is_admin && !$token) {
-    set_session("ss_delete_token", $token = uniqid(time()));
-}
-
 $list = array();
 
 $is_comment_write = false;
@@ -72,10 +67,13 @@
     $list[$i]['is_del']  = false;
     if ($is_comment_write || $is_admin)
     {
+        $token = '';
+
         if ($member['mb_id'])
         {
             if ($row['mb_id'] == $member['mb_id'] || $is_admin)
             {
+                set_session('ss_delete_comment_token', $token = uniqid(time()));
                 $list[$i]['del_link']  = './delete_comment.php?bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
                 $list[$i]['is_edit']   = true;
                 $list[$i]['is_del']    = true;
@@ -84,7 +82,7 @@
         else
         {
             if (!$row['mb_id']) {
-                $list[$i]['del_link'] = './password.php?w=x&bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&page='.$page.$qstr;
+                $list[$i]['del_link'] = './password.php?w=x&bo_table='.$bo_table.'&comment_id='.$row['wr_id'].'&token='.$token.'&page='.$page.$qstr;
                 $list[$i]['is_del']   = true;
             }
         }