From e2aec1587991215c684a452f6a8b3296155077a3 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@sir.co.kr>
Date: Tue, 22 Sep 2015 10:49:56 +0900
Subject: [PATCH] =?UTF-8?q?xss=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/index.php       | 2 +-
 adm/member_form.php | 3 +++
 adm/member_list.php | 4 ++--
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/adm/index.php b/adm/index.php
index a579ad851..fcaa2dfe5 100644
--- a/adm/index.php
+++ b/adm/index.php
@@ -91,7 +91,7 @@ $colspan = 12;
             $leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date("Ymd", G5_SERVER_TIME);
             $intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date("Ymd", G5_SERVER_TIME);
 
-            $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
+            $mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
 
             $mb_id = $row['mb_id'];
             if ($row['mb_leave_date'])
diff --git a/adm/member_form.php b/adm/member_form.php
index ddcdfbe47..3e056459e 100644
--- a/adm/member_form.php
+++ b/adm/member_form.php
@@ -31,6 +31,8 @@ else if ($w == 'u')
     $required_mb_password = '';
     $html_title = '수정';
 
+    $mb['mb_name'] = get_text($mb['mb_name']);
+    $mb['mb_nick'] = get_text($mb['mb_nick']);
     $mb['mb_email'] = get_text($mb['mb_email']);
     $mb['mb_homepage'] = get_text($mb['mb_homepage']);
     $mb['mb_birth'] = get_text($mb['mb_birth']);
@@ -38,6 +40,7 @@ else if ($w == 'u')
     $mb['mb_hp'] = get_text($mb['mb_hp']);
     $mb['mb_addr1'] = get_text($mb['mb_addr1']);
     $mb['mb_addr2'] = get_text($mb['mb_addr2']);
+    $mb['mb_addr3'] = get_text($mb['mb_addr3']);
     $mb['mb_signature'] = get_text($mb['mb_signature']);
     $mb['mb_recommend'] = get_text($mb['mb_recommend']);
     $mb['mb_profile'] = get_text($mb['mb_profile']);
diff --git a/adm/member_list.php b/adm/member_list.php
index ea3c6e4c6..9eaf3e43c 100644
--- a/adm/member_list.php
+++ b/adm/member_list.php
@@ -166,7 +166,7 @@ $colspan = 16;
         $leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date('Ymd', G5_SERVER_TIME);
         $intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date('Ymd', G5_SERVER_TIME);
 
-        $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
+        $mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
 
         $mb_id = $row['mb_id'];
         $leave_msg = '';
@@ -211,7 +211,7 @@ $colspan = 16;
     <tr class="<?php echo $bg; ?>">
         <td headers="mb_list_chk" class="td_chk" rowspan="2">
             <input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
-            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo $row['mb_nick']; ?>님</label>
+            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo get_text($row['mb_nick']); ?>님</label>
             <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
         </td>
         <td headers="mb_list_id" rowspan="2" class="td_name sv_use"><?php echo $mb_id ?></td>