Skip to content
This repository has been archived by the owner on Jun 24, 2021. It is now read-only.

Commit

Permalink
크롬 모바일 데이터 절약 모드 관리자 페이지 접속 오류 수정
Browse files Browse the repository at this point in the history
  • Loading branch information
@thisgun
thisgun committed Apr 23, 2018
1 parent cd2c538 commit e4bbdba
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 2 deletions.
2 changes: 1 addition & 1 deletion adm/admin.lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -436,7 +436,7 @@ function admin_referer_check($return=false)
}

// 관리자의 아이피, 브라우저와 다르다면 세션을 끊고 관리자에게 메일을 보낸다.
$admin_key = md5($member['mb_datetime'] . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']);
$admin_key = md5($member['mb_datetime'] . get_real_client_ip() . $_SERVER['HTTP_USER_AGENT']);
if (get_session('ss_mb_key') !== $admin_key) {

session_destroy();
Expand Down
2 changes: 1 addition & 1 deletion bbs/login_check.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@
// 회원아이디 세션 생성
set_session('ss_mb_id', $mb['mb_id']);
// FLASH XSS 공격에 대응하기 위하여 회원의 고유키를 생성해 놓는다. 관리자에서 검사함 - 110106
set_session('ss_mb_key', md5($mb['mb_datetime'] . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']));
set_session('ss_mb_key', md5($mb['mb_datetime'] . get_real_client_ip() . $_SERVER['HTTP_USER_AGENT']));

// 포인트 체크
if($config['cf_use_point']) {
Expand Down
8 changes: 8 additions & 0 deletions lib/common.lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3418,6 +3418,14 @@ function is_use_email_certify(){
return $config['cf_use_email_certify'];
}

function get_real_client_ip(){

if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
return $_SERVER['HTTP_X_FORWARDED_FOR'];

return $_SERVER['REMOTE_ADDR'];
}

function get_call_func_cache($func, $args=array()){

static $cache = array();
Expand Down

0 comments on commit e4bbdba

Please sign in to comment.