fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-01 08:12:17 +09:00
Code Issues Projects Releases Packages Wiki Activity

#18692685 : prevent CSRF attack

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@7306 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
haneul 2010-02-23 06:47:01 +00:00
parent 0b13ce95d0
commit 6f9888f518
4 changed files with 36 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/communication/communication.view.php
View file

@ -43,7 +43,10 @@
// message_srl이 있으면 내용 추출
if($message_srl) {
$message = $oCommunicationModel->getSelectedMessage($message_srl);
if($message->message_srl == $message_srl && ($message->receiver_srl == $logged_info->member_srl || $message->sender_srl == $logged_info->member_srl) ) Context::set('message', $message);
if($message->message_srl == $message_srl && ($message->receiver_srl == $logged_info->member_srl || $message->sender_srl == $logged_info->member_srl) ) {
stripEmbedTagForAdmin($message->content, $message->sender_srl);
Context::set('message', $message);
}
}
// 목록 추출
@ -73,7 +76,10 @@
// 새 쪽지를 가져옴
$message = $oCommunicationModel->getNewMessage();
if($message) Context::set('message', $message);
if($message) {
stripEmbedTagForAdmin($message->content, $message->sender_srl);
Context::set('message', $message);
}
// 플래그 삭제
$flag_path = './files/communication_extra_info/new_message_flags/'.getNumberingPath($logged_info->member_srl);