From 179b9bdf04c853d7e44615d7e2923aacb5bd55c7 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@sir.co.kr>
Date: Tue, 11 Aug 2015 09:13:52 +0900
Subject: [PATCH] =?UTF-8?q?=EB=8B=A4=EB=A5=B8=20=ED=9A=8C=EC=9B=90=20?=
 =?UTF-8?q?=EC=A3=BC=EB=AC=B8=EC=A0=95=EB=B3=B4=20=EC=A1=B0=ED=9A=8C?=
 =?UTF-8?q?=EA=B0=80=EB=8A=A5=20=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/shop/orderinquiryview.php | 2 ++
 shop/orderinquiryview.php        | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/mobile/shop/orderinquiryview.php b/mobile/shop/orderinquiryview.php
index 40d24ebfa..b50a813fb 100644
--- a/mobile/shop/orderinquiryview.php
+++ b/mobile/shop/orderinquiryview.php
@@ -11,6 +11,8 @@ if (!$is_member) {
 }
 
 $sql = "select * from {$g5['g5_shop_order_table']} where od_id = '$od_id' ";
+if($is_member && !$is_admin)
+    $sql .= " and mb_id = '{$member['mb_id']}' ";
 $od = sql_fetch($sql);
 if (!$od['od_id'] || (!$is_member && md5($od['od_id'].$od['od_time'].$od['od_ip']) != get_session('ss_orderview_uid'))) {
     alert("조회하실 주문서가 없습니다.", G5_SHOP_URL);
diff --git a/shop/orderinquiryview.php b/shop/orderinquiryview.php
index 2125dfcdd..117ed5de8 100644
--- a/shop/orderinquiryview.php
+++ b/shop/orderinquiryview.php
@@ -16,6 +16,8 @@ if (!$is_member) {
 }
 
 $sql = "select * from {$g5['g5_shop_order_table']} where od_id = '$od_id' ";
+if($is_member && !$is_admin)
+    $sql .= " and mb_id = '{$member['mb_id']}' ";
 $od = sql_fetch($sql);
 if (!$od['od_id'] || (!$is_member && md5($od['od_id'].$od['od_time'].$od['od_ip']) != get_session('ss_orderview_uid'))) {
     alert("조회하실 주문서가 없습니다.", G5_SHOP_URL);