diff --git a/bbs/memo.php b/bbs/memo.php
index 86ffb7930..f7cd044e7 100644
--- a/bbs/memo.php
+++ b/bbs/memo.php
@@ -16,8 +16,7 @@ if ($kind == 'recv')
 else if ($kind == 'send')
     $unkind = 'recv';
 else {
-    $kind = clean_xss_tags(trim($kind));
-    alert(''.$kind .'값을 넘겨주세요.');
+    alert("kind 변수 값이 올바르지 않습니다.");
 }
 
 if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
diff --git a/bbs/write_update.php b/bbs/write_update.php
index f36c60add..32c87cd66 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -221,6 +221,9 @@ if (!isset($_POST['wr_subject']) || !trim($_POST['wr_subject']))
 
 $wr_seo_title = exist_seo_title_recursive('bbs', generate_seo_title($wr_subject), $write_table, $wr_id);
 
+$options = array($html,$secret,$mail);
+$wr_option = implode(',', array_filter($options, function($v) { return trim($v); }));
+
 if ($w == '' || $w == 'r') {
 
     if ($member['mb_id']) {
@@ -258,7 +261,7 @@ if ($w == '' || $w == 'r') {
                      wr_reply = '$wr_reply',
                      wr_comment = 0,
                      ca_name = '$ca_name',
-                     wr_option = '$html,$secret,$mail',
+                     wr_option = '$wr_option',
                      wr_subject = '$wr_subject',
                      wr_content = '$wr_content',
                      wr_seo_title = '$wr_seo_title',
@@ -380,7 +383,7 @@ if ($w == '' || $w == 'r') {
 
     $sql = " update {$write_table}
                 set ca_name = '{$ca_name}',
-                     wr_option = '{$html},{$secret},{$mail}',
+                     wr_option = '{$wr_option}',
                      wr_subject = '{$wr_subject}',
                      wr_content = '{$wr_content}',
                      wr_seo_title = '$wr_seo_title',
diff --git a/config.php b/config.php
index 9c67d04f2..d8d72a5c3 100644
--- a/config.php
+++ b/config.php
@@ -229,7 +229,8 @@ define('G5_VISIT_BROWSCAP_USE', false);
 */
 define('G5_IP_DISPLAY', '\\1.♡.\\3.\\4');
 
-if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') {   //https 통신일때 daum 주소 js
+if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') || 
+    (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO']==='https')) {   //https 통신일때 daum 주소 js
     define('G5_POSTCODE_JS', '<script src="https://spi.maps.daum.net/imap/map_js_init/postcode.v2.js"></script>');
 } else {  //http 통신일때 daum 주소 js
     define('G5_POSTCODE_JS', '<script src="http://dmaps.daum.net/map_js_init/postcode.v2.js"></script>');
diff --git a/mobile/shop/lg/mispwapurl.php b/mobile/shop/lg/mispwapurl.php
index 83fc1de52..79e1f1360 100644
--- a/mobile/shop/lg/mispwapurl.php
+++ b/mobile/shop/lg/mispwapurl.php
@@ -2,7 +2,7 @@
 // 해당 페이지는 사용자가 ISP{국민/BC) 카드 결제를 성공하였을 때, 사용자에게 보여지는 페이지입니다.
 include_once('./_common.php');
 
-$LGD_OID    = $_GET['LGD_OID'];
+$LGD_OID    = clean_xss_tags($_GET['LGD_OID']);
 
 echo "LGD_OID = ".$LGD_OID;
 
diff --git a/shop/inicis/libs/HttpClient.php b/shop/inicis/libs/HttpClient.php
index 2799437cf..2179eb82e 100644
--- a/shop/inicis/libs/HttpClient.php
+++ b/shop/inicis/libs/HttpClient.php
@@ -32,6 +32,12 @@ class HttpClient {
         $data = substr($data, 1); // remove leading "&"
         $url_data = parse_url($url);
 
+        // host 가 inicis.com 의 주소가 아니라면 false 반환
+        // [scheme] => https, [host] => fcstdpay.inicis.com, [path] => /api/payAuth
+        if (preg_match("#inicis\.com$#", $url_data["host"]) == false) {
+            // error_log(print_r($url_data, 1));
+            return false;
+        }
 
         if ($url_data["scheme"] == "https") {
             $this->ssl = "ssl://";
diff --git a/shop/settle_inicis_common.php b/shop/settle_inicis_common.php
index f885e7bf7..b3c63871e 100644
--- a/shop/settle_inicis_common.php
+++ b/shop/settle_inicis_common.php
@@ -14,7 +14,7 @@ $INIpayLog  = false;                  // 로그를 기록하려면 true 로 수
 
 //**********************************************************************************
 
-$PG_IP = $_SERVER['REMOTE_ADDR'];
+$PG_IP = get_real_client_ip();
 
 if( $PG_IP == "203.238.37.3" || $PG_IP == "203.238.37.15" || $PG_IP == "203.238.37.16" || $PG_IP == "203.238.37.25" || $PG_IP == "39.115.212.9" )  //PG에서 보냈는지 IP로 체크
 {
diff --git a/shop/settle_lg_common.php b/shop/settle_lg_common.php
index cc2365782..21d6662c3 100644
--- a/shop/settle_lg_common.php
+++ b/shop/settle_lg_common.php
@@ -80,7 +80,7 @@ if ( $LGD_HASHDATA2 == $LGD_HASHDATA ) { //해쉬값 검증이 성공이면
 
             $result = false;
 
-            if($row['pp_id']) {
+            if(isset($row['pp_id']) && $row['pp_id']) {
                 // 개인결제 UPDATE
                 $sql = " update {$g5['g5_shop_personalpay_table']}
                             set pp_receipt_price = '$LGD_AMOUNT',
@@ -113,7 +113,7 @@ if ( $LGD_HASHDATA2 == $LGD_HASHDATA ) { //해쉬값 검증이 성공이면
             }
 
             if($result) {
-                if($row['od_id'])
+                if(isset($row['od_id']) && $row['od_id'])
                     $od_id = $row['od_id'];
                 else
                     $od_id = $LGD_OID;
diff --git a/theme/basic/css/default.css b/theme/basic/css/default.css
index 334b0b3c0..9efda9dce 100644
--- a/theme/basic/css/default.css
+++ b/theme/basic/css/default.css
@@ -169,7 +169,7 @@ box-shadow:0 2px 5px rgba(0,0,0,0.2)}
 #container_wr {margin:0 auto;zoom:1}
 #aside {float:right;width:235px;padding:0;height:100%;margin:20px 0 20px 20px}
 
-#container {position:relative;float:left;min-height:500px;height:auto !important;margin:20px 0;height:500px;font-size:1em;width:930px;zoom:1}
+#container {position:relative;float:left;min-height:500px;height:auto !important;margin:20px 0;font-size:1em;width:930px;zoom:1}
 #container:after {display:block;visibility:hidden;clear:both;content:""}
 #container_title {font-size:1.333em;margin:0 auto;font-weight:bold}
 #container_title span {margin:0 auto 10px;display:block;line-height:30px}