Merge branch 'master' of github.com:gnuboard/g4s

2013-03-21 11:11:44 +09:00
parent 1474ab2b4b 868af92760
commit 207d73eecb
35 changed files with 1736 additions and 1591 deletions
--- a/adm/member_list.php
+++ b/adm/member_list.php
@ -123,6 +123,7 @@ $colspan = 15;
        <th scope="col"><?=subject_sort_link('mb_level', '', 'desc')?>권한</a></th>
        <th scope="col"><?=subject_sort_link('mb_point', '', 'desc')?> 포인트</a></th>
        <th scope="col"><?=subject_sort_link('mb_today_login', '', 'desc')?>최종접속</a></th>
        <th scope="col"><?=subject_sort_link('mb_datetime', '', 'desc')?>가입일</a></th>
        <th scope="col"><?=subject_sort_link('mb_mailling', '', 'desc')?>수신</a></th>
        <th scope="col"><?=subject_sort_link('mb_open', '', 'desc')?>공개</a></th>
        <th scope="col"><?=subject_sort_link('mb_email_certify', '', 'desc')?>인증</a></th>
@ -189,6 +190,7 @@ $colspan = 15;
        <td><?=get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level'])?></td>
        <td class="td_bignum"><a href="point_list.php?sfl=mb_id&amp;stx=<?=$row['mb_id']?>"><?=number_format($row['mb_point'])?></a></td>
        <td><?=substr($row['mb_today_login'],2,8)?></td>
        <td><?=substr($row['mb_datetime'],2,8)?></td>
        <td><?=$row['mb_mailling']?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>';?></td>
        <td><?=$row['mb_open']?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>';?></td>
        <td><?=preg_match('/[1-9]/', $row['mb_email_certify'])?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>';?></td>
--- a/adm/visit_list.php
+++ b/adm/visit_list.php
@ -63,15 +63,8 @@ $result = sql_query($sql);
            $referer = get_text(cut_str($row['vi_referer'], 255, ''));
            $referer = urldecode($referer);
-            if (strtolower($g4['charset']) == 'utf-8') {
+            if (!is_utf8($referer)) {
-                if (!is_utf8($referer)) {
+                $referer = iconv_utf8($referer);
                    $referer = iconv('euc-kr', 'utf-8', $referer);
                }
            }
            else {
                if (is_utf8($referer)) {
                    $referer = iconv('utf-8', 'euc-kr', $referer);
                }
            }
            $title = str_replace(array('<', '>', '&'), array("&lt;", "&gt;", "&amp;"), $referer);
--- a/bbs/download.php
+++ b/bbs/download.php
@ -16,9 +16,9 @@ if (!$file['bf_file'])
    alert_close('파일 정보가 존재하지 않습니다.');
 // JavaScript 불가일 때
-if($confirm != 'yes' && $board['bo_download_point'] < 0) {
+if($js != 'on' && $board['bo_download_point'] < 0) {
    $msg = $file['bf_source'].' 파일을 다운로드 하시면 포인트가 차감('.number_format($board['bo_download_point']).'점)됩니다.\\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\\n그래도 다운로드 하시겠습니까?';
-    $url1 = './download.php?'.$_SERVER['QUERY_STRING'].'&amp;confirm=yes';
+    $url1 = G4_BBS_URL.'/download.php?'.$_SERVER['QUERY_STRING'].'&amp;js=on';
    $url2 = $_SERVER['HTTP_REFERER'];
    //$url1 = 확인link, $url2=취소link
@ -31,7 +31,7 @@ if ($member['mb_level'] < $board['bo_download_level']) {
    if ($member['mb_id'])
        alert($alert_msg);
    else
-        alert($alert_msg.'\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?wr_id='.$wr_id.'&amp;'.$qstr.'&amp;url='.urlencode($g4['bbs_path'].'/board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id));
+        alert($alert_msg.'\\n회원이시라면 로그인 후 이용해 보십시오.', G4_BBS_URL.'/login.php?wr_id='.$wr_id.'&amp;'.$qstr.'&amp;url='.urlencode(G4_BBS_URL.'/board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id));
 }
 $filepath = G4_DATA_PATH.'/file/'.$bo_table.'/'.$file['bf_file'];
@ -54,7 +54,7 @@ if (!get_session($ss_name))
    {
        // 다운로드 포인트가 음수이고 회원의 포인트가 0 이거나 작다면
        if ($member['mb_point'] + $board['bo_download_point'] < 0)
-            alert('보유하신 포인트('.number_format($member['mb_point']).')가 없거나 모자라서 다운로드('.number_format($board['bo_download_point']).')가 불가합니다.'."\n\n".'포인트를 적립하신 후 다시 다운로드 해 주십시오.');
+            alert('보유하신 포인트('.number_format($member['mb_point']).')가 없거나 모자라서 다운로드('.number_format($board['bo_download_point']).')가 불가합니다.\\n\\n포인트를 적립하신 후 다시 다운로드 해 주십시오.');
        // 게시물당 한번만 차감하도록 수정
        insert_point($member['mb_id'], $board['bo_download_point'], "{$board['bo_subject']} $wr_id 파일 다운로드", $bo_table, $wr_id, "다운로드");
--- a/bbs/memo_delete.php
+++ b/bbs/memo_delete.php
@ -4,6 +4,8 @@ include_once('./_common.php');
 if (!$member[mb_id]) 
    alert('회원만 이용하실 수 있습니다.');
 $me_id = (int)$_REQUEST['me_id'];
 $sql = " select * from {$g4[memo_table]} where me_id = '{$me_id}' ";
 $row = sql_fetch($sql);
 if (!$row[mb_read_datetime][0]) // 메모 받기전이면
--- a/bbs/memo_view.php
+++ b/bbs/memo_view.php
@ -4,6 +4,8 @@ include_once('./_common.php');
 if (!$is_member)
    alert('회원만 이용하실 수 있습니다.');
 $me_id = (int)$_REQUEST['me_id'];
 if ($kind == 'recv')
 {
    $t = '받은';
--- a/bbs/rss.php
+++ b/bbs/rss.php
@ -30,15 +30,15 @@ if (!$row['bo_use_rss_view']) {
    exit;
 }
-Header("Content-type: text/xml");
+header('Content-type: text/xml');
-header("Cache-Control: no-cache, must-revalidate");
+header('Cache-Control: no-cache, must-revalidate');
-header("Pragma: no-cache");
+header('Pragma: no-cache');
 $sql = " select gr_subject from {$g4['group_table']} where gr_id = '{$row['gr_id']}' ";
 $row = sql_fetch($sql);
 $subj1 = specialchars_replace($row['gr_subject'], 255);
-echo '<?xml version="1.0" encoding="'.$g4['charset'].'"?>'."\n";
+echo '<?xml version="1.0" encoding="utf-8"?>'."\n";
 ?>
 <rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
 <channel>
--- a/bbs/syndi/include/include.adm.board_delete.inc.php
+++ b/bbs/syndi/include/include.adm.board_delete.inc.php
@ -4,7 +4,7 @@
 * @author sol (ngleader@gmail.com)
 * @brief 게시판 삭제시 Syndication Ping
 *        gnuboard4/adm/board_delete.inc.php 파일에 추가
- *        include '../syndi/include/gnuboard4_euckr/include.adm.board_delete.inc.php';
+ *        include '../syndi/include/include.adm.board_delete.inc.php';
 */
 if(!defined('_GNUBOARD_')) return;
--- a/bbs/syndi/include/include.adm.board_form_update.php
+++ b/bbs/syndi/include/include.adm.board_form_update.php
@ -4,7 +4,7 @@
 * @author sol (ngleader@gmail.com)
 * @brief 게시판 삭제시 Syndication Ping
 *        gnuboard4/adm/board_form_update.php 파일에 추가
- *        include '../syndi/include/gnuboard4_euckr/include.adm.board_form_update.php';
+ *        include '../syndi/include/include.adm.board_form_update.php';
 */
 if(!defined('_GNUBOARD_')) return;
--- a/bbs/syndi/include/include.bbs.delete.php
+++ b/bbs/syndi/include/include.bbs.delete.php
@ -4,7 +4,7 @@
 * @author sol (ngleader@gmail.com)
 * @brief 글 삭제시 Syndication Ping
 *        gnuboard4/bbs/bbs.delete.php 파일에 추가
- *        include '../syndi/include/gnuboard4_euckr/include.bbs.delete.php';
+ *        include '../syndi/include/include.bbs.delete.php';
 */
 if(!defined('_GNUBOARD_')) return;
--- a/bbs/syndi/include/include.bbs.delete_all.php
+++ b/bbs/syndi/include/include.bbs.delete_all.php
@ -4,7 +4,7 @@
 * @author sol (ngleader@gmail.com)
 * @brief 글 삭제시 Syndication Ping
 *        gnuboard4/bbs/bbs.delete_all.php 파일에 추가
- *        include '../syndi/include/gnuboard4_euckr/include.bbs.delete_all.php';
+ *        include '../syndi/include/include.bbs.delete_all.php';
 */
 if(!defined('_GNUBOARD_')) return;
--- a/bbs/syndi/include/include.bbs.move_update.php
+++ b/bbs/syndi/include/include.bbs.move_update.php
@ -4,7 +4,7 @@
 * @author sol (ngleader@gmail.com)
 * @brief 글 등록/수정시 Syndication Ping
 *        gnuboard4/bbs/move_update.php 파일에 추가
- *        include '../syndi/include/gnuboard4_euckr/include.bbs.move_update.php';
+ *        include '../syndi/include/include.bbs.move_update.php';
 */
 if(!defined('_GNUBOARD_')) return;
--- a/bbs/syndi/include/include.bbs.write_update.php
+++ b/bbs/syndi/include/include.bbs.write_update.php
@ -4,7 +4,7 @@
 * @author sol (ngleader@gmail.com)
 * @brief 글 등록/수정시 Syndication Ping
 *        gnuboard4/bbs/write_update.php 파일에 추가
- *        include '../syndi/include/gnuboard4_euckr/include.bbs.write_update.php';
+ *        include '../syndi/include/include.bbs.write_update.php';
 */
 if(!defined('_GNUBOARD_')) return;
--- a/bbs/write.php
+++ b/bbs/write.php
@ -3,8 +3,8 @@ include_once('./_common.php');
 include_once(G4_CKEDITOR_PATH.'/ckeditor.lib.php');
 include_once(G4_GCAPTCHA_PATH.'/gcaptcha.lib.php');
-set_session('ss_bo_table', $bo_table);
+set_session('ss_bo_table', $_REQUEST['bo_table']);
-set_session('ss_wr_id', $wr_id);
+set_session('ss_wr_id', $_REQUEST['wr_id']);
 if (!$board['bo_table']) {
    alert('존재하지 않는 게시판입니다.', G4_URL);
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@ -42,8 +42,8 @@ if (empty($_POST)) {
 }
 $w = $_POST['w'];
-$wr_link1 = mysql_real_escape_string($_POST['wr_link1']);
+$wr_link1 = escape_trim(strip_tags($_POST['wr_link1']));
-$wr_link2 = mysql_real_escape_string($_POST['wr_link2']);
+$wr_link2 = escape_trim(strip_tags($_POST['wr_link2']));
 $notice_array = explode(',', trim($board['bo_notice']));
--- a/bbs/zip.db
+++ b/bbs/zip.db
--- a/common.php
+++ b/common.php
@ -2,9 +2,6 @@
 /*******************************************************************************
 ** 공통 변수, 상수, 코드
 *******************************************************************************/
 //error_reporting(E_ALL ^ E_NOTICE);
 //error_reporting(E_ALL & ~E_NOTICE);
 //error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT);
 error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR );
 // 보안설정이나 프레임이 달라도 쿠키가 통하도록 설정
@ -69,20 +66,14 @@ $g4     = array();
 function g4_path()
 {
-    $path           = dirname(__FILE__);                                        // 예) /home/sir/www/g4s
+    $result['path'] = str_replace('\\', '/', dirname(__FILE__));
-    $linux_dir      = str_replace("\\", "/", $path);                            // 예) /home/sir/www/g4s
+    $tilde_remove = preg_replace('/^\/\~[^\/]+(.*)$/', '$1', $_SERVER['SCRIPT_NAME']);
-    //$document_root  = str_replace("\\", "/", $_SERVER['DOCUMENT_ROOT']);        // 예) /home/sir/www
+    $document_root = str_replace($tilde_remove, '', $_SERVER['SCRIPT_FILENAME']);
-	$document_root  = str_replace("\\", "/", realpath($_SERVER['DOCUMENT_ROOT']));
+    $root = str_replace($document_root, '', $result['path']);
-    $base_dir       = preg_replace('#^'.$document_root.'#i', '', $linux_dir);   // 예) /g4s
+    $port = $_SERVER['SERVER_PORT'] != 80 ? ':'.$_SERVER['SERVER_PORT'] : '';
-    $port           = $_SERVER['SERVER_PORT'] != 80 ? ':'.$_SERVER['SERVER_PORT'] : '';
+    $http = 'http' . ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ? 's' : '') . '://';
-    $http           = 'http' . ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ? 's' : '') . '://';
+    $user = str_replace(str_replace($document_root, '', $_SERVER['SCRIPT_FILENAME']), '', $_SERVER['SCRIPT_NAME']);
-
+    $result['url'] = $http.$_SERVER['SERVER_NAME'].$port.$user.$root;
    $result = array();
    $result['path']     = $path;
    $result['url']      = $http.$_SERVER['SERVER_NAME'].$port.$base_dir;
    $result['curr_url'] = $http.$_SERVER['SERVER_NAME'].$port.$_SERVER['PHP_SELF'];
    $result['curr_uri'] = $result['curr_url'] . ($_SERVER['QUERY_STRING'] ? '?'.$_SERVER['QUERY_STRING'] : '');
    return $result;
 }
@ -128,7 +119,7 @@ div a {display:block;margin:50px auto 10px;width:170px;text-align:center}
            <li><strong><?=G4_DATA_DIR.'/'.G4_DBCONFIG_FILE?></strong></li>
        </ul>
        <p>프로그램 설치 후 실행하시기 바랍니다.</p>
-        <a href="<?=G4_URL?>/install/">그누보드4S 설치하기</a>
+        <a href="./install/">그누보드4S 설치하기</a>
    </div>
 </body>
 </html>
@ -221,6 +212,7 @@ if (isset($_REQUEST['sca']))  {
 if (isset($_REQUEST['sfl']))  {
    $sfl = escape_trim($_REQUEST['sfl']);
    $sfl = preg_replace("/[\<\>\'\"\%\=\(\)\s]/", "", $sfl);
    if ($sfl)
        $qstr .= '&amp;sfl=' . urlencode($sfl); // search field (검색 필드)
 } else {
--- a/css/admin.css
+++ b/css/admin.css
@ -264,7 +264,7 @@ td {padding:8px 5px 6px;border-top:1px solid #e9e9e9;border-bottom:1px solid #e9
 /* 공통 */
 .td_chk {width:30px;text-align:center}
 .td_num {width:60px;text-align:center}
-.td_bignum {width:120px;text-align:center}
+.td_bignum {width:100px;text-align:center}
 .td_grid {width:60px;text-align:center}
 .td_mbid,
 .td_name,
@ -298,6 +298,11 @@ td {padding:8px 5px 6px;border-top:1px solid #e9e9e9;border-bottom:1px solid #e9
 .new_win_ul a {display:block;padding:10px 10px 8px;border-right:1px solid #595959;border-left:1px solid #595959;color:#fff;font-family:"dotum";font-weight:bold;text-decoration:none}
 .new_win_desc {margin:0 auto;width:93%}
 /* 자바스크립트 alert 대안 */
 #validation_check {margin:100px auto;width:500px}
 #validation_check h1 {margin-bottom:20px;font-size:1.3em}
 #validation_check p {margin-bottom:20px;padding:30px 20px;border:1px solid #e9e9e9;background:#fff}
 /* 관리자 패스워드 확인 */
 #admin_confirm {padding:0 0 10px;background:#222;text-align:center}
 #admin_confirm p {margin:0 0 10px;color:#9ab9c5;background:#383a3f}
--- a/css/default.css
+++ b/css/default.css
@ -227,7 +227,7 @@ input.required:focus {padding:3px 3px 4px;border:0;background:#21272e !important
 /* 자바스크립트 alert 대안 */
 #validation_check {margin:100px auto;width:500px}
 #validation_check h1 {margin-bottom:20px;font-size:1.3em}
-#validation_check p {margin-bottom:20px;padding:30px 20px}
+#validation_check p {margin-bottom:20px;padding:30px 20px;border:1px solid #e9e9e9;background:#fff}
 /* 사이드뷰 */
 .sv_wrap {display:inline-block;position:relative;font-weight:normal}
--- a/head.sub.php
+++ b/head.sub.php
@ -32,7 +32,11 @@ header("Pragma: no-cache"); // HTTP/1.0
 <html lang="ko">
 <head>
 <meta charset="utf-8">
-<? if (G4_IS_MOBILE) {?><meta name="viewport" content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width"><? } ?>
+<? if (G4_IS_MOBILE) {?>
 <meta name="viewport" content="width=device-width,initial-scale=1.0,minimum-scale=0,maximum-scale=10,user-scalable=yes">
 <meta name="HandheldFriendly" content="true">
 <meta name="format-detection" content="telephone=no">
 <? } ?>
 <!-- <meta http-equiv="X-UA-Compatible" content="IE=Edge" /> -->
 <title><?=$g4_head_title?></title>
 <? if (defined('G4_IS_ADMIN')) { ?>
--- a/install/index.php
+++ b/install/index.php
@ -4,6 +4,9 @@ include_once ('../config.php');
 include_once ('./install.inc.php');
 ?>
 <?
 if ($exists_data_dir && $write_data_dir) {
 ?>
    <p>
        <strong class="st_strong">라이센스(License) 내용을 반드시 확인하십시오.</strong><br>
        라이센스에 동의하시는 경우에만 설치가 진행됩니다.
@ -11,8 +14,6 @@ include_once ('./install.inc.php');
    <textarea name="textarea" id="idx_license" readonly><?=implode('', file('../LICENSE.txt'));?></textarea>
 </div>
 <form action="./install_config.php" method="post" onsubmit="return frm_submit(this);">
 <div id="idx_agree">
    <label for="agree">동의합니다.</label>
@ -35,6 +36,11 @@ function frm_submit(f)
    return true;
 }
 </script>
 <?
 } // if
 ?>
 </div>
 </body>
 </html>
--- a/install/install.inc.php
+++ b/install/install.inc.php
@ -53,6 +53,7 @@ if (file_exists($dbconfig_file)) {
 ?>
 <?
 $exists_data_dir = true;
 // data 디렉토리가 있는가?
 if (!is_dir($data_path))
 {
@ -62,10 +63,12 @@ if (!is_dir($data_path))
    $> mkdir <?=G4_DATA_DIR?><br /><br />
    위 명령 실행후 브라우저를 새로고침 하십시오.</p>
 <?
    $exists_data_dir = false;
 }
 ?>
 <?
 $write_data_dir = true;
 // data 디렉토리에 파일 생성 가능한지 검사.
 if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
    if (!(is_readable($data_path) && is_writeable($data_path) && is_executable($data_path)))
@ -75,7 +78,7 @@ if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
        $> chmod 707 <?=G4_DATA_DIR?> 또는 chmod uo+rwx <?=G4_DATA_DIR?><br /><br />
        위 명령 실행후 브라우저를 새로고침 하십시오.</p>
    <?
-        exit;
+        $write_data_dir = false;
    }
 }
 ?>
--- a/js/filter.js
+++ b/js/filter.js
@ -1,25 +0,0 @@
 if (typeof(FILTER_JS) == 'undefined') // 한번만 실행
 {
    if (typeof g4_cf_filter == 'undefined')
        alert('g4_cf_filter 변수가 선언되지 않았습니다. js/filter.js');
    var FILTER_JS = true;
    // 금지단어 필터링
    function word_filter_check(v)
    {
        var trim_pattern = /(^\s*)|(\s*$)/g; // \s 공백 문자 // 양쪽 공백 없애기 trim()
        var filter = g4_cf_filter;
        var s = filter.split(",");
        for (i=0; i<s.length; i++) 
        {
            s[i] = s[i].replace(trim_pattern, "");
            if (s[i]=="") continue;
            if (v.indexOf(s[i]) != -1)
                return s[i];
        }
        return "";
    }
 }
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -87,7 +87,7 @@ function goto_url($url)
 {
    $url = str_replace("&amp;", "&", $url);
    //echo "<script> location.replace('$url'); </script>";
-    header("Location:$url");
+    @header("Location:$url");
    exit;
 }
@ -137,19 +137,6 @@ function alert($msg='', $url='', $error=true, $post=false)
    if (!$msg) $msg = '올바른 방법으로 이용해 주십시오.';
    /*
    //header("Content-Type: text/html; charset=$g4['charset']");
    echo "<meta http-equiv=\"content-type\" content=\"text/html; charset={$g4['charset']}\">";
    echo "<script>alert('$msg');";
    if (!$url)
        echo "history.go(-1);";
    echo "</script>";
    if ($url)
        // 4.06.00 : 불여우의 경우 아래의 코드를 제대로 인식하지 못함
        //echo "<meta http-equiv='refresh' content='0;url=$url'>";
        goto_url($url);
    exit;
    */
    $header = '';
    if (isset($g4['title'])) {
        $header = $g4['title'];
@ -164,11 +151,6 @@ function alert_close($msg, $error=true)
 {
    global $g4;
    /*
    echo "<meta http-equiv=\"content-type\" content=\"text/html; charset={$g4['charset']}\">";
    echo "<script> alert('$msg'); window.close(); </script>";
    exit;
    */
    $header = '';
    if (isset($g4['title'])) {
        $header = $g4['title'];
@ -495,6 +477,13 @@ function bad120422($matches)
    return $matches['0'];
 }
 // tag 내의 주석문 무효화 하기
 function bad130128($matches)
 {
    $str = $matches[2];
    return '<'.$matches[1].preg_replace('#(\/\*|\*\/)#', '', $str).'>';
 }
 // 내용을 변환
 function conv_content($content, $html)
 {
@ -521,14 +510,18 @@ function conv_content($content, $html)
            $content .= "</table>";
        }
        $content = preg_replace_callback("/<([^>]+)>/s", 'bad130128', $content); 
        $content = preg_replace($source, $target, $content);
        $content = bad_tag_convert($content);
        // XSS (Cross Site Script) 막기
        // 완벽한 XSS 방지는 없다.
        // 이런 경우를 방지함 <IMG STYLE="xss:expr/*XSS*/ession(alert('XSS'))">
-        $content = preg_replace("#\/\*.*\*\/#iU", "", $content);
+        //$content = preg_replace("#\/\*.*\*\/#iU", "", $content);
        // 위의 정규식이 아래와 같은 내용을 통과시키므로 not greedy(비탐욕수량자?) 옵션을 제거함. ignore case 옵션도 필요 없으므로 제거
        // <IMG STYLE="xss:ex//*XSS*/**/pression(alert('XSS'))"></IMG>
        $content = preg_replace("#\/\*.*\*\/#", "", $content);
        // object, embed 태그에서 javascript 코드 막기
        $content = preg_replace_callback("#<(object|embed)([^>]+)>#i", "bad120422", $content);
@ -538,7 +531,8 @@ function conv_content($content, $html)
        $content = preg_replace("/(lo)(wsrc)/i", "&#108;&#111;$2", $content);
        $content = preg_replace("/(sc)(ript)/i", "&#115;&#99;$2", $content);
        $content = preg_replace_callback("#<([^>]+)#", create_function('$m', 'return "<".str_replace("<", "&lt;", $m[1]);'), $content);
-        $content = preg_replace("/\<(\w|\s|\?)*(xml)/i", "", $content);
+        //$content = preg_replace("/\<(\w|\s|\?)*(xml)/i", "", $content);
        $content = preg_replace("/\<(\w|\s|\?)*(xml)/i", "_$1$2_", $content);
        // 플래시의 액션스크립트와 자바스크립트의 연동을 차단하여 악의적인 사이트로의 이동을 막는다.
        // value="always" 를 value="never" 로, allowScriptaccess="always" 를 allowScriptaccess="never" 로 변환하는데 목적이 있다.
@ -550,6 +544,9 @@ function conv_content($content, $html)
        $content = preg_replace("/<(img[^>]+logout\.php[^>]+)/i", "*** CSRF 감지 : &lt;$1", $content);
        $content = preg_replace("/<(img[^>]+download\.php[^>]+bo_table[^>]+)/i", "*** CSRF 감지 : &lt;$1", $content);
        $content = preg_replace_callback("#style\s*=\s*[\"\']?[^\"\']+[\"\']?#i",
                    create_function('$matches', 'return str_replace("\\\\", "", stripslashes($matches[0]));'), $content);
        $pattern = "";
        $pattern .= "(e|&#(x65|101);?)";
        $pattern .= "(x|&#(x78|120);?)";
@ -558,10 +555,15 @@ function conv_content($content, $html)
        $pattern .= "(e|&#(x65|101);?)";
        $pattern .= "(s|&#(x73|115);?)";
        $pattern .= "(s|&#(x73|115);?)";
-        $pattern .= "(i|&#(x6a|105);?)";
+        //$pattern .= "(i|&#(x6a|105);?)";
        $pattern .= "(i|&#(x69|105);?)";
        $pattern .= "(o|&#(x6f|111);?)";
        $pattern .= "(n|&#(x6e|110);?)";
-        $content = preg_replace("/".$pattern."/i", "__EXPRESSION__", $content);
+        //$content = preg_replace("/".$pattern."/i", "__EXPRESSION__", $content);
        $content = preg_replace("/<[^>]*".$pattern."/i", "__EXPRESSION__", $content); 
        // <IMG STYLE="xss:e\xpression(alert('XSS'))"></IMG> 와 같은 코드에 취약점이 있어 수정함. 121213
        $content = preg_replace("/(?<=style)(\s*=\s*[\"\']?xss\:)/i", '="__XSS__', $content); 
        $content = bad_tag_convert($content);
    }
    else // text 이면
    {
@ -1309,10 +1311,7 @@ function get_table_define($table, $crlf="\n")
        $schema_create     .= implode($columns, ', ') . ')';
    } // end while
-    if (strtolower($g4['charset']) == 'utf-8')
+    $schema_create .= $crlf . ') DEFAULT CHARSET=utf8';
        $schema_create .= $crlf . ') DEFAULT CHARSET=utf8';
    else
        $schema_create .= $crlf . ')';
    return $schema_create;
 } // end of the 'PMA_getTableDef()' function
@ -1517,13 +1516,6 @@ function cut_hangul_last($hangul)
        }
    }
    // 홀수라면 한글이 반쪽난 상태이므로
    if (strtoupper($g4['charset']) != 'UTF-8') {
        if ($cnt%2) {
            $hangul = substr($hangul, 0, $cnt-1);
        }
    }
    return $hangul;
 }
@ -1554,9 +1546,7 @@ function bad_tag_convert($code)
                    $code);
    }
-    //return preg_replace("/\<([\/]?)(script|iframe)([^\>]*)\>/i", "&lt;$1$2$3&gt;", $code);
+    return preg_replace("/\<([\/]?)(script|iframe|form)([^\>]*)\>?/i", "&lt;$1$2$3&gt;", $code);
    // script 나 iframe 태그를 막지 않는 경우 필터링이 되도록 수정
    return preg_replace("/\<([\/]?)(script|iframe)([^\>]*)\>?/i", "&lt;$1$2$3&gt;", $code);
 }
@ -1763,7 +1753,7 @@ function get_editor_image($contents)
        return false;
    // $contents 중 img 태그 추출
-    $pattern = "/<img[^>]*src=[\'\"]?([^>\'\"]+".str_replace(".", "\.", $_SERVER['HTTP_HOST'])."[^>\'\"]+)[\'\"]?[^>]*>/";
+    $pattern = "/<img[^>]*src=[\'\"]?([^>\'\"]+[^>\'\"]+)[\'\"]?[^>]*>/";
    preg_match_all($pattern, $contents, $matchs);
    return $matchs;
@ -1802,16 +1792,9 @@ function get_skin_stylesheet($skin_path)
    if(!$skin_path)
        return "";
    $doc_root = realpath($_SERVER['DOCUMENT_ROOT']);
    $skin_path = realpath($skin_path);
    $str = "";
-    $p = parse_url(G4_URL);
+    $skin_url = G4_URL.str_replace("\\", "/", str_replace(G4_PATH, "", $skin_path));
    $skin_url = $p['scheme'].'://'.$p['host'];
    if(isset($p['port']))
        $skin_url .= ':'.$p['port'];
    $skin_url .= str_replace("\\", "/", str_replace($doc_root, "", $skin_path));
    if(is_dir($skin_path)) {
        if($dh = opendir($skin_path)) {
--- a/lib/latest.lib.php
+++ b/lib/latest.lib.php
@ -5,6 +5,7 @@ if (!defined('_GNUBOARD_')) exit;
 function latest($skin_dir='', $bo_table, $rows=10, $subject_len=40)
 {
    global $g4;
    static $css = array();
    if (!$skin_dir) $skin_dir = 'basic';
@ -38,6 +39,12 @@ function latest($skin_dir='', $bo_table, $rows=10, $subject_len=40)
    include_once($cache_file);
    // 같은 스킨은 .css 를 한번만 호출한다.
    if (!in_array($skin_dir, $css)) {
        echo '<link rel="stylesheet" href="'.$latest_skin_url.'/style.css">';
        $css[] = $skin_dir;
    }
    ob_start();
    include $latest_skin_path.'/latest.skin.php';
    $content = ob_get_contents();
--- a/lib/mailer.lib.php
+++ b/lib/mailer.lib.php
@ -11,11 +11,8 @@ function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file='', $cc=
    // 메일발송 사용을 하지 않는다면
    if (!$config['cf_email_use']) return;
    //$fname   = "=?$g4[charset]?B?" . base64_encode($fname) . "?=";
    //$subject = "=?$g4[charset]?B?" . base64_encode($subject) . "?=";
    $fname   = "=?utf-8?B?" . base64_encode($fname) . "?=";
    $subject = "=?utf-8?B?" . base64_encode($subject) . "?=";
    //$g4[charset] = ($g4[charset] != "") ? "charset=$g4[charset]" : "";
    $header  = "Return-Path: <$fmail>\n";
    $header .= "From: $fname <$fmail>\n";
--- a/lib/thumbnail.lib.php
+++ b/lib/thumbnail.lib.php
@ -34,15 +34,21 @@ function get_list_thumbnail($bo_table, $wr_id, $thumb_width, $thumb_height, $is_
        for($i=0; $i<count($matchs[1]); $i++)
        {
            // 이미지 path 구함
            $imgurl = parse_url($matchs[1][$i]);
            $srcfile = $_SERVER['DOCUMENT_ROOT'].$imgurl['path'];
            $src_url = $matchs[1][$i];
            if(!stristr($src_url, G4_URL) || stripos($src_url, G4_URL) != 0)
                continue;
            $srcfile = G4_PATH.str_replace(G4_URL, "", $matchs[1][$i]);
            if(preg_match("/\.({$config['cf_image_extension']})$/i", $srcfile) && is_file($srcfile)) {
                $size = @getimagesize($srcfile);
                if(empty($size))
                    continue;
                $filename = basename($srcfile);
                $filepath = dirname($srcfile);
-                preg_match("/alt=[\'\"]{1}(.*)[\'\"]{1}/", $matchs[0][$i], $malt);
+                preg_match("/alt=[\"\']?([^\"\']*)[\"\']?/", $matchs[0][$i], $malt);
                $alt = get_text($malt[1]);
                break;
@ -94,13 +100,15 @@ function get_view_thumbnail($contents)
    // $contents 중 img 태그 추출
    $matchs = get_editor_image($contents);
-    if(!$matchs)
+    if(empty($matchs))
        return $contents;
    for($i=0; $i<count($matchs[1]); $i++) {
        if(!stristr($matchs[1][$i], G4_URL) || stripos($matchs[1][$i], G4_URL) != 0)
            continue;
        // 이미지 path 구함
-        $imgurl = parse_url($matchs[1][$i]);
+        $srcfile = G4_PATH.str_replace(G4_URL, "", $matchs[1][$i]);
        $srcfile = $_SERVER['DOCUMENT_ROOT'].$imgurl['path'];
        if(is_file($srcfile)) {
            // 썸네일 높이
@ -145,7 +153,8 @@ function get_view_thumbnail($contents)
            // $img_tag에 editor 경로가 있으면 원본보기 링크 추가
            if(strpos($matchs[1][$i], 'data/editor') && preg_match("/\.({$config['cf_image_extension']})$/i", $filename)) {
-                $thumb_tag = '<a href="'.G4_BBS_URL.'/view_image.php?fn='.urlencode($imgurl['path']).'" target="_blank" class="view_image">'.$thumb_tag.'</a>';
+                $imgurl = str_replace(G4_URL, "", $matchs[1][$i]);
                $thumb_tag = '<a href="'.G4_BBS_URL.'/view_image.php?fn='.urlencode($imgurl).'" target="_blank" class="view_image">'.$thumb_tag.'</a>';
            }
            $contents = str_replace($img_tag, $thumb_tag, $contents);
--- a/mobile/skin/board/basic/list.skin.php
+++ b/mobile/skin/board/basic/list.skin.php
@ -140,7 +140,7 @@ if ($is_nogood) $colspan++;
        <option value="wr_name,1"<?=get_selected($sfl, 'wr_name,1');?>>글쓴이</option>
        <option value="wr_name,0"<?=get_selected($sfl, 'wr_name,0');?>>글쓴이(코)</option>
    </select>
-    <input name="stx" value="<?=stripslashes($stx)?>"  title="검색어(필수)" required class="required" size="15" maxlength="15">
+    <input name="stx" value="<?=stripslashes($stx)?>" title="검색어(필수)" required class="required" size="15" maxlength="15">
    <input type="submit" value="검색">
    </form>
 </fieldset>
--- a/mobile/skin/board/basic/view.skin.php
+++ b/mobile/skin/board/basic/view.skin.php
@ -40,7 +40,7 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
            if (isset($view['file'][$i]['source']) && $view['file'][$i]['source'] && !$view['file'][$i]['view']) {
        ?>
            <li>
-                <a href="<? echo $view['file'][$i]['href']; ?>" onclick="javascript:file_download('<? echo $view['file'][$i]['href'].'&amp;confirm=yes'; ?>', '<?=$view['file'][$i]['source']?>'); return false;">
+                <a href="<? echo $view['file'][$i]['href']; ?>" class="view_file_download">
                    <img src="<?=$board_skin_url?>/img/icon_file.gif" alt="첨부파일">
                    <strong><?=$view['file'][$i]['source']?></strong>
                    <span> (<?=$view['file'][$i]['size']?>)</span>
@ -183,10 +183,22 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
 <script>
-function file_download(link, file) {
+<? if ($board['bo_download_point'] < 0) { ?>
-    <? if ($board['bo_download_point'] < 0) { ?>if (confirm("'"+file+"' 파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?"))<?}?>
+$(function() {
-    document.location.href=link;
+    $("a.view_file_download").click(function() {
-}
+        var msg = "파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?";
        if(confirm(msg)) {
            var href = $(this).attr("href")+"&js=on";
            $(this).attr("href", href);
            return true;
        } else {
            return false;
        }
    });
 });
 <?}?>
 function board_move(href)
 {
--- a/mobile/skin/board/gallery/list.skin.php
+++ b/mobile/skin/board/gallery/list.skin.php
@ -87,12 +87,12 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
                        <strong style="width:<?=$board['bo_mobile_gallery_width']?>px;height:<?=$board['bo_mobile_gallery_height']?>px">공지</strong>
                    <?
                    } else {
-                        $thumb = get_list_thumbnail($board['bo_table'], $list[$i]['wr_id'], $board['bo_gallery_width'], $board['bo_gallery_height']);
+                        $thumb = get_list_thumbnail($board['bo_table'], $list[$i]['wr_id'], $board['bo_mobile_gallery_width'], $board['bo_mobile_gallery_height']);
                        if($thumb['src']) {
-                            $img_content = '<img src="'.$thumb['src'].'" alt="'.$thumb['alt'].'" width="'.$board['bo_gallery_width'].'" height="'.$board['bo_gallery_height'].'">';
+                            $img_content = '<img src="'.$thumb['src'].'" alt="'.$thumb['alt'].'" width="'.$board['bo_mobile_gallery_width'].'" height="'.$board['bo_mobile_gallery_height'].'">';
                        } else {
-                            $img_content = '<span style="width:'.$board['bo_gallery_width'].'px;height:'.$board['bo_gallery_height'].'px">no image</span>';
+                            $img_content = '<span style="width:'.$board['bo_mobile_gallery_width'].'px;height:'.$board['bo_mobile_gallery_height'].'px">no image</span>';
                        }
                        echo $img_content;
--- a/mobile/skin/board/gallery/view.skin.php
+++ b/mobile/skin/board/gallery/view.skin.php
@ -40,7 +40,7 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
            if (isset($view['file'][$i]['source']) && $view['file'][$i]['source'] && !$view['file'][$i]['view']) {
        ?>
            <li>
-                <a href="<? echo $view['file'][$i]['href']; ?>" onclick="javascript:file_download('<? echo $view['file'][$i]['href'].'&amp;confirm=yes'; ?>', '<?=$view['file'][$i]['source']?>'); return false;">
+                <a href="<? echo $view['file'][$i]['href']; ?>" class="view_file_download">
                    <img src="<?=$board_skin_url?>/img/icon_file.gif" alt="첨부파일">
                    <strong><?=$view['file'][$i]['source']?></strong>
                    <span> (<?=$view['file'][$i]['size']?>)</span>
@ -182,10 +182,22 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
 <script>
-function file_download(link, file) {
+<? if ($board['bo_download_point'] < 0) { ?>
-    <? if ($board['bo_download_point'] < 0) { ?>if (confirm("'"+file+"' 파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?"))<?}?>
+$(function() {
-    document.location.href=link;
+    $("a.view_file_download").click(function() {
-}
+        var msg = "파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?";
        if(confirm(msg)) {
            var href = $(this).attr("href")+"&js=on";
            $(this).attr("href", href);
            return true;
        } else {
            return false;
        }
    });
 });
 <?}?>
 function board_move(href)
 {
--- a/mobile/skin/outlogin/basic/outlogin.skin.1.php
+++ b/mobile/skin/outlogin/basic/outlogin.skin.1.php
@ -10,8 +10,8 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
    <form name="foutlogin" action="<?=$outlogin_action_url?>" onsubmit="return fhead_submit(this);" method="post" autocomplete="off">
    <fieldset>
        <input type="hidden" name="url" value="<?=$outlogin_url?>">
-        <input type="text" name="mb_id" id="ol_id" title="회원아이디(필수)" placeholder="회원아이디(필수)" required class="required" maxlength="20">
+        <input type="text" name="mb_id" id="ol_id" placeholder="회원아이디(필수)" required class="required" maxlength="20">
-        <input type="password" id="ol_pw" name="mb_password" title="패스워드(필수)" placeholder="패스워드(필수)" required class="required" maxlength="20">
+        <input type="password" id="ol_pw" name="mb_password" placeholder="패스워드(필수)" required class="required" maxlength="20">
        <input type="submit" id="ol_submit" value="로그인">
        <div id="ol_svc">
            <input type="checkbox" id="auto_login" name="auto_login" value="1">
--- a/skin/board/basic/view.skin.php
+++ b/skin/board/basic/view.skin.php
@ -40,7 +40,7 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
            if (isset($view['file'][$i]['source']) && $view['file'][$i]['source'] && !$view['file'][$i]['view']) {
        ?>
            <li>
-                <a href="<? echo $view['file'][$i]['href']; ?>" onclick="javascript:file_download('<? echo $view['file'][$i]['href'].'&amp;confirm=yes'; ?>', '<?=$view['file'][$i]['source']?>'); return false;">
+                <a href="<? echo $view['file'][$i]['href']; ?>" class="view_file_download">
                    <img src="<?=$board_skin_url?>/img/icon_file.gif" alt="첨부파일">
                    <strong><?=$view['file'][$i]['source']?></strong>
                    <span> (<?=$view['file'][$i]['size']?>)</span>
@ -184,10 +184,22 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
 <script>
-function file_download(link, file) {
+<? if ($board['bo_download_point'] < 0) { ?>
-    <? if ($board['bo_download_point'] < 0) { ?>if (confirm("'"+file+"' 파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?"))<?}?>
+$(function() {
-    document.location.href=link;
+    $("a.view_file_download").click(function() {
-}
+        var msg = "파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?";
        if(confirm(msg)) {
            var href = $(this).attr("href")+"&js=on";
            $(this).attr("href", href);
            return true;
        } else {
            return false;
        }
    });
 });
 <?}?>
 function board_move(href)
 {
--- a/skin/board/gallery/view.skin.php
+++ b/skin/board/gallery/view.skin.php
@ -40,7 +40,7 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
            if (isset($view['file'][$i]['source']) && $view['file'][$i]['source'] && !$view['file'][$i]['view']) {
        ?>
            <li>
-                <a href="<? echo $view['file'][$i]['href']; ?>" onclick="javascript:file_download('<? echo $view['file'][$i]['href'].'&amp;confirm=yes'; ?>', '<?=$view['file'][$i]['source']?>'); return false;">
+                <a href="<? echo $view['file'][$i]['href']; ?>" class="view_file_download">
                    <img src="<?=$board_skin_url?>/img/icon_file.gif" alt="첨부파일">
                    <strong><?=$view['file'][$i]['source']?></strong>
                    <span> (<?=$view['file'][$i]['size']?>)</span>
@ -182,10 +182,22 @@ include_once(G4_LIB_PATH.'/thumbnail.lib.php');
 <script>
-function file_download(link, file) {
+<? if ($board['bo_download_point'] < 0) { ?>
-    <? if ($board['bo_download_point'] < 0) { ?>if (confirm("'"+file+"' 파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?"))<?}?>
+$(function() {
-    document.location.href=link;
+    $("a.view_file_download").click(function() {
-}
+        var msg = "파일을 다운로드 하시면 포인트가 차감(<?=number_format($board['bo_download_point'])?>점)됩니다.\n\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\n\n그래도 다운로드 하시겠습니까?";
        if(confirm(msg)) {
            var href = $(this).attr("href")+"&js=on";
            $(this).attr("href", href);
            return true;
        } else {
            return false;
        }
    });
 });
 <?}?>
 function board_move(href)
 {
--- a/skin/latest/basic/latest.skin.php
+++ b/skin/latest/basic/latest.skin.php
@ -2,8 +2,6 @@
 if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 ?>
 <link rel="stylesheet" href="<?=$latest_skin_url?>/style.css">
 <div class="lt">
    <strong class="lt_title"><a href="<?=G4_BBS_URL?>/board.php?bo_table=<?=$bo_table?>"><?=$bo_subject?></a></strong>
    <ul>
--- a/skin/member/basic/register_form.skin.php
+++ b/skin/member/basic/register_form.skin.php
@ -103,12 +103,12 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
        <? if ($config['cf_req_addr']) {?><strong class="sound_only">필수</strong><? } ?>
    </th>
    <td>
-        <input type="text" name="mb_zip1" value="<?=$member['mb_zip1']?>" id="reg_mb_zip1" <?=$config['cf_req_addr']?"required":"";?> title="우편번호 앞자리" class="frm_input <?=$config['cf_req_addr']?"required":"";?>" size="2" maxlength="3">
+        <input type="text" name="mb_zip1" value="<?=$member['mb_zip1']?>" id="reg_mb_zip1" <?=$config['cf_req_addr']?"required":"";?> title="우편번호 앞자리<?=$config['cf_req_addr']?"(필수)":"";?>" class="frm_input <?=$config['cf_req_addr']?"required":"";?>" size="2" maxlength="3">
        -
-        <input type="text"  name="mb_zip2" value="<?=$member['mb_zip2']?>" id="reg_mb_zip2" <?=$config['cf_req_addr']?"required":"";?> title="우편번호 뒷자리" class="frm_input <?=$config['cf_req_addr']?"required":"";?>" size="2" maxlength="3">
+        <input type="text"  name="mb_zip2" value="<?=$member['mb_zip2']?>" id="reg_mb_zip2" <?=$config['cf_req_addr']?"required":"";?> title="우편번호 뒷자리<?=$config['cf_req_addr']?"(필수)":"";?>" class="frm_input <?=$config['cf_req_addr']?"required":"";?>" size="2" maxlength="3">
        <a href="<? echo $zip_href; ?>" id="reg_zip_find" class="btn_frmline win_zip_find" target="_blank">주소찾기</a>
-        <input type="text"  name="mb_addr1" value="<?=$member['mb_addr1']?>" id="reg_mb_addr1" <?=$config['cf_req_addr']?"required":"";?> title="행정구역주소" class="frm_input frm_address <?=$config['cf_req_addr']?"required":"";?>" size="50">
+        <input type="text"  name="mb_addr1" value="<?=$member['mb_addr1']?>" id="reg_mb_addr1" <?=$config['cf_req_addr']?"required":"";?> title="행정구역주소<?=$config['cf_req_addr']?"(필수)":"";?>" class="frm_input frm_address <?=$config['cf_req_addr']?"required":"";?>" size="50">
-        <input type="text" name="mb_addr2" value="<?=$member['mb_addr2']?>" id="reg_mb_addr2" <?=$config['cf_req_addr']?"required":"";?> title="상세주소" class="frm_input frm_address <?=$config['cf_req_addr']?"required":"";?>" size="50">
+        <input type="text" name="mb_addr2" value="<?=$member['mb_addr2']?>" id="reg_mb_addr2" <?=$config['cf_req_addr']?"required":"";?> title="상세주소<?=$config['cf_req_addr']?"(필수)":"";?>" class="frm_input frm_address <?=$config['cf_req_addr']?"required":"";?>" size="50">
    </td>
 </tr>
 <? } ?>