diff --git a/bbs/view.php b/bbs/view.php
index 43e59a575..35b8b6557 100644
--- a/bbs/view.php
+++ b/bbs/view.php
@@ -121,9 +121,7 @@ else if (strstr($view['wr_option'], 'html2'))
 $view['content'] = conv_content($view['wr_content'], $html);
 if (strstr($sfl, 'content'))
     $view['content'] = search_font($stx, $view['content']);
-//$view['content'] = preg_replace("/(\<img )([^\>]*)(\>)/i", "\\1 onclick='image_window(this)'", $view['content']);
 
-//$view['rich_content'] = preg_replace("/{img\:([0-9]+)[:]?([^}]*)}/ie", "view_image(\$view, '\\1', '\\2')", $view['content']);
 $view['rich_content'] = preg_replace("/{이미지\:([0-9]+)[:]?([^}]*)}/ie", "view_image(\$view, '\\1', '\\2')", $view['content']);
 
 $is_signature = false;
@@ -133,8 +131,6 @@ if ($board['bo_use_signature'] && $view['mb_id']) {
     $mb = get_member($view['mb_id']);
     $signature = $mb['mb_signature'];
 
-    //$signature = bad_tag_convert($signature);
-    // 081022 : CSRF 보안 결함으로 인한 코드 수정
     $signature = conv_content($signature, 1);
 }
 
diff --git a/js/common.js b/js/common.js
index 24f36d4e1..bdec9ce55 100644
--- a/js/common.js
+++ b/js/common.js
@@ -182,142 +182,6 @@ function delete_cookie(name)
         document.cookie = name + "=" + value + "; path=/; expires=" + today.toGMTString();
 }
 
-// 이미지의 크기에 따라 새창의 크기가 변경됩니다.
-// zzzz님께서 알려주셨습니다. 2005/04/12
-function image_window(img)
-{
-    var w = img.tmp_width;
-    var h = img.tmp_height;
-    var winl = (screen.width-w)/2;
-    var wint = (screen.height-h)/3;
-
-    if (w >= screen.width) {
-        winl = 0;
-        h = (parseInt)(w * (h / w));
-    }
-
-    if (h >= screen.height) {
-        wint = 0;
-        w = (parseInt)(h * (w / h));
-    }
-
-    var js_url = "<script type='text/javascript'> \n";
-        js_url += "<!-- \n";
-        js_url += "var ie=document.all; \n";
-        js_url += "var nn6=document.getElementById&&!document.all; \n";
-        js_url += "var isdrag=false; \n";
-        js_url += "var x,y; \n";
-        js_url += "var dobj; \n";
-        js_url += "function movemouse(e) \n";
-        js_url += "{ \n";
-        js_url += "  if (isdrag) \n";
-        js_url += "  { \n";
-        js_url += "    dobj.style.left = nn6 ? tx + e.clientX - x : tx + event.clientX - x; \n";
-        js_url += "    dobj.style.top  = nn6 ? ty + e.clientY - y : ty + event.clientY - y; \n";
-        js_url += "    return false; \n";
-        js_url += "  } \n";
-        js_url += "} \n";
-        js_url += "function selectmouse(e) \n";
-        js_url += "{ \n";
-        js_url += "  var fobj      = nn6 ? e.target : event.srcElement; \n";
-        js_url += "  var topelement = nn6 ? 'HTML' : 'BODY'; \n";
-        js_url += "  while (fobj.tagName != topelement && fobj.className != 'dragme') \n";
-        js_url += "  { \n";
-        js_url += "    fobj = nn6 ? fobj.parentNode : fobj.parentElement; \n";
-        js_url += "  } \n";
-        js_url += "  if (fobj.className=='dragme') \n";
-        js_url += "  { \n";
-        js_url += "    isdrag = true; \n";
-        js_url += "    dobj = fobj; \n";
-        js_url += "    tx = parseInt(dobj.style.left+0); \n";
-        js_url += "    ty = parseInt(dobj.style.top+0); \n";
-        js_url += "    x = nn6 ? e.clientX : event.clientX; \n";
-        js_url += "    y = nn6 ? e.clientY : event.clientY; \n";
-        js_url += "    document.onmousemove=movemouse; \n";
-        js_url += "    return false; \n";
-        js_url += "  } \n";
-        js_url += "} \n";
-        js_url += "document.onmousedown=selectmouse; \n";
-        js_url += "document.onmouseup=new Function('isdrag=false'); \n";
-        js_url += "//--> \n";
-        js_url += "</"+"script> \n";
-
-    var settings;
-
-    if (navigator.userAgent.toLowerCase().indexOf("gecko") != -1) {
-        settings  ='width='+(w+10)+',';
-        settings +='height='+(h+10)+',';
-    } else {
-        settings  ='width='+w+',';
-        settings +='height='+h+',';
-    }
-    settings +='top='+wint+',';
-    settings +='left='+winl+',';
-    settings +='scrollbars=no,';
-    settings +='resizable=yes,';
-    settings +='status=no';
-
-
-    win=window.open("","image_window",settings);
-    win.document.open();
-    win.document.write ("<html><head> \n<meta http-equiv='imagetoolbar' CONTENT='no'> \n<meta http-equiv='content-type' content='text/html; charset=utf-8'>\n");
-    var size = "이미지 사이즈 : "+w+" x "+h;
-    win.document.write ("<title>"+size+"</title> \n");
-    if(w >= screen.width || h >= screen.height) {
-        win.document.write (js_url);
-        var click = "ondblclick='window.close();' style='cursor:move' title=' "+size+" \n\n 이미지 사이즈가 화면보다 큽니다. \n 왼쪽 버튼을 클릭한 후 마우스를 움직여서 보세요. \n\n 더블 클릭하면 닫혀요. '";
-    }
-    else
-        var click = "onclick='window.close();' style='cursor:pointer' title=' "+size+" \n\n 클릭하면 닫혀요. '";
-    win.document.write ("<style>.dragme{position:relative;}</style> \n");
-    win.document.write ("</head> \n\n");
-    win.document.write ("<body leftmargin=0 topmargin=0 bgcolor=#dddddd style='cursor:arrow;'> \n");
-    win.document.write ("<table width=100% height=100% cellpadding=0 cellspacing=0><tr><td align=center valign=middle><img src='"+img.src+"' width='"+w+"' height='"+h+"' border=0 class='dragme' "+click+"></td></tr></table>");
-    win.document.write ("</body></html>");
-    win.document.close();
-
-    if(parseInt(navigator.appVersion) >= 4){win.window.focus();}
-}
-
-/*
-// a 태그에서 onclick 이벤트를 사용하지 않기 위해
-function win_open(url, name, option)
-{
-    var popup = window.open(url, name, option);
-    popup.focus();
-}
-
-// 새로운 패스워드 분실 창 : 100902
-function win_password_lost()
-{
-    win_open(g4_path + "/" + g4_bbs + "/password_lost.php", 'winPasswordLost', 'left=50, top=50, width=617, height=330, scrollbars=1');
-}
-
-// 패스워드 분실 창
-function win_password_forget()
-{
-    win_open(g4_path + "/" + g4_bbs + "/password_forget.php", 'winPasswordForget', 'left=50, top=50, width=616, height=500, scrollbars=1');
-}
-
-// 코멘트 창
-function win_comment(url)
-{
-    win_open(url, "winComment", "left=50, top=50, width=800, height=600, scrollbars=1");
-}
-
-// 폼메일 창
-function win_formmail(mb_id, name, email)
-{
-    win_open(g4_bbs_url+"/formmail.php?mb_id="+mb_id+"&name="+encodeURIComponent(name)+"&email="+email, "winFormmail", "left=50, top=50, width=600, height=480, scrollbars=0");
-}
-
-// 자기소개 창
-function win_profile(mb_id)
-{
-    win_open(g4_bbs_url+"/profile.php?mb_id="+mb_id, 'winProfile', 'left=50,top=50,width=620,height=510,scrollbars=1');
-}
-*/
-
 var last_id = null;
 function menu(id)
 {
diff --git a/mobile/skin/board/basic/view_comment.skin.php b/mobile/skin/board/basic/view_comment.skin.php
index 736f0168b..8f74a6b65 100644
--- a/mobile/skin/board/basic/view_comment.skin.php
+++ b/mobile/skin/board/basic/view_comment.skin.php
@@ -20,9 +20,6 @@ var char_max = parseInt(<?=$comment_max?>); // 최대
             if (strstr($list[$i]['wr_option'], "secret"))
                 $str = $str;
             $str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
-            // FLASH XSS 공격에 의해 주석 처리 - 110406
-            //$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(swf)\".*\<\/a\>\]/i", "<script>doc_write(flash_movie('$1://$2.$3'));</script>", $str);
-            $str = preg_replace("/\[\<a\s*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(gif|png|jpg|jpeg|bmp)\"\s*[^\>]*\>[^\s]*\<\/a\>\]/i", "<img src='$1://$2.$3' id='target_resize_image[]' onclick='image_window(this);'>", $str);
     ?>
     <article id="c_<?=$comment_id?>" <?if ($cmt_depth) {?>style="margin-left:<?=$cmt_depth?>px;border-top-color:#e0e0e0"<?}?>>
         <header>
diff --git a/mobile/skin/board/gallery/view_comment.skin.php b/mobile/skin/board/gallery/view_comment.skin.php
index a16dea2f3..c85548b8f 100644
--- a/mobile/skin/board/gallery/view_comment.skin.php
+++ b/mobile/skin/board/gallery/view_comment.skin.php
@@ -20,9 +20,6 @@ var char_max = parseInt(<?=$comment_max?>); // 최대
             if (strstr($list[$i]['wr_option'], "secret"))
                 $str = $str;
             $str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
-            // FLASH XSS 공격에 의해 주석 처리 - 110406
-            //$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(swf)\".*\<\/a\>\]/i", "<script>doc_write(flash_movie('$1://$2.$3'));</script>", $str);
-            $str = preg_replace("/\[\<a\s*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(gif|png|jpg|jpeg|bmp)\"\s*[^\>]*\>[^\s]*\<\/a\>\]/i", "<img src='$1://$2.$3' id='target_resize_image[]' onclick='image_window(this);'>", $str);
     ?>
     <article id="c_<?=$comment_id?>" <?if ($cmt_depth) {?>style="margin-left:<?=$cmt_depth?>px;border-top-color:#e0e0e0"<?}?>>
         <header>
diff --git a/skin/board/basic/view_comment.skin.php b/skin/board/basic/view_comment.skin.php
index 5a512d57d..9b1460fbc 100644
--- a/skin/board/basic/view_comment.skin.php
+++ b/skin/board/basic/view_comment.skin.php
@@ -20,9 +20,6 @@ var char_max = parseInt(<?=$comment_max?>); // 최대
             if (strstr($list[$i]['wr_option'], "secret"))
                 $str = $str;
             $str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
-            // FLASH XSS 공격에 의해 주석 처리 - 110406
-            //$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(swf)\".*\<\/a\>\]/i", "<script>doc_write(flash_movie('$1://$2.$3'));</script>", $str);
-            $str = preg_replace("/\[\<a\s*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(gif|png|jpg|jpeg|bmp)\"\s*[^\>]*\>[^\s]*\<\/a\>\]/i", "<img src='$1://$2.$3' id='target_resize_image[]' onclick='image_window(this);'>", $str);
     ?>
     <article id="c_<?=$comment_id?>" <?if ($cmt_depth) {?>style="margin-left:<?=$cmt_depth?>px;border-top-color:#e0e0e0"<?}?>>
         <header>
diff --git a/skin/board/gallery/view_comment.skin.php b/skin/board/gallery/view_comment.skin.php
index a16dea2f3..c85548b8f 100644
--- a/skin/board/gallery/view_comment.skin.php
+++ b/skin/board/gallery/view_comment.skin.php
@@ -20,9 +20,6 @@ var char_max = parseInt(<?=$comment_max?>); // 최대
             if (strstr($list[$i]['wr_option'], "secret"))
                 $str = $str;
             $str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
-            // FLASH XSS 공격에 의해 주석 처리 - 110406
-            //$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(swf)\".*\<\/a\>\]/i", "<script>doc_write(flash_movie('$1://$2.$3'));</script>", $str);
-            $str = preg_replace("/\[\<a\s*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(gif|png|jpg|jpeg|bmp)\"\s*[^\>]*\>[^\s]*\<\/a\>\]/i", "<img src='$1://$2.$3' id='target_resize_image[]' onclick='image_window(this);'>", $str);
     ?>
     <article id="c_<?=$comment_id?>" <?if ($cmt_depth) {?>style="margin-left:<?=$cmt_depth?>px;border-top-color:#e0e0e0"<?}?>>
         <header>