From 2d1af9a3b2a196e7b34f4a9fc68ca5e3161e22b0 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 10 Feb 2020 14:05:30 +0900
Subject: [PATCH 01/14] =?UTF-8?q?sms=20=EC=84=A4=EC=B9=98=ED=85=8C?=
 =?UTF-8?q?=EC=9D=B4=EB=B8=94=20G5=5FDB=5FENGINE=20=EC=84=A4=EC=A0=95?=
 =?UTF-8?q?=EC=97=90=20=EB=94=B0=EB=A5=B4=EA=B2=8C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/sms_admin/install.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/adm/sms_admin/install.php b/adm/sms_admin/install.php
index c7a13441d..025ecda8e 100644
--- a/adm/sms_admin/install.php
+++ b/adm/sms_admin/install.php
@@ -53,6 +53,7 @@ eval("\$file = \"$file\";");
 $f = explode(";", $file);
 for ($i=0; $i<count($f); $i++) {
     if (trim($f[$i]) == "") continue;
+	$f[$i] = get_db_create_replace($f[$i]);
     sql_query($f[$i]) or die(mysqli_error());
 }
 // 테이블 생성 ------------------------------------

From e82ebd7adac58bef4a2a4f6f806e53af378b13e2 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 10 Feb 2020 16:29:30 +0900
Subject: [PATCH 02/14] =?UTF-8?q?=EC=B9=B4=EC=B9=B4=EC=98=A4=20=EB=A1=9C?=
 =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20v2=20=EC=82=AC=EC=9A=A9=EC=9E=90=20?=
 =?UTF-8?q?=EC=A0=95=EB=B3=B4=20=EC=9A=94=EC=B2=ADapi=EB=A1=9C=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 plugin/social/Hybrid/Providers/Kakao.php | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/plugin/social/Hybrid/Providers/Kakao.php b/plugin/social/Hybrid/Providers/Kakao.php
index 1b1130768..24effe868 100644
--- a/plugin/social/Hybrid/Providers/Kakao.php
+++ b/plugin/social/Hybrid/Providers/Kakao.php
@@ -26,7 +26,7 @@ class Hybrid_Providers_Kakao extends Hybrid_Provider_Model_OAuth2
         parent::initialize();
 
         // Provider API end-points
-        $this->api->api_base_url  = "https://kapi.kakao.com/v1/";
+        $this->api->api_base_url  = "https://kapi.kakao.com/v2/";
         $this->api->authorize_url = "https://kauth.kakao.com/oauth/authorize";
         $this->api->token_url     = "https://kauth.kakao.com/oauth/token";
 
@@ -72,7 +72,8 @@ class Hybrid_Providers_Kakao extends Hybrid_Provider_Model_OAuth2
     */
     function getUserProfile()
     {
-        $params = array('property_keys'=>'kaccount_email');
+        //$params = array('property_keys'=>'kaccount_email');	// v1 parameter
+        $params = array('property_keys'=>array('kakao_account.email'));		// v2 parameter
 
         $this->api->decode_json = false;
         $this->api->curl_header = array( 'Authorization: Bearer ' . $this->api->access_token );
@@ -86,7 +87,9 @@ class Hybrid_Providers_Kakao extends Hybrid_Provider_Model_OAuth2
         $this->user->profile->identifier  = @ $data->id;
         $this->user->profile->displayName = @ $data->properties->nickname;
         $this->user->profile->photoURL    = @ $data->properties->thumbnail_image;
-        $email = @ $data->kaccount_email;
+        //$email = @ $data->properties->kaccount_email;	// v1 version
+        
+        $email = @ $data->kakao_account->email;   // v2 version
 
         if( $email ){
             $this->user->profile->email = $email;

From d9823615412e7bad50f1f6d2bd307db4d8aa6ccb Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 10 Feb 2020 17:32:50 +0900
Subject: [PATCH 03/14] =?UTF-8?q?get=5Fclass=5Fencrypt=20=ED=95=A8?=
 =?UTF-8?q?=EC=88=98=EB=82=B4=20=EC=9E=98=EB=AA=BB=EB=90=9C=20=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/get_data.lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/get_data.lib.php b/lib/get_data.lib.php
index 16f91d4fa..cfa53a81f 100644
--- a/lib/get_data.lib.php
+++ b/lib/get_data.lib.php
@@ -329,7 +329,7 @@ function get_db_create_replace($sql_str){
 function get_class_encrypt(){
     static $cache;
 
-    if( $cache && is_object($obj) ){
+    if( $cache && is_object($cache) ){
         return $cache;
     }
 

From 2581bdba9b424680e352dd40877f7839f12711a5 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 10 Feb 2020 19:03:56 +0900
Subject: [PATCH 04/14] =?UTF-8?q?5.4=EB=B2=84=EC=A0=84=20exist=5Fseo=5Furl?=
 =?UTF-8?q?=20=ED=95=A8=EC=88=98=20=EB=82=B4=20=EC=A0=95=EA=B7=9C=EC=8B=9D?=
 =?UTF-8?q?=20=EC=BD=94=EB=93=9C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/uri.lib.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/uri.lib.php b/lib/uri.lib.php
index 792c9ee3f..6221fc865 100644
--- a/lib/uri.lib.php
+++ b/lib/uri.lib.php
@@ -229,7 +229,8 @@ function exist_seo_url($type, $seo_title, $write_table, $sql_id=0){
     global $g5;
 
     $exists_title = '';
-    $sql_id = preg_replace('/[^a-z0-9_]/i', '', $sql_id);
+    $sql_id = preg_replace('/[^a-z0-9_\-]/i', '', $sql_id);
+	// 영카트 상품코드의 경우 - 하이픈이 들어가야 함
 
     if( $type === 'bbs' ){
         $sql = "select wr_seo_title FROM {$write_table} WHERE wr_seo_title = '".sql_real_escape_string($seo_title)."' AND wr_id <> '$sql_id' limit 1";

From 30e0b93ecfd4c715124d991ae75796ea4a623a0a Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Tue, 11 Feb 2020 15:08:59 +0900
Subject: [PATCH 05/14] =?UTF-8?q?get=5Fmember=5Fprofile=5Fimg=20=ED=95=A8?=
 =?UTF-8?q?=EC=88=98=20=EB=82=B4=20=EC=BD=94=EB=93=9C=20=EC=98=A4=EB=A5=98?=
 =?UTF-8?q?=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/common.lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/common.lib.php b/lib/common.lib.php
index 1e14e6afc..b7a373ab0 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -3559,7 +3559,7 @@ function get_member_profile_img($mb_id='', $width='', $height='', $alt='profile_
             // 프로필 이미지가 없을때 기본 이미지
             $no_profile_img = (defined('G5_THEME_NO_PROFILE_IMG') && G5_THEME_NO_PROFILE_IMG) ? G5_THEME_NO_PROFILE_IMG : G5_NO_PROFILE_IMG;
             $tmp = array();
-            preg_match( '/src="([^"]*)"/i', $foo, $tmp );
+            preg_match( '/src="([^"]*)"/i', $no_profile_img, $tmp );
             $no_profile_cache = $src = isset($tmp[1]) ? $tmp[1] : G5_IMG_URL.'/no_profile.gif';
         }
     }

From 992d3d93f4fa89a2fdfb3d4ff14e5bcde352a38a Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Wed, 12 Feb 2020 11:33:53 +0900
Subject: [PATCH 06/14] =?UTF-8?q?[KVE-2019-1581,1585,1586,1590,2020-0012]?=
 =?UTF-8?q?=EA=B7=B8=EB=88=84=EB=B3=B4=EB=93=9CXSS=EC=B7=A8=EC=95=BD?=
 =?UTF-8?q?=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/boardgroup_form_update.php     |  2 +-
 adm/faqmasterformupdate.php        |  2 +-
 adm/menu_list_update.php           |  4 ++--
 adm/sms_admin/form_update.php      |  4 ++--
 adm/sms_admin/form_write.php       |  2 +-
 adm/sms_admin/num_group.php        |  4 ++--
 adm/sms_admin/num_group_update.php | 10 +++++-----
 7 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/adm/boardgroup_form_update.php b/adm/boardgroup_form_update.php
index 7ce694a8e..b7e5cb4f2 100644
--- a/adm/boardgroup_form_update.php
+++ b/adm/boardgroup_form_update.php
@@ -16,7 +16,7 @@ if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $_POST['gr_id']))
 
 if (!$gr_subject) alert('그룹 제목을 입력하세요.');
 
-$gr_subject = isset($_POST['gr_subject']) ? strip_tags($_POST['gr_subject']) : '';
+$gr_subject = isset($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'])) : '';
 
 $sql_common = " gr_subject = '{$gr_subject}',
                 gr_device = '{$_POST['gr_device']}',
diff --git a/adm/faqmasterformupdate.php b/adm/faqmasterformupdate.php
index f753683e3..609e805b3 100644
--- a/adm/faqmasterformupdate.php
+++ b/adm/faqmasterformupdate.php
@@ -18,7 +18,7 @@ check_admin_token();
 if ($fm_himg_del)  @unlink(G5_DATA_PATH."/faq/{$fm_id}_h");
 if ($fm_timg_del)  @unlink(G5_DATA_PATH."/faq/{$fm_id}_t");
 
-$fm_subject = strip_tags($fm_subject);
+$fm_subject = strip_tags(clean_xss_attributes($fm_subject));
 
 $sql_common = " set fm_subject = '$fm_subject',
                     fm_head_html = '$fm_head_html',
diff --git a/adm/menu_list_update.php b/adm/menu_list_update.php
index f7f4cf882..160c578a7 100644
--- a/adm/menu_list_update.php
+++ b/adm/menu_list_update.php
@@ -21,11 +21,11 @@ for ($i=0; $i<$count; $i++)
 {
     $_POST = array_map_deep('trim', $_POST);
     
-    $_POST['me_link'][$i] = is_array($_POST['me_link']) ? clean_xss_tags($_POST['me_link'][$i], 1) : '';
+    $_POST['me_link'][$i] = is_array($_POST['me_link']) ? clean_xss_tags(clean_xss_attributes($_POST['me_link'][$i], 1)) : '';
 
     $code    = is_array($_POST['code']) ? strip_tags($_POST['code'][$i]) : '';
     $me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : '';
-    $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags($_POST['me_link'][$i]);
+    $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags(clean_xss_attributes($_POST['me_link'][$i]));
     
     if(!$code || !$me_name || !$me_link)
         continue;
diff --git a/adm/sms_admin/form_update.php b/adm/sms_admin/form_update.php
index 080656e94..1eb78101a 100644
--- a/adm/sms_admin/form_update.php
+++ b/adm/sms_admin/form_update.php
@@ -4,8 +4,8 @@ include_once("./_common.php");
 
 auth_check($auth[$sub_menu], "w");
 
-$fo_name = isset($fo_name) ? strip_tags($fo_name) : '';
-$fo_content = isset($fo_content) ? strip_tags($fo_content) : '';
+$fo_name = isset($fo_name) ? strip_tags(clean_xss_attributes($fo_name)) : '';
+$fo_content = isset($fo_content) ? strip_tags(clean_xss_attributes($fo_content)) : '';
 
 $g5['title'] = "이모티콘 업데이트";
 
diff --git a/adm/sms_admin/form_write.php b/adm/sms_admin/form_write.php
index a8a8816cd..6191bd59d 100644
--- a/adm/sms_admin/form_write.php
+++ b/adm/sms_admin/form_write.php
@@ -48,7 +48,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
     </tr>
     <tr>
         <th scope="row"><label for="fo_name">제목<strong class="sound_only"> 필수</strong></label></th>
-        <td><input type="text" name="fo_name" id="fo_name" required value="<?php echo $write['fo_name']?>" class="frm_input required" size="70"></td>
+        <td><input type="text" name="fo_name" id="fo_name" required value="<?php echo get_sanitize_input($write['fo_name']); ?>" class="frm_input required" size="70"></td>
     </tr>
     <tr>
         <th scope="row">메세지</th>
diff --git a/adm/sms_admin/num_group.php b/adm/sms_admin/num_group.php
index c71483ca7..2da088f9c 100644
--- a/adm/sms_admin/num_group.php
+++ b/adm/sms_admin/num_group.php
@@ -129,7 +129,7 @@ function num_group_submit(f)
             <select name="select_bg_no_999" id="select_bg_no_999" onchange="move(<?php echo $no_group['bg_no']?>, '<?php echo $no_group['bg_name']?>', this);" >
                 <option value=""></option>
                 <?php for ($i=0; $i<count($group); $i++) { ?>
-                <option value="<?php echo $group[$i]['bg_no']?>"> <?php echo $group[$i]['bg_name']?> </option>
+                <option value="<?php echo $group[$i]['bg_no']?>"> <?php echo get_sanitize_input($group[$i]['bg_name']); ?> </option>
                 <?php } ?>
             </select>
         </td>
@@ -150,7 +150,7 @@ function num_group_submit(f)
         </td>
         <td>
             <label for="bg_name_<?php echo $i; ?>" class="sound_only">그룹명</label>
-            <input type="text" name="bg_name[<?php echo $i; ?>]" value="<?php echo $group[$i]['bg_name']?>" id="bg_name_<?php echo $i; ?>" class="frm_input">
+            <input type="text" name="bg_name[<?php echo $i; ?>]" value="<?php echo get_sanitize_input($group[$i]['bg_name']); ?>" id="bg_name_<?php echo $i; ?>" class="frm_input">
         </td>
         <td class="td_num"><?php echo number_format($group[$i]['bg_count'])?></td>
         <td class="td_num"><?php echo number_format($group[$i]['bg_member'])?></td>
diff --git a/adm/sms_admin/num_group_update.php b/adm/sms_admin/num_group_update.php
index f23f31bea..dffeab6ee 100644
--- a/adm/sms_admin/num_group_update.php
+++ b/adm/sms_admin/num_group_update.php
@@ -11,7 +11,7 @@ if ($w == 'u') // 업데이트
         // 실제 번호를 넘김
         $k = $_POST['chk'][$i];
         $bg_no = (int) $_POST['bg_no'][$k];
-        $bg_name = strip_tags($_POST['bg_name'][$k]);
+        $bg_name = strip_tags(clean_xss_attributes($_POST['bg_name'][$k]));
 
         if (!is_numeric($bg_no))
             alert('그룹 고유번호가 없습니다.');
@@ -23,11 +23,11 @@ if ($w == 'u') // 업데이트
         if (!strlen(trim($bg_name)))
             alert('그룹명을 입력해주세요');
 
-        $res = sql_fetch("select bg_name from {$g5['sms5_book_group_table']} where bg_no<>'$bg_no' and bg_name='$bg_name'");
+        $res = sql_fetch("select bg_name from {$g5['sms5_book_group_table']} where bg_no<>'$bg_no' and bg_name='".sql_real_escape_string($bg_name)."'");
         if ($res)
             alert('같은 그룹명이 존재합니다.');
 
-        sql_query("update {$g5['sms5_book_group_table']} set bg_name='".addslashes($bg_name)."' where bg_no='$bg_no'");
+        sql_query("update {$g5['sms5_book_group_table']} set bg_name='".sql_real_escape_string($bg_name)."' where bg_no='$bg_no'");
     }
 }
 else if ($w == 'de') // 그룹삭제
@@ -63,7 +63,7 @@ else if ($w == 'em') // 비우기
 }
 else // 등록
 {
-    $bg_name = strip_tags($bg_name);
+    $bg_name = strip_tags(clean_xss_attributes($bg_name));
 
     if (!strlen(trim($bg_name)))
         alert('그룹명을 입력해주세요');
@@ -72,7 +72,7 @@ else // 등록
     if ($res)
         alert('같은 그룹명이 존재합니다.');
 
-    sql_query("insert into {$g5['sms5_book_group_table']} set bg_name='".addslashes($bg_name)."'");
+    sql_query("insert into {$g5['sms5_book_group_table']} set bg_name='$bg_name'");
 }
 
 goto_url('./num_group.php');

From 120d8cf5641084fc6e47d87aefddcfddeb7b701c Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Feb 2020 13:48:37 +0900
Subject: [PATCH 07/14] =?UTF-8?q?[KVE-2019-1571,1573,1578,1580]=EA=B7=B8?=
 =?UTF-8?q?=EB=88=84=EB=B3=B4=EB=93=9C=20XSS=20=EC=B7=A8=EC=95=BD=EC=A0=90?=
 =?UTF-8?q?=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/boardgroup_list.php        |  6 +++---
 adm/boardgroup_list_update.php |  4 ++--
 adm/config_form.php            |  2 +-
 adm/config_form_update.php     |  2 +-
 adm/mail_form.php              |  2 +-
 adm/mail_update.php            |  2 +-
 adm/poll_form.php              |  2 +-
 adm/poll_form_update.php       |  2 +-
 adm/qa_config.php              | 10 +++++-----
 adm/qa_config_update.php       |  2 +-
 10 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/adm/boardgroup_list.php b/adm/boardgroup_list.php
index a688e650d..08cd18382 100644
--- a/adm/boardgroup_list.php
+++ b/adm/boardgroup_list.php
@@ -124,7 +124,7 @@ $colspan = 10;
     <tr class="<?php echo $bg; ?>">
         <td class="td_chk">
             <input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>">
-            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
+            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label>
             <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
         </td>
         <td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
@@ -135,9 +135,9 @@ $colspan = 10;
         <td class="td_mng td_input">
         <?php if ($is_admin == 'super'){ ?>
             <label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
-            <input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo $row['gr_admin'] ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
+            <input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
         <?php }else{ ?>
-            <input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo $row['gr_admin'] ?>"><?php echo $row['gr_admin'] ?>
+            <input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
         <?php } ?>
         </td>
         <td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td>
diff --git a/adm/boardgroup_list_update.php b/adm/boardgroup_list_update.php
index e6abcb6b7..ee8971c2d 100644
--- a/adm/boardgroup_list_update.php
+++ b/adm/boardgroup_list_update.php
@@ -19,8 +19,8 @@ for ($i=0; $i<$count; $i++)
 {
     $k     = $_POST['chk'][$i];
     $gr_id = preg_replace('/[^a-z0-9_]/i', '', $_POST['group_id'][$k]);
-    $gr_subject = is_array($_POST['gr_subject']) ? strip_tags($_POST['gr_subject'][$k]) : '';
-    $gr_admin = is_array($_POST['gr_admin']) ? strip_tags($_POST['gr_admin'][$k]) : '';
+    $gr_subject = is_array($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
+    $gr_admin = is_array($_POST['gr_admin']) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
 
     if($_POST['act_button'] == '선택수정') {
         $sql = " update {$g5['group_table']}
diff --git a/adm/config_form.php b/adm/config_form.php
index 286626896..5bc7bccea 100644
--- a/adm/config_form.php
+++ b/adm/config_form.php
@@ -321,7 +321,7 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
         <tbody>
         <tr>
             <th scope="row"><label for="cf_title">홈페이지 제목<strong class="sound_only">필수</strong></label></th>
-            <td colspan="3"><input type="text" name="cf_title" value="<?php echo $config['cf_title'] ?>" id="cf_title" required class="required frm_input" size="40"></td>
+            <td colspan="3"><input type="text" name="cf_title" value="<?php echo get_sanitize_input($config['cf_title']); ?>" id="cf_title" required class="required frm_input" size="40"></td>
         </tr>
         <tr>
             <th scope="row"><label for="cf_admin">최고관리자<strong class="sound_only">필수</strong></label></th>
diff --git a/adm/config_form_update.php b/adm/config_form_update.php
index 50a6bbf32..731b664c5 100644
--- a/adm/config_form_update.php
+++ b/adm/config_form_update.php
@@ -26,7 +26,7 @@ if(!$_POST['cf_cert_use']) {
 
 $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : '';
 
-$_POST['cf_title'] = strip_tags($_POST['cf_title']);
+$_POST['cf_title'] = strip_tags(clean_xss_attributes($_POST['cf_title']));
 
 $check_keys = array('cf_lg_mid', 'cf_lg_mert_key', 'cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret');
 
diff --git a/adm/mail_form.php b/adm/mail_form.php
index a95035be2..6ee6fb95b 100644
--- a/adm/mail_form.php
+++ b/adm/mail_form.php
@@ -42,7 +42,7 @@ include_once('./admin.head.php');
     <tbody>
     <tr>
         <th scope="row"><label for="ma_subject">메일 제목<strong class="sound_only">필수</strong></label></th>
-        <td><input type="text" name="ma_subject" value="<?php echo $ma['ma_subject'] ?>" id="ma_subject" required class="required frm_input" size="100"></td>
+        <td><input type="text" name="ma_subject" value="<?php echo get_sanitize_input($ma['ma_subject']); ?>" id="ma_subject" required class="required frm_input" size="100"></td>
     </tr>
     <tr>
         <th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
diff --git a/adm/mail_update.php b/adm/mail_update.php
index 68c85ae71..04d04ac92 100644
--- a/adm/mail_update.php
+++ b/adm/mail_update.php
@@ -10,7 +10,7 @@ auth_check($auth[$sub_menu], 'w');
 check_admin_token();
 
 $ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0;
-$ma_subject = isset($_POST['ma_subject']) ? strip_tags($_POST['ma_subject']) : '';
+$ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : '';
 
 if ($w == '')
 {
diff --git a/adm/poll_form.php b/adm/poll_form.php
index 0f5ed4dd4..3de75ddbe 100644
--- a/adm/poll_form.php
+++ b/adm/poll_form.php
@@ -37,7 +37,7 @@ include_once('./admin.head.php');
     <tbody>
     <tr>
         <th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th>
-        <td><input type="text" name="po_subject" value="<?php echo $po['po_subject'] ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td>
+        <td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td>
     </tr>
 
     <?php
diff --git a/adm/poll_form_update.php b/adm/poll_form_update.php
index 2d01fe6dd..f5972aa8a 100644
--- a/adm/poll_form_update.php
+++ b/adm/poll_form_update.php
@@ -40,7 +40,7 @@ foreach( $_POST as $key=>$value ){
     if( empty($value) ) continue;
 
     if( in_array($key, $check_keys) ) {
-        $_POST[$key] = strip_tags($value);
+        $_POST[$key] = strip_tags(clean_xss_attributes($value));
     }
 }
 
diff --git a/adm/qa_config.php b/adm/qa_config.php
index b73062251..c06a0a059 100644
--- a/adm/qa_config.php
+++ b/adm/qa_config.php
@@ -133,7 +133,7 @@ if(!isset($qaconfig['qa_include_head'])) {
         <tr>
             <th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th>
             <td>
-                <input type="text" name="qa_title" value="<?php echo $qaconfig['qa_title'] ?>" id="qa_title" required class="required frm_input" size="40">
+                <input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40">
                 <a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a>
             </td>
         </tr>
@@ -141,7 +141,7 @@ if(!isset($qaconfig['qa_include_head'])) {
             <th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th>
             <td>
                 <?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
-                <input type="text" name="qa_category" value="<?php echo $qaconfig['qa_category'] ?>" id="qa_category" required class="required frm_input" size="70">
+                <input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70">
             </td>
         </tr>
         <tr>
@@ -184,21 +184,21 @@ if(!isset($qaconfig['qa_include_head'])) {
             <th scope="row"><label for="qa_send_number">SMS 발신번호</label></th>
             <td>
                 <?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?>
-                <input type="text" name="qa_send_number" value="<?php echo $qaconfig['qa_send_number'] ?>" id="qa_send_number" class="frm_input"  size="30">
+                <input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input"  size="30">
             </td>
         </tr>
         <tr>
             <th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th>
             <td>
                 <?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?>
-                <input type="text" name="qa_admin_hp" value="<?php echo $qaconfig['qa_admin_hp'] ?>" id="qa_admin_hp" class="frm_input"  size="30">
+                <input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input"  size="30">
             </td>
         </tr>
         <tr>
             <th scope="row"><label for="qa_admin_email">관리자 이메일</label></th>
             <td>
                 <?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?>
-                <input type="text" name="qa_admin_email" value="<?php echo $qaconfig['qa_admin_email'] ?>" id="qa_admin_email" class="frm_input"  size="50">
+                <input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input"  size="50">
             </td>
         </tr>
         <tr>
diff --git a/adm/qa_config_update.php b/adm/qa_config_update.php
index 97fd16d7e..38b3eaddd 100644
--- a/adm/qa_config_update.php
+++ b/adm/qa_config_update.php
@@ -15,7 +15,7 @@ $qaconfig = get_qa_config();
 $check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size');
 
 foreach($check_keys as $key){
-	$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags($_POST[$key]) : '';
+	$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
 }
 
 $qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255));

From 3cf0546711fc91758765fd04225898d3f351850d Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Feb 2020 15:23:11 +0900
Subject: [PATCH 08/14] =?UTF-8?q?[KVE-2020-0100,0101]=EA=B7=B8=EB=88=84?=
 =?UTF-8?q?=EB=B3=B4=EB=93=9C=20=EA=B4=80=EB=A6=AC=EC=9E=90=ED=8E=98?=
 =?UTF-8?q?=EC=9D=B4=EC=A7=80=20XSS=20=EC=B7=A8=EC=95=BD=EC=A0=90=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/sms_admin/form_write.php     | 2 ++
 adm/sms_admin/sms_write_form.php | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/adm/sms_admin/form_write.php b/adm/sms_admin/form_write.php
index 6191bd59d..b8e4913f7 100644
--- a/adm/sms_admin/form_write.php
+++ b/adm/sms_admin/form_write.php
@@ -6,6 +6,8 @@ auth_check($auth[$sub_menu], "w");
 
 $g5['title'] = "이모티콘 ";
 
+$fg_no = isset($fg_no) ? (int) $fg_no : '';
+
 if ($w == 'u' && is_numeric($fo_no)) {
     $write = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'");
     $g5['title'] .= '수정';
diff --git a/adm/sms_admin/sms_write_form.php b/adm/sms_admin/sms_write_form.php
index fdbf64c91..103535b5e 100644
--- a/adm/sms_admin/sms_write_form.php
+++ b/adm/sms_admin/sms_write_form.php
@@ -7,6 +7,8 @@ while ($res = sql_fetch_array($qry)) array_push($group, $res);
 
 $res = sql_fetch("select count(*) as cnt from `{$g5['sms5_form_table']}` where fg_no=0");
 $no_count = $res['cnt'];
+
+$fg_no = isset($fg_no) ? (int) $fg_no : '';
 ?>
 
 <form name="emo_frm">

From 3c0cde3fe2521fdcef2316c56402424c3775b886 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Feb 2020 16:24:27 +0900
Subject: [PATCH 09/14] =?UTF-8?q?=EA=B7=B8=EB=88=84=EB=B3=B4=EB=93=9C=20XS?=
 =?UTF-8?q?S=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/board_form_update.php | 4 ++--
 adm/board_list_update.php | 2 +-
 adm/contentformupdate.php | 2 +-
 adm/newwinformupdate.php  | 2 +-
 adm/point_update.php      | 6 +++---
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/adm/board_form_update.php b/adm/board_form_update.php
index c668136a5..8ddb1840c 100644
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@@ -80,8 +80,8 @@ $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $
 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
 $str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
 
-$_POST['bo_subject'] = strip_tags($_POST['bo_subject']);
-$_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']);
+$_POST['bo_subject'] = strip_tags(clean_xss_attributes($_POST['bo_subject']));
+$_POST['bo_mobile_subject'] = strip_tags(clean_xss_attributes($_POST['bo_mobile_subject']));
 
 $sql_common = " gr_id               = '{$gr_id}',
                 bo_subject          = '{$_POST['bo_subject']}',
diff --git a/adm/board_list_update.php b/adm/board_list_update.php
index 8a5ba44ec..552f60d99 100644
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@@ -33,7 +33,7 @@ if ($_POST['act_button'] == "선택수정") {
                 alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
         }
 
-        $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : '';
+        $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
 
         $sql = " update {$g5['board_table']}
                     set gr_id               = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."',
diff --git a/adm/contentformupdate.php b/adm/contentformupdate.php
index 41170884b..58437acda 100644
--- a/adm/contentformupdate.php
+++ b/adm/contentformupdate.php
@@ -21,7 +21,7 @@ if ($w == "" || $w == "u")
 }
 
 $co_id = preg_replace('/[^a-z0-9_]/i', '', $co_id);
-$co_subject = strip_tags($co_subject);
+$co_subject = strip_tags(clean_xss_attributes($co_subject));
 $co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255));
 $co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255));
 $co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
diff --git a/adm/newwinformupdate.php b/adm/newwinformupdate.php
index 1441ac820..f03701166 100644
--- a/adm/newwinformupdate.php
+++ b/adm/newwinformupdate.php
@@ -12,7 +12,7 @@ else
 
 check_admin_token();
 
-$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : '';
+$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : '';
 
 $sql_common = " nw_device = '{$_POST['nw_device']}',
                 nw_begin_time = '{$_POST['nw_begin_time']}',
diff --git a/adm/point_update.php b/adm/point_update.php
index 571a1dfa6..ac1a70411 100644
--- a/adm/point_update.php
+++ b/adm/point_update.php
@@ -6,9 +6,9 @@ auth_check($auth[$sub_menu], 'w');
 
 check_admin_token();
 
-$mb_id = strip_tags($_POST['mb_id']);
-$po_point = strip_tags($_POST['po_point']);
-$po_content = strip_tags($_POST['po_content']);
+$mb_id = strip_tags(clean_xss_attributes($_POST['mb_id']));
+$po_point = strip_tags(clean_xss_attributes($_POST['po_point']));
+$po_content = strip_tags(clean_xss_attributes($_POST['po_content']));
 $expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']);
 
 $mb = get_member($mb_id);

From ebac40312fbe3dcd45ca9af877c9e3ad033d66af Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Feb 2020 19:03:38 +0900
Subject: [PATCH 10/14] =?UTF-8?q?5.4=20=EB=B2=84=EC=A0=84=20=EC=AA=BD?=
 =?UTF-8?q?=EC=A7=80=EB=B3=B4=EA=B8=B0=20=ED=8E=98=EC=9D=B4=EC=A7=80?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=20=EC=AA=BD=EC=A7=80=20=EC=82=AD=EC=A0=9C?=
 =?UTF-8?q?=EA=B0=80=20=EC=95=88=EB=90=98=EB=8A=94=20=EC=98=A4=EB=A5=98=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/memo_view.php                                       | 9 ++++++---
 mobile/skin/member/basic/memo_view.skin.php             | 2 +-
 skin/member/basic/memo_view.skin.php                    | 2 +-
 theme/basic/mobile/skin/member/basic/memo_view.skin.php | 2 +-
 theme/basic/skin/member/basic/memo_view.skin.php        | 2 +-
 5 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/bbs/memo_view.php b/bbs/memo_view.php
index 144e98f43..be6bebc4f 100644
--- a/bbs/memo_view.php
+++ b/bbs/memo_view.php
@@ -31,14 +31,17 @@ else
     alert($kind.' 값을 넘겨주세요.');
 }
 
-$g5['title'] = $t.' 쪽지 보기';
-include_once(G5_PATH.'/head.sub.php');
-
 $sql = " select * from {$g5['memo_table']}
             where me_id = '$me_id'
             and me_{$kind}_mb_id = '{$member['mb_id']}' ";
 $memo = sql_fetch($sql);
 
+set_session('ss_memo_delete_token', $token = uniqid(time()));
+$del_link = 'memo_delete.php?me_id='.$memo['me_id'].'&amp;token='.$token.'&amp;kind='.$kind;
+
+$g5['title'] = $t.' 쪽지 보기';
+include_once(G5_PATH.'/head.sub.php');
+
 // 이전 쪽지
 $sql = " select me.*, a.rownum from `{$g5['memo_table']}` as me inner join ( select me_id , (@rownum:=@rownum+1) as rownum from `{$g5['memo_table']}` as memo, (select @rownum:=0) tmp where me_{$kind}_mb_id = '{$member['mb_id']}' and memo.me_type = '$kind' order by me_id desc ) as a on a.me_id = me.me_id where me.me_id < '$me_id' and me.me_{$kind}_mb_id = '{$member['mb_id']}' and me.me_type = '$kind' order by me.me_id desc limit 1 ";
 
diff --git a/mobile/skin/member/basic/memo_view.skin.php b/mobile/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/mobile/skin/member/basic/memo_view.skin.php
+++ b/mobile/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/skin/member/basic/memo_view.skin.php b/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/skin/member/basic/memo_view.skin.php
+++ b/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/theme/basic/mobile/skin/member/basic/memo_view.skin.php b/theme/basic/mobile/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/theme/basic/mobile/skin/member/basic/memo_view.skin.php
+++ b/theme/basic/mobile/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/theme/basic/skin/member/basic/memo_view.skin.php b/theme/basic/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/theme/basic/skin/member/basic/memo_view.skin.php
+++ b/theme/basic/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>

From 6ccb8905a0f7a5886f4819820aff1853276e7995 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 14 Feb 2020 11:44:04 +0900
Subject: [PATCH 11/14] =?UTF-8?q?=ED=81=AC=EB=A1=AC=2080=EB=B2=84=EC=A0=84?=
 =?UTF-8?q?=20=EB=8C=80=EC=9D=91=20=EC=BD=94=EB=93=9C=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 common.php         | 11 +++++++----
 lib/common.lib.php |  4 +++-
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/common.php b/common.php
index f7f42bd2a..ba97a952c 100644
--- a/common.php
+++ b/common.php
@@ -230,12 +230,14 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
 	if(!function_exists('session_start_samesite')) {
 		function session_start_samesite($options = array())
 		{
+            global $g5;
+    
 			$res = @session_start($options);
 			
-			// IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None 을 설정하지 않습니다.
-			if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) ){
-				return $res;
-			}
+            // IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None, http 환경에서는 설정하지 않습니다.
+            if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){
+                return $res;
+            }
 
 			$headers = headers_list();
 			krsort($headers);
@@ -243,6 +245,7 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
 				if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue;
 				$header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None';
 				header($header, false);
+                $g5['session_cookie_samesite'] = 'none';
 				break;
 			}
 			return $res;
diff --git a/lib/common.lib.php b/lib/common.lib.php
index b7a373ab0..432514a24 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -116,11 +116,13 @@ function goto_url($url)
 // 세션변수 생성
 function set_session($session_name, $value)
 {
+	global $g5;
+
 	static $check_cookie = null;
 	
 	if( $check_cookie === null ){
 		$cookie_session_name = session_name();
-		if( ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){
+		if( ! isset($g5['session_cookie_samesite']) && ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){
 			@session_regenerate_id(false);
 		}
 

From 1e7d17fd68dc01ca9885b5b65f7ad2445f4b0f95 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 14 Feb 2020 14:35:33 +0900
Subject: [PATCH 12/14] =?UTF-8?q?5.4=20=EB=B2=84=EC=A0=84=20=EC=86=8C?=
 =?UTF-8?q?=EC=85=9C=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=8A=A4=ED=82=A8=205.3?=
 =?UTF-8?q?=EB=B2=84=EC=A0=84=EC=97=90=EC=84=9C=EB=8F=84=20=EC=9E=98=20?=
 =?UTF-8?q?=EB=82=98=EC=98=AC=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 skin/outlogin/basic/style.css             | 1 +
 skin/social/style.css                     | 2 +-
 theme/basic/skin/outlogin/basic/style.css | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/skin/outlogin/basic/style.css b/skin/outlogin/basic/style.css
index fed39d8da..f233abd23 100644
--- a/skin/outlogin/basic/style.css
+++ b/skin/outlogin/basic/style.css
@@ -8,6 +8,7 @@
 .ol form {padding:20px}
 .ol a.btn_admin {display:inline-block;padding:0 10px;height:25px;text-decoration:none;line-height:25px;vertical-align:middle} /* 관리자 전용 버튼 */
 .ol a.btn_admin:focus, .ol a.btn_admin:hover {text-decoration:none}
+.ol .login-sns{padding-bottom:0px}
 
 #ol_before {}
 #ol_before:after {display:block;visibility:hidden;clear:both;content:""}
diff --git a/skin/social/style.css b/skin/social/style.css
index 155b5b532..d984ac9b9 100644
--- a/skin/social/style.css
+++ b/skin/social/style.css
@@ -7,7 +7,7 @@
 .bg-warning3 {background:#fff8dc;border:1px solid #f1e4b2}
 
 /* SNS LOGIN */
-.login-sns {margin-top:5px;border:1px solid #dde7e9;border-bottom:1px solid #dde7e9;clear:both;background:#fff}
+.login-sns {padding-bottom:10px;margin-top:5px;border:1px solid #dde7e9;border-bottom:1px solid #dde7e9;clear:both;background:#fff}
 .login-sns h3 {padding-top:10px;text-align:center;color:#777;font-weight:normal}
 .sns-wrap {margin:10px 0 0;text-align:center}
 .sns-icon {display:inline-block;vertical-align:middle;text-decoration:none}
diff --git a/theme/basic/skin/outlogin/basic/style.css b/theme/basic/skin/outlogin/basic/style.css
index fed39d8da..f233abd23 100644
--- a/theme/basic/skin/outlogin/basic/style.css
+++ b/theme/basic/skin/outlogin/basic/style.css
@@ -8,6 +8,7 @@
 .ol form {padding:20px}
 .ol a.btn_admin {display:inline-block;padding:0 10px;height:25px;text-decoration:none;line-height:25px;vertical-align:middle} /* 관리자 전용 버튼 */
 .ol a.btn_admin:focus, .ol a.btn_admin:hover {text-decoration:none}
+.ol .login-sns{padding-bottom:0px}
 
 #ol_before {}
 #ol_before:after {display:block;visibility:hidden;clear:both;content:""}

From 85e075a5c662acb3606515eafca462adfaa458fe Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Tue, 18 Feb 2020 12:28:32 +0900
Subject: [PATCH 13/14] =?UTF-8?q?[KVE-2020-0062]=EA=B7=B8=EB=88=84?=
 =?UTF-8?q?=EB=B3=B4=EB=93=9C,=EC=98=81=EC=B9=B4=ED=8A=B8=20SQL=20?=
 =?UTF-8?q?=EC=9D=B8=EC=A0=9D=EC=85=98=20=EC=B7=A8=EC=95=BD=EC=A0=90=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/sms_admin/num_book.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/adm/sms_admin/num_book.php b/adm/sms_admin/num_book.php
index 567e05f00..f4338c307 100644
--- a/adm/sms_admin/num_book.php
+++ b/adm/sms_admin/num_book.php
@@ -16,6 +16,8 @@ if ($page < 1) $page = 1;
 $bg_no = isset($bg_no) ? (int) $bg_no : 0;
 $st = isset($st) ? preg_replace('/[^a-z0-9]/i', '', $st) : '';
 
+$sql_korean = $sql_group = $sql_search = $sql_no_hp = '';
+
 if (is_numeric($bg_no))
     $sql_group = " and bg_no='$bg_no' ";
 else
@@ -127,9 +129,9 @@ function no_hp_click(val)
 <label for="bg_no" class="sound_only">그룹명</label>
 <select name="bg_no" id="bg_no" onchange="location.href='<?php echo $_SERVER['SCRIPT_NAME']?>?bg_no='+this.value;">
     <option value=""<?php echo get_selected('', $bg_no); ?>> 전체 </option>
-    <option value="<?php echo $no_group['bg_no']?>"<?php echo get_selected($bg_no, $no_group['bg_no']); ?>> <?php echo $no_group['bg_name']?> (<?php echo number_format($no_group['bg_count'])?> 명) </option>
+    <option value="<?php echo $no_group['bg_no']?>"<?php echo get_selected($no_group['bg_no'], $bg_no); ?>> <?php echo $no_group['bg_name']?> (<?php echo number_format($no_group['bg_count'])?> 명) </option>
     <?php for($i=0; $i<count($group); $i++) {?>
-    <option value="<?php echo $group[$i]['bg_no']?>"<?php echo get_selected($bg_no, $group[$i]['bg_no']);?>> <?php echo $group[$i]['bg_name']?> (<?php echo number_format($group[$i]['bg_count'])?> 명) </option>
+    <option value="<?php echo $group[$i]['bg_no']?>"<?php echo get_selected($group[$i]['bg_no'], $bg_no);?>> <?php echo $group[$i]['bg_name']?> (<?php echo number_format($group[$i]['bg_count'])?> 명) </option>
     <?php } ?>
 </select>
 <input type="checkbox" name="no_hp" id="no_hp" <?php echo $no_hp_checked?> onclick="no_hp_click(this.checked)">

From fa9aa8da19f459e8b2d5ef34f1179ef23ae3053c Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Tue, 18 Feb 2020 15:06:37 +0900
Subject: [PATCH 14/14] =?UTF-8?q?=EB=B2=84=EC=A0=84=205.4.2=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config.php b/config.php
index bd813f657..389614add 100644
--- a/config.php
+++ b/config.php
@@ -5,7 +5,7 @@
 ********************/
 
 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.4.1.9');
+define('G5_GNUBOARD_VER', '5.4.2');
 
 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
 define('_GNUBOARD_', true);