Merge branch 'gnuboard:master' into master

2022-06-21 18:06:23 +09:00
parent 958b9342b5 2366e8ebfb
commit 444c6d88c2
186 changed files with 8382 additions and 8125 deletions
--- a/README.md
+++ b/README.md
--- a/adm/_common.php
+++ b/adm/_common.php
@ -1,32 +1,10 @@
 <?php
 define('G5_IS_ADMIN', true);
-include_once ('../common.php');
+require_once '../common.php';
-include_once(G5_ADMIN_PATH.'/admin.lib.php');
+require_once G5_ADMIN_PATH . '/admin.lib.php';
 if (isset($token)) {
    $token = @htmlspecialchars(strip_tags($token), ENT_QUOTES);
 }
 if( ! function_exists('check_data_htaccess_file') ) {
    function check_data_htaccess_file() {
        $save_path = G5_DATA_PATH.'/.htaccess';
        if( file_exists($save_path) && is_writable($save_path) ) {
            $code = file_get_contents($save_path);
            $add_code = 'RedirectMatch 403 /session/.*';
            if( strpos($code, $add_code) === false ){
                $fp = fopen($save_path, "ab");
                flock( $fp, LOCK_EX );
                fwrite( $fp, "\n\n" );
                fwrite( $fp,  $add_code );
                fwrite( $fp, "\n\n" );
                flock( $fp, LOCK_UN );
                fclose($fp);
            }
        }
    }
    check_data_htaccess_file();
 }
 run_event('admin_common');
--- a/adm/_rewrite_config_form.php
+++ b/adm/_rewrite_config_form.php
@ -1,5 +1,7 @@
 <?php
-if (!defined('_GNUBOARD_')) exit;
+if (!defined('_GNUBOARD_')) {
    exit;
 }
 $is_use_apache = (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false);
--- a/adm/admin.head.php
+++ b/adm/admin.head.php
@ -1,5 +1,7 @@
 <?php
-if (!defined('_GNUBOARD_')) exit;
+if (!defined('_GNUBOARD_')) {
    exit;
 }
 $g5_debug['php']['begin_time'] = $begin_time = get_microtime();
@ -10,14 +12,16 @@ if (is_array($files)) {
        $fileinfo = pathinfo($css_file);
        $ext = $fileinfo['extension'];
-        if( $ext !== 'css' ) continue;
+        if ($ext !== 'css') {
            continue;
        }
        $css_file = str_replace(G5_ADMIN_PATH, G5_ADMIN_URL, $css_file);
        add_stylesheet('<link rel="stylesheet" href="' . $css_file . '">', $k);
    }
 }
-include_once(G5_PATH.'/head.sub.php');
+require_once G5_PATH . '/head.sub.php';
 function print_menu1($key, $no = '')
 {
@ -33,21 +37,25 @@ function print_menu2($key, $no='')
    global $menu, $auth_menu, $is_admin, $auth, $g5, $sub_menu;
    $str = "<ul>";
-    for($i=1; $i<count($menu[$key]); $i++)
+    for ($i = 1; $i < count($menu[$key]); $i++) {
    {
        if (!isset($menu[$key][$i])) {
            continue;
        }
-        if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0],$auth) || !strstr($auth[$menu[$key][$i][0]], 'r')))
+        if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0], $auth) || !strstr($auth[$menu[$key][$i][0]], 'r'))) {
            continue;
        }
        $gnb_grp_div = $gnb_grp_style = '';
        if (isset($menu[$key][$i][4])) {
-            if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) $gnb_grp_div = 'gnb_grp_div';
+            if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) {
                $gnb_grp_div = 'gnb_grp_div';
            }
-            if ($menu[$key][$i][4] == 1) $gnb_grp_style = 'gnb_grp_style';
+            if ($menu[$key][$i][4] == 1) {
                $gnb_grp_style = 'gnb_grp_style';
            }
        }
        $current_class = '';
@ -82,8 +90,7 @@ if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){
    var tempX = 0;
    var tempY = 0;
-function imageview(id, w, h)
+    function imageview(id, w, h) {
 {
        menu(id);
@ -141,8 +148,9 @@ function imageview(id, w, h)
                }
                $current_class = "";
-                if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu'.$key][0][0], 0, 3)))
+                if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu' . $key][0][0], 0, 3))) {
                    $current_class = " on";
                }
                $button_title = $menu['menu' . $key][0][1];
            ?>
@ -182,9 +190,7 @@ jQuery(function($){
                } else {
                    delete_cookie(menu_cookie_key);
                }
-        }
+            } catch (err) {}
        catch(err) {
        }
            $("#container").toggleClass("container-small");
            $("#gnb").toggleClass("gnb_small");
--- a/adm/admin.lib.php
+++ b/adm/admin.lib.php
@ -1,5 +1,7 @@
 <?php
-if (!defined('_GNUBOARD_')) exit;
+if (!defined('_GNUBOARD_')) {
    exit;
 }
 /*
 // 081022 : CSRF 방지를 위해 코드를 작성했으나 효과가 없어 주석처리 함
@ -29,11 +31,14 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
    $str = "<select id=\"$id\" name=\"$name\" $event>\n";
    for ($i = 0; $i < count($skins); $i++) {
-        if ($i == 0) $str .= "<option value=\"\">선택</option>";
+        if ($i == 0) {
-        if(preg_match('#^theme/(.+)$#', $skins[$i], $match))
+            $str .= "<option value=\"\">선택</option>";
        }
        if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
            $text = '(테마) ' . $match[1];
-        else
+        } else {
            $text = $skins[$i];
        }
        $str .= option_selected($skins[$i], $selected, $text);
    }
@ -61,11 +66,14 @@ function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event=''
    $str = "<select id=\"$id\" name=\"$name\" $event>\n";
    for ($i = 0; $i < count($skins); $i++) {
-        if ($i == 0) $str .= "<option value=\"\">선택</option>";
+        if ($i == 0) {
-        if(preg_match('#^theme/(.+)$#', $skins[$i], $match))
+            $str .= "<option value=\"\">선택</option>";
        }
        if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
            $text = '(테마) ' . $match[1];
-        else
+        } else {
            $text = $skins[$i];
        }
        $str .= option_selected($skins[$i], $selected, $text);
    }
@ -82,14 +90,19 @@ function get_skin_dir($skin, $skin_path=G5_SKIN_PATH)
    $result_array = array();
    $dirname = $skin_path . '/' . $skin . '/';
-    if(!is_dir($dirname))
+    if (!is_dir($dirname)) {
        return array();
    }
    $handle = opendir($dirname);
    while ($file = readdir($handle)) {
-        if($file == '.'||$file == '..') continue;
+        if ($file == '.' || $file == '..') {
            continue;
        }
-        if (is_dir($dirname.$file)) $result_array[] = $file;
+        if (is_dir($dirname . $file)) {
            $result_array[] = $file;
        }
    }
    closedir($handle);
    sort($result_array);
@ -106,14 +119,17 @@ function get_theme_dir()
    $dirname = G5_PATH . '/' . G5_THEME_DIR . '/';
    $handle = opendir($dirname);
    while ($file = readdir($handle)) {
-        if($file == '.'||$file == '..') continue;
+        if ($file == '.' || $file == '..') {
            continue;
        }
        if (is_dir($dirname . $file)) {
            $theme_path = $dirname . $file;
-            if(is_file($theme_path.'/index.php') && is_file($theme_path.'/head.php') && is_file($theme_path.'/tail.php'))
+            if (is_file($theme_path . '/index.php') && is_file($theme_path . '/head.php') && is_file($theme_path . '/tail.php')) {
                $result_array[] = $file;
            }
        }
    }
    closedir($handle);
    natsort($result_array);
@ -129,12 +145,14 @@ function get_theme_info($dir)
    if (is_dir($path)) {
        $screenshot = $path . '/screenshot.png';
        $screenshot_url = '';
        if (is_file($screenshot)) {
            $size = @getimagesize($screenshot);
-            if($size[2] == 3)
+            if ($size[2] == 3) {
                $screenshot_url = str_replace(G5_PATH, G5_URL, $screenshot);
            }
        }
        $info['screenshot'] = $screenshot_url;
@ -162,9 +180,10 @@ function get_theme_info($dir)
            $info['license_uri'] = trim($m7[1]);
        }
-        if(!$info['theme_name'])
+        if (!$info['theme_name']) {
            $info['theme_name'] = $dir;
        }
    }
    return $info;
 }
@ -177,8 +196,8 @@ function get_theme_config_value($dir, $key='*')
    $theme_config_file = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir . '/theme.config.php';
    if (is_file($theme_config_file)) {
-        include($theme_config_file);
+        include $theme_config_file;
-
+        // 22.05.26 Undefined Variable $theme_config;
        if ($key == '*') {
            $tconfig = $theme_config;
        } else {
@ -199,12 +218,15 @@ function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $
    global $g5;
    $str = "\n<select id=\"{$name}\" name=\"{$name}\"";
-    if ($event) $str .= " $event";
+    if ($event) {
        $str .= " $event";
    }
    $str .= ">\n";
    for ($i = $start_id; $i <= $end_id; $i++) {
        $str .= '<option value="' . $i . '"';
-        if ($i == $selected)
+        if ($i == $selected) {
            $str .= ' selected="selected"';
        }
        $str .= ">{$i}</option>\n";
    }
    $str .= "</select>\n";
@ -220,10 +242,11 @@ function get_member_id_select($name, $level, $selected="", $event="")
    $sql = " select mb_id from {$g5['member_table']} where mb_level >= '{$level}' ";
    $result = sql_query($sql);
    $str = '<select id="' . $name . '" name="' . $name . '" ' . $event . '><option value="">선택안함</option>';
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+    for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
        $str .= '<option value="' . $row['mb_id'] . '"';
-        if ($row['mb_id'] == $selected) $str .= ' selected';
+        if ($row['mb_id'] == $selected) {
            $str .= ' selected';
        }
        $str .= '>' . $row['mb_id'] . '</option>';
    }
    $str .= '</select>';
@ -231,11 +254,11 @@ function get_member_id_select($name, $level, $selected="", $event="")
 }
 // php8 버전 호환 권한 검사 함수
-function auth_check_menu($auth, $sub_menu, $attr, $return=false) {
+function auth_check_menu($auth, $sub_menu, $attr, $return = false)
 {
    $check_auth = isset($auth[$sub_menu]) ? $auth[$sub_menu] : '';
    return auth_check($check_auth, $attr, $return);
 }
 // 권한 검사
@ -243,46 +266,53 @@ function auth_check($auth, $attr, $return=false)
 {
    global $is_admin;
-    if ($is_admin == 'super') return;
+    if ($is_admin == 'super') {
        return;
    }
    if (!trim($auth)) {
        $msg = '이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.';
-        if($return)
+        if ($return) {
            return $msg;
-        else
+        } else {
            alert($msg);
        }
    }
    $attr = strtolower($attr);
    if (!strstr($auth, $attr)) {
        if ($attr == 'r') {
            $msg = '읽을 권한이 없습니다.';
-            if($return)
+            if ($return) {
                return $msg;
-            else
+            } else {
                alert($msg);
            }
        } else if ($attr == 'w') {
            $msg = '입력, 추가, 생성, 수정 권한이 없습니다.';
-            if($return)
+            if ($return) {
                return $msg;
-            else
+            } else {
                alert($msg);
            }
        } else if ($attr == 'd') {
            $msg = '삭제 권한이 없습니다.';
-            if($return)
+            if ($return) {
                return $msg;
-            else
+            } else {
                alert($msg);
            }
        } else {
            $msg = '속성이 잘못 되었습니다.';
-            if($return)
+            if ($return) {
                return $msg;
-            else
+            } else {
                alert($msg);
            }
        }
    }
 }
 // 작업아이콘 출력
@ -292,10 +322,11 @@ function icon($act, $link='', $target='_parent')
    $img = array('입력' => 'insert', '추가' => 'insert', '생성' => 'insert', '수정' => 'modify', '삭제' => 'delete', '이동' => 'move', '그룹' => 'move', '보기' => 'view', '미리보기' => 'view', '복사' => 'copy');
    $icon = '<img src="' . G5_ADMIN_PATH . '/img/icon_' . $img[$act] . '.gif" title="' . $act . '">';
-    if ($link)
+    if ($link) {
        $s = '<a href="' . $link . '">' . $icon . '</a>';
-    else
+    } else {
        $s = $icon;
    }
    return $s;
 }
@ -308,9 +339,10 @@ function rm_rf($file)
        if (is_dir($file)) {
            $handle = opendir($file);
            while ($filename = readdir($handle)) {
-                if ($filename != '.' && $filename != '..')
+                if ($filename != '.' && $filename != '..') {
                    rm_rf($file . '/' . $filename);
                }
            }
            closedir($handle);
            @chmod($file, G5_DIR_PERMISSION);
@ -364,7 +396,8 @@ function get_admin_token()
 }
 // 관리자가 자동등록방지를 사용해야 할 경우
-function get_admin_captcha_by($type='get'){
+function get_admin_captcha_by($type = 'get')
 {
    $captcha_name = 'ss_admin_use_captcha';
@ -376,7 +409,8 @@ function get_admin_captcha_by($type='get'){
 }
 //input value 에서 xss 공격 filter 역할을 함 ( 반드시 input value='' 타입에만 사용할것 )
-function get_sanitize_input($s, $is_html=false){
+function get_sanitize_input($s, $is_html = false)
 {
    if (!$is_html) {
        $s = strip_tags($s);
@ -387,7 +421,8 @@ function get_sanitize_input($s, $is_html=false){
    return $s;
 }
-function check_log_folder($log_path, $is_delete=true){
+function check_log_folder($log_path, $is_delete = true)
 {
    if (is_writable($log_path)) {
@ -439,8 +474,9 @@ function check_admin_token()
    $token = get_session('ss_admin_token');
    set_session('ss_admin_token', '');
-    if(!$token || !$_REQUEST['token'] || $token != $_REQUEST['token'])
+    if (!$token || !$_REQUEST['token'] || $token != $_REQUEST['token']) {
        alert('올바른 방법으로 이용해 주십시오.', G5_URL);
    }
    return true;
 }
@ -452,11 +488,12 @@ function admin_referer_check($return=false)
    if (!$referer) {
        $msg = '정보가 올바르지 않습니다.';
-        if($return)
+        if ($return) {
            return $msg;
-        else
+        } else {
            alert($msg, G5_URL);
        }
    }
    $p = @parse_url($referer);
@ -480,13 +517,18 @@ function admin_referer_check($return=false)
    }
 }
-function admin_check_xss_params($params){
+function admin_check_xss_params($params)
 {
-    if( ! $params ) return;
+    if (!$params) {
        return;
    }
    foreach ($params as $key => $value) {
-        if ( empty($value) ) continue;
+        if (empty($value)) {
            continue;
        }
        if (is_array($value)) {
            admin_check_xss_params($value);
@ -499,7 +541,8 @@ function admin_check_xss_params($params){
    return;
 }
-function admin_menu_find_by($call, $search_key){
+function admin_menu_find_by($call, $search_key)
 {
    global $menu;
    static $cache_menu = array();
@ -507,12 +550,18 @@ function admin_menu_find_by($call, $search_key){
    if (empty($cache_menu)) {
        foreach ($menu as $k1 => $arr1) {
-            if (empty($arr1) ) continue;
+            if (empty($arr1)) {
                continue;
            }
            foreach ($arr1 as $k2 => $arr2) {
-                if (empty($arr2) ) continue;
+                if (empty($arr2)) {
                    continue;
                }
                $menu_key = isset($arr2[3]) ? $arr2[3] : '';
-                if (empty($menu_key) ) continue;
+                if (empty($menu_key)) {
                    continue;
                }
                $cache_menu[$menu_key] = array(
                    'sub_menu' => $arr2[0],
@ -531,22 +580,17 @@ function admin_menu_find_by($call, $search_key){
 }
 // 접근 권한 검사
-if (!$member['mb_id'])
+if (!$member['mb_id']) {
 {
    alert('로그인 하십시오.', G5_BBS_URL . '/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL)));
-}
+} else if ($is_admin != 'super') {
 else if ($is_admin != 'super')
 {
    $auth = array();
    $sql = " select au_menu, au_auth from {$g5['auth_table']} where mb_id = '{$member['mb_id']}' ";
    $result = sql_query($sql);
-    for($i=0; $row=sql_fetch_array($result); $i++)
+    for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
        $auth[$row['au_menu']] = $row['au_auth'];
    }
-    if (!$i)
+    if (!$i) {
    {
        alert('최고관리자 또는 관리권한이 있는 회원만 접근 가능합니다.', G5_URL);
    }
 }
@ -557,7 +601,7 @@ if (get_session('ss_mb_key') !== $admin_key) {
    session_destroy();
-    include_once(G5_LIB_PATH.'/mailer.lib.php');
+    include_once G5_LIB_PATH . '/mailer.lib.php';
    // 메일 알림
    mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'] . ' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.' . G5_URL, 0);
@ -577,15 +621,16 @@ unset($amenu);
 $tmp = dir(G5_ADMIN_PATH);
 $menu_files = array();
 while ($entry = $tmp->read()) {
-    if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m))
+    if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m)) {
        continue;  // 파일명이 menu 으로 시작하지 않으면 무시한다.
    }
    $amenu[$m[1]] = $entry;
    $menu_files[] = G5_ADMIN_PATH . '/' . $entry;
 }
@asort($menu_files);
 foreach ($menu_files as $file) {
-    include_once($file);
+    include_once $file;
 }
@ksort($amenu);
@ -595,11 +640,21 @@ if( isset($menu) && $menu ){
 }
 $arr_query = array();
-if (isset($sst))  $arr_query[] = 'sst='.$sst;
+if (isset($sst)) {
-if (isset($sod))  $arr_query[] = 'sod='.$sod;
+    $arr_query[] = 'sst=' . $sst;
-if (isset($sfl))  $arr_query[] = 'sfl='.$sfl;
+}
-if (isset($stx))  $arr_query[] = 'stx='.$stx;
+if (isset($sod)) {
-if (isset($page)) $arr_query[] = 'page='.$page;
+    $arr_query[] = 'sod=' . $sod;
 }
 if (isset($sfl)) {
    $arr_query[] = 'sfl=' . $sfl;
 }
 if (isset($stx)) {
    $arr_query[] = 'stx=' . $stx;
 }
 if (isset($page)) {
    $arr_query[] = 'page=' . $page;
 }
 $qstr = implode("&amp;", $arr_query);
 if (isset($_REQUEST) && $_REQUEST) {
--- a/adm/admin.menu400.shop_1of2.php
+++ b/adm/admin.menu400.shop_1of2.php
@ -1,5 +1,7 @@
 <?php
-if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return;
+if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
    return;
 }
 $menu['menu400'] = array(
    array('400000', '쇼핑몰관리', G5_ADMIN_URL . '/shop_admin/', 'shop_config'),
--- a/adm/admin.menu500.shop_2of2.php
+++ b/adm/admin.menu500.shop_2of2.php
@ -1,5 +1,7 @@
 <?php
-if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return;
+if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
    return;
 }
 $menu['menu500'] = array(
    array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'shop_stats'),
--- a/adm/admin.tail.php
+++ b/adm/admin.tail.php
@ -1,5 +1,7 @@
 <?php
-if (!defined('_GNUBOARD_')) exit;
+if (!defined('_GNUBOARD_')) {
    exit;
 }
 // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전이 통합됨에 따라 그누보드 버전만 표시
 // $print_version = defined('G5_YOUNGCART_VER') ? 'YoungCart Version '.G5_YOUNGCART_VER : 'Version '.G5_GNUBOARD_VER;
@ -26,7 +28,9 @@ $print_version = 'Version '.G5_GNUBOARD_VER;
 <script>
    $(".scroll_top").click(function() {
-     $("body,html").animate({scrollTop:0},400);
+        $("body,html").animate({
            scrollTop: 0
        }, 400);
    })
 </script>
@ -131,8 +135,7 @@ function submenu_hide() {
        $(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
    }
-function menu_rearrange(el)
+    function menu_rearrange(el) {
 {
        var width = $("#gnb_1dul").width();
        var left = w1 = w2 = 0;
        var idx = $(".gnb_1dli").index(el);
@ -148,8 +151,7 @@ function menu_rearrange(el)
            left += w1;
        }
    }
 </script>
 <?php
-include_once(G5_PATH.'/tail.sub.php');
+require_once G5_PATH . '/tail.sub.php';
--- a/adm/ajax.token.php
+++ b/adm/ajax.token.php
@ -1,12 +1,12 @@
 <?php
-include_once('./_common.php');
+require_once './_common.php';
 include_once(G5_LIB_PATH.'/json.lib.php');
 set_session('ss_admin_token', '');
 $error = admin_referer_check(true);
-if($error)
+if ($error) {
    die(json_encode(array('error' => $error, 'url' => G5_URL)));
 }
 $token = get_admin_token();
--- a/adm/ajax.use_captcha.php
+++ b/adm/ajax.use_captcha.php
@ -1,5 +1,5 @@
 <?php
-include_once('./_common.php');
+require_once './_common.php';
 if (isset($_POST['admin_use_captcha'])) {
    set_session('ss_admin_use_captcha', true);
--- a/adm/auth_list.php
+++ b/adm/auth_list.php
@ -1,9 +1,10 @@
 <?php
 $sub_menu = "100200";
-include_once('./_common.php');
+require_once './_common.php';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 $sql_common = " from {$g5['auth_table']} a left join {$g5['member_table']} b on (a.mb_id=b.mb_id) ";
@ -33,7 +34,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select *
@ -46,7 +49,7 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall btn_ov02">전체목록</a>';
 $g5['title'] = "관리권한설정";
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 5;
 ?>
@ -91,8 +94,7 @@ $colspan = 5;
            <tbody>
                <?php
                $count = 0;
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
                    $is_continue = false;
                    // 회원아이디가 없는 메뉴는 삭제함
                    if ($row['mb_id'] == '' && $row['mb_nick'] == '') {
@ -101,14 +103,14 @@ $colspan = 5;
                    }
                    // 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
-        if (!isset($auth_menu[$row['au_menu']]))
+                    if (!isset($auth_menu[$row['au_menu']])) {
        {
                        sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
                        $is_continue = true;
                    }
-        if($is_continue)
+                    if ($is_continue) {
                        continue;
                    }
                    $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
@ -133,8 +135,9 @@ $colspan = 5;
                    $count++;
                }
-    if ($count == 0)
+                if ($count == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -148,10 +151,11 @@ $colspan = 5;
    //if (isset($stx))
    //    echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
-if (strstr($sfl, 'mb_id'))
+    if (strstr($sfl, 'mb_id')) {
        $mb_id = $stx;
-else
+    } else {
        $mb_id = '';
    }
    ?>
 </form>
@ -198,11 +202,11 @@ echo $pagelist;
                            <select id="au_menu" name="au_menu" required class="required">
                                <option value=''>선택하세요</option>
                                <?php
-                    foreach($auth_menu as $key=>$value)
+                                foreach ($auth_menu as $key => $value) {
-                    {
+                                    if (!(substr($key, -3) == '000' || $key == '-' || !$key)) {
                        if (!(substr($key, -3) == '000' || $key == '-' || !$key))
                                        echo '<option value="' . $key . '">' . $key . ' ' . $value . '</option>';
                                    }
                                }
                                ?>
                            </select>
                        </td>
@ -222,7 +226,7 @@ echo $pagelist;
                        <th scope="row">자동등록방지</th>
                        <td>
                            <?php
-                include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+                            require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
                            $captcha_html = captcha_html();
                            $captcha_js   = chk_captcha_js();
                            echo $captcha_html;
@ -248,8 +252,7 @@ function fauth_add_submit(f){
        return true;
    }
-function fauthlist_submit(f)
+    function fauthlist_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -266,4 +269,4 @@ function fauthlist_submit(f)
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/auth_list_delete.php
+++ b/adm/auth_list_delete.php
@ -1,26 +1,27 @@
 <?php
 $sub_menu = "100200";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 check_admin_token();
 $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
 $post_act_button = isset($_POST['act_button']) ? clean_xss_tags($_POST['act_button'], 1, 1) : '';
-if (!$count)
+if (!$count) {
    alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
 }
 if ((isset($_POST['mb_id']) && !is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && !is_array($_POST['au_menu']))) {
    alert("잘못된 요청입니다.");
 }
-for ($i=0; $i<$count; $i++)
+for ($i = 0; $i < $count; $i++) {
 {
    // 실제 번호를 넘김
    $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
--- a/adm/auth_update.php
+++ b/adm/auth_update.php
@ -1,23 +1,25 @@
 <?php
 $sub_menu = "100200";
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_LIB_PATH.'/mailer.lib.php');
+require_once G5_LIB_PATH . '/mailer.lib.php';
 $au_menu = isset($_POST['au_menu']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['au_menu']) : '';
 $post_r = isset($_POST['r']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['r']) : '';
 $post_w = isset($_POST['w']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['w']) : '';
 $post_d = isset($_POST['d']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['d']) : '';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 $mb = get_member($mb_id);
-if (!$mb['mb_id'])
+if (!$mb['mb_id']) {
    alert('존재하는 회원아이디가 아닙니다.');
 }
 check_admin_token();
-include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
 if (!chk_captcha()) {
    alert('자동등록방지 숫자가 틀렸습니다.');
@ -27,7 +29,7 @@ $sql = " insert into {$g5['auth_table']}
            set mb_id   = '$mb_id',
                au_menu = '$au_menu',
                au_auth = '{$post_r},{$post_w},{$post_d}' ";
-$result = sql_query($sql, FALSE);
+$result = sql_query($sql, false);
 if (!$result) {
    $sql = " update {$g5['auth_table']}
                set au_auth = '{$post_r},{$post_w},{$post_d}'
--- a/adm/board_copy.php
+++ b/adm/board_copy.php
@ -1,11 +1,16 @@
 <?php
 $sub_menu = "300100";
-include_once("./_common.php");
+require_once "./_common.php";
 auth_check_menu($auth, $sub_menu, 'w');
 $g5['title'] = '게시판 복사';
-include_once(G5_PATH.'/head.sub.php');
+require_once G5_PATH . '/head.sub.php';
 $bo_table = $_REQUEST['bo_table'];
 if (empty($bo_table)) {
    alert_close("정상적인 방법으로 이용해주세요.");
 }
 ?>
 <script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script>
@ -56,9 +61,9 @@ include_once(G5_PATH.'/head.sub.php');
 </div>
 <script>
-function fboardcopy_check(f)
+    function fboardcopy_check(f) {
 {
        <?php
        if (!$w) {
            $js_array = get_bo_table_banned_word();
            echo "var banned_array = " . json_encode($js_array) . ";\n";
@ -82,4 +87,4 @@ function fboardcopy_check(f)
 <?php
-include_once(G5_PATH.'/tail.sub.php');
+require_once G5_PATH . '/tail.sub.php';
--- a/adm/board_copy_update.php
+++ b/adm/board_copy_update.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '300100';
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -8,11 +8,18 @@ auth_check_menu($auth, $sub_menu, 'w');
 check_admin_token();
 $bo_table       = isset($_POST['bo_table']) ? $_POST['bo_table'] : null;
 $target_table   = isset($_POST['target_table']) ? trim($_POST['target_table']) : '';
 $target_subject = isset($_POST['target_subject']) ? trim($_POST['target_subject']) : '';
 $target_subject = strip_tags(clean_xss_attributes($target_subject));
 $file_copy      = array();
 if (empty($bo_table)) {
    alert("원본 테이블 정보가 없습니다.");
 }
 if (!preg_match('/[A-Za-z0-9_]{1,20}/', $target_table)) {
    alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
 }
@ -23,16 +30,15 @@ if ( $w == '' && in_array($target_table, get_bo_table_banned_word()) ){
 }
 $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '$target_table' ");
-if ($row['cnt'])
+if ($row['cnt']) {
    alert($target_table . '은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.');
 }
 // 게시판 테이블 생성
 $sql = get_table_define($g5['write_prefix'] . $bo_table);
 $sql = str_replace($g5['write_prefix'] . $bo_table, $g5['write_prefix'] . $target_table, $sql);
 sql_query($sql, false);
 $file_copy = array();
 // 구조만 복사시에는 공지사항 번호는 복사하지 않는다.
 if ($copy_case == 'schema_only') {
    $board['bo_notice'] = '';
@ -146,7 +152,9 @@ $copy_file = 0;
 if ($copy_case == 'schema_data_both') {
    $d = dir(G5_DATA_PATH . '/file/' . $bo_table);
    while ($entry = $d->read()) {
-        if ($entry == '.' || $entry == '..') continue;
+        if ($entry == '.' || $entry == '..') {
            continue;
        }
        // 김선용 201007 :
        if (is_dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry)) {
@ -154,14 +162,15 @@ if ($copy_case == 'schema_data_both') {
            @mkdir(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
            @chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
            while ($entry2 = $dd->read()) {
-                if ($entry2 == '.' || $entry2 == '..') continue;
+                if ($entry2 == '.' || $entry2 == '..') {
                    continue;
                }
                @copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry . '/' . $entry2, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2);
                @chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2, G5_DIR_PERMISSION);
                $copy_file++;
            }
            $dd->close();
-        }
+        } else {
        else {
            @copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry);
            @chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
            $copy_file++;
@ -185,13 +194,13 @@ if ($copy_case == 'schema_data_both') {
    // 위의 코드는 같은 테이블명을 사용하였다는 오류가 발생함. (희한하네 ㅡㅡ;)
    $sql = " select * from {$g5['board_file_table']} where bo_table = '$bo_table' ";
    $result = sql_query($sql, false);
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+    for ($i = 0; $row = sql_fetch_array($result); $i++) {
        $file_copy[$i] = $row;
    }
 }
 if (count($file_copy)) {
    for ($i = 0; $i < count($file_copy); $i++) {
        $file_copy[$i] = run_replace('admin_copy_update_file', $file_copy[$i], $file_copy[$i]['bf_file'], $bo_table, $target_table);
        $sql = " insert into {$g5['board_file_table']}
--- a/adm/board_delete.inc.php
+++ b/adm/board_delete.inc.php
@ -1,11 +1,18 @@
 <?php
 // board_delete.php , boardgroup_delete.php 에서 include 하는 파일
-if (!defined('_GNUBOARD_')) exit;
+// 개별 페이지 접근 불가
-if (!defined('_BOARD_DELETE_')) exit; // 개별 페이지 접근 불가
+if (!defined('_GNUBOARD_')) {
    exit;
 }
 if (!defined('_BOARD_DELETE_')) {
    exit;
 }
 // $tmp_bo_table 에는 $bo_table 값을 넘겨주어야 함
-if (!$tmp_bo_table) { return; }
+if (!$tmp_bo_table) {
    return;
 }
 // 게시판 1개는 삭제 불가 (게시판 복사를 위해서)
 //$row = sql_fetch(" select count(*) as cnt from $g5['board_table'] ");
@ -24,7 +31,7 @@ sql_query(" delete from {$g5['scrap_table']} where bo_table = '{$tmp_bo_table}'
 sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$tmp_bo_table}' ");
 // 게시판 테이블 DROP
-sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", FALSE);
+sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", false);
 // 좋아요 테이블에서 기록 삭제
 sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_table}' ");
--- a/adm/board_form.php
+++ b/adm/board_form.php
@ -1,14 +1,15 @@
 <?php
 $sub_menu = "300100";
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_EDITOR_LIB);
+require_once G5_EDITOR_LIB;
 auth_check_menu($auth, $sub_menu, 'w');
 $sql = " select count(*) as cnt from {$g5['group_table']} ";
 $row = sql_fetch($sql);
-if (!$row['cnt'])
+if (!$row['cnt']) {
    alert('게시판그룹이 한개 이상 생성되어야 합니다.', './boardgroup_form.php');
 }
 $html_title = '게시판';
@ -50,9 +51,11 @@ if (!isset($board['bo_use_sns'])) {
    $result = sql_query(" select bo_table from `{$g5['board_table']}` ");
    for ($i=0; $row=sql_fetch_array($result); $i++) {
-        sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
+        sql_query(
            " ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
                    ADD `wr_facebook_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_ip`,
-                    ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false);
+                    ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false
        );
    }
 }
@ -67,8 +70,10 @@ if (!isset($board['bo_use_list_file'])) {
    $result = sql_query(" select bo_table from `{$g5['board_table']}` ");
    for ($i=0; $row=sql_fetch_array($result); $i++) {
-        sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
+        sql_query(
-                    ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false);
+            " ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
                    ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false
        );
    }
 }
@ -142,7 +147,6 @@ $readonly = "";
 $sound_only = "";
 $required_valid = "";
 if ($w == '') {
    $html_title .= ' 생성';
    $required = 'required';
@ -179,21 +183,20 @@ if ($w == '') {
    $board['bo_use_secret'] = 0;
    $board['bo_include_head'] = '_head.php';
    $board['bo_include_tail'] = '_tail.php';
 } elseif ($w == 'u') {
    $html_title .= ' 수정';
-    if (!$board['bo_table'])
+    if (!$board['bo_table']) {
        alert('존재하지 않은 게시판 입니다.');
    }
    if ($is_admin == 'group') {
-        if ($member['mb_id'] != $group['gr_admin'])
+        if ($member['mb_id'] != $group['gr_admin']) {
            alert('그룹이 틀립니다.');
        }
    }
    $readonly = 'readonly';
 }
 if ($is_admin != 'super') {
@ -202,7 +205,7 @@ if ($is_admin != 'super') {
 }
 $g5['title'] = $html_title;
-include_once ('./admin.head.php');
+require_once './admin.head.php';
 $pg_anchor = '<ul class="anchor">
    <li><a href="#anc_bo_basic">기본 설정</a></li>
@ -253,7 +256,9 @@ $pg_anchor = '<ul class="anchor">
            <th scope="row"><label for="gr_id">그룹<strong class="sound_only">필수</strong></label></th>
            <td colspan="2">
                <?php echo get_group_select('gr_id', $board['gr_id'], 'required'); ?>
-                <?php if ($w=='u') { ?><a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a><?php } ?>
+                <?php if ($w=='u') { ?>
                    <a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a>
                <?php } ?>
            </td>
        </tr>
        <tr>
@ -548,7 +553,9 @@ $pg_anchor = '<ul class="anchor">
                <?php
                $arr = get_skin_dir('', G5_EDITOR_PATH);
                for ($i=0; $i<count($arr); $i++) {
-                    if ($i == 0) echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
+                    if ($i == 0) {
                        echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
                    }
                    echo "<option value=\"".$arr[$i]."\"".get_selected($board['bo_select_editor'], $arr[$i]).">".$arr[$i]."</option>\n";
                }
                ?>
@ -934,7 +941,7 @@ $pg_anchor = '<ul class="anchor">
                <?php
                echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
-                include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+                include_once G5_CAPTCHA_PATH.'/captcha.lib.php';
                $captcha_html = captcha_html();
                $captcha_js   = chk_captcha_js();
                echo $captcha_html;
@ -1193,7 +1200,6 @@ $pg_anchor = '<ul class="anchor">
                <?php echo help('리스트에서 기본으로 정렬에 사용할 필드를 선택합니다. "기본"으로 사용하지 않으시는 경우 속도가 느려질 수 있습니다.') ?>
                <select id="bo_sort_field" name="bo_sort_field">
                    <?php foreach (get_board_sort_fields($board) as $v) {
                        $option_value = $order_by_str = $v[0];
                        if ($v[0] === 'wr_num, wr_reply') {
                            $selected = (! $board['bo_sort_field']) ? 'selected="selected"' : '';
@ -1489,4 +1495,4 @@ function fboardform_submit(f)
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@ -2,22 +2,31 @@
 $sub_menu = "300100";
 include_once('./_common.php');
-if ($w == 'u')
+if ($w == 'u') {
    check_demo();
 }
 auth_check_menu($auth, $sub_menu, 'w');
 check_admin_token();
-$gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_POST['gr_id']) : '';
+$gr_id              = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', (string)$_POST['gr_id']) : '';
 $bo_admin           = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : '';
 $bo_subject         = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : '';
 $bo_mobile_subject  = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : '';
-if (!$gr_id) { alert('그룹 ID는 반드시 선택하세요.'); }
+if (!$gr_id) {
-if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); }
+    alert('그룹 ID는 반드시 선택하세요.');
-if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); }
+}
-if (!$bo_subject) { alert('게시판 제목을 입력하세요.'); }
+if (!$bo_table) {
    alert('게시판 TABLE명은 반드시 입력하세요.');
 }
 if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) {
    alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
 }
 if (!$bo_subject) {
    alert('게시판 제목을 입력하세요.');
 }
 // 게시판명이 금지된 단어로 되어 있으면
 if ($w == '' && in_array($bo_table, get_bo_table_banned_word())) {
@ -28,7 +37,7 @@ $bo_include_head = isset($_POST['bo_include_head']) ? preg_replace(array("#[\\\]
 $bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_tail'], 0, 255)) : '';
 // 관리자가 자동등록방지를 사용해야 할 경우
-if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
+if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
    include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
    if (!chk_captcha()) {
@ -84,7 +93,7 @@ $src_char = array('&', '=');
 $dst_char = array('＆', '〓');
 $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $dst_char, $_POST['bo_category_list']) : '';
 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
-$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
+$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$bo_category_list);
 $bo_use_category = isset($_POST['bo_use_category']) ? (int) $_POST['bo_use_category'] : 0;
 $bo_use_sideview = isset($_POST['bo_use_sideview']) ? (int) $_POST['bo_use_sideview'] : 0;
@ -260,10 +269,10 @@ $sql_common .= " bo_insert_content   = '{$bo_insert_content}',
                bo_10               = '{$bo_10}' ";
 if ($w == '') {
    $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '{$bo_table}' ");
-    if ($row['cnt'])
+    if ($row['cnt']) {
        alert($bo_table . ' 은(는) 이미 존재하는 TABLE 입니다.');
    }
    $sql = " insert into {$g5['board_table']}
                set bo_table = '{$bo_table}',
@ -284,10 +293,8 @@ if ($w == '') {
    $source = array('/__TABLE_NAME__/', '/;/');
    $target = array($create_table, '');
    $sql = preg_replace($source, $target, $sql);
-    sql_query($sql, FALSE);
+    sql_query($sql, false);
 } elseif ($w == 'u') {
    // 게시판의 글 수
    $sql = " select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
    $row = sql_fetch($sql);
@ -327,8 +334,7 @@ if ($w == '') {
        for ($i = 0; $i < count($tmp_array); $i++) {
            $tmp_wr_id = trim($tmp_array[$i]);
            $row = sql_fetch(" select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_id = '{$tmp_wr_id}' ");
-            if ($row['cnt'])
+            if ($row['cnt']) {
            {
                $bo_notice .= $lf . $tmp_wr_id;
                $lf = ",";
            }
@ -342,7 +348,6 @@ if ($w == '') {
                    {$sql_common}
              where bo_table = '{$bo_table}' ";
    sql_query($sql);
 }
@ -527,8 +532,9 @@ if ($all_fields) {
 delete_cache_latest($bo_table);
-if(function_exists('get_admin_captcha_by'))
+if (function_exists('get_admin_captcha_by')) {
    get_admin_captcha_by('remove');
 }
 run_event('admin_board_form_update', $bo_table, $w);
--- a/adm/board_list.php
+++ b/adm/board_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "300100";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -40,7 +40,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
@ -49,7 +51,7 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
 $g5['title'] = '게시판관리';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 15;
 ?>
@ -60,7 +62,6 @@ $colspan = 15;
 </div>
 <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
    <label for="sfl" class="sound_only">검색대상</label>
    <select name="sfl" id="sfl">
        <option value="bo_table" <?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
@ -70,11 +71,8 @@ $colspan = 15;
    <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
    <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
    <input type="submit" value="검색" class="btn_submit">
 </form>
 <form name="fboardlist" id="fboardlist" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);" method="post">
    <input type="hidden" name="sst" value="<?php echo $sst ?>">
    <input type="hidden" name="sod" value="<?php echo $sod ?>">
@ -188,8 +186,9 @@ $colspan = 15;
                    </tr>
                <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -199,8 +198,6 @@ $colspan = 15;
        <input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
        <?php if ($is_admin == 'super') { ?>
            <input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
    <?php } ?>
    <?php if ($is_admin == 'super') { ?>
            <a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
        <?php } ?>
    </div>
@ -210,8 +207,7 @@ $colspan = 15;
 <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page='); ?>
 <script>
-function fboardlist_submit(f)
+    function fboardlist_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -235,4 +231,4 @@ $(function(){
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "300100";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -16,11 +16,9 @@ if (! $post_count_chk) {
 check_admin_token();
 if ($act_button === "선택수정") {
    auth_check_menu($auth, $sub_menu, 'w');
    for ($i = 0; $i < $post_count_chk; $i++) {
        // 실제 번호를 넘김
        $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -43,9 +41,10 @@ if ($act_button === "선택수정") {
                        and a.gr_id = b.gr_id
                        and b.gr_admin = '{$member['mb_id']}' ";
            $row = sql_fetch($sql);
-            if (!$row['cnt'])
+            if (!$row['cnt']) {
                alert('최고관리자가 아닌 경우 다른 관리자의 게시판(' . $board_table[$k] . ')은 수정이 불가합니다.');
            }
        }
        $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
@ -66,15 +65,17 @@ if ($act_button === "선택수정") {
        sql_query($sql);
    }
 } elseif ($act_button === "선택삭제") {
-
+    if ($is_admin != 'super') {
    if ($is_admin != 'super')
        alert('게시판 삭제는 최고관리자만 가능합니다.');
    }
    auth_check_menu($auth, $sub_menu, 'd');
    // _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함
    /* 확인필요 22.05.27
    A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects,
    or it should execute logic with side effects, but should not do both.*/
    define('_BOARD_DELETE_', true);
    for ($i = 0; $i < $post_count_chk; $i++) {
@ -85,11 +86,9 @@ if ($act_button === "선택수정") {
        $tmp_bo_table = isset($_POST['board_table'][$k]) ? trim(clean_xss_tags($_POST['board_table'][$k], 1, 1)) : '';
        if (preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table)) {
-            include ('./board_delete.inc.php');
+            include './board_delete.inc.php';
        }
    }
 }
 run_event('admin_board_list_update', $act_button, $chk, $board_table, $qstr);
--- a/adm/board_thumbnail_delete.php
+++ b/adm/board_thumbnail_delete.php
@ -1,14 +1,15 @@
 <?php
 $sub_menu = '300100';
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
-if(!$board['bo_table'])
+if (!$board['bo_table']) {
    alert('존재하지 않는 게시판입니다.');
 }
 $g5['title'] = $board['bo_subject'] . ' 게시판 썸네일 삭제';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <div class="local_desc02 local_desc">
@ -33,10 +34,11 @@ if(is_dir($dir)) {
            flush();
-            if ($cnt%10==0)
+            if (($cnt % 10) == 0) {
                echo PHP_EOL;
            }
        }
    }
    echo '<li>완료됨</li></ul>' . PHP_EOL;
    echo '<div class="local_desc01 local_desc"><p><strong>썸네일 ' . $cnt . '건의 삭제 완료됐습니다.</strong></p></div>' . PHP_EOL;
@ -48,4 +50,4 @@ if(is_dir($dir)) {
 <div class="btn_confirm01 btn_confirm"><a href="./board_form.php?w=u&amp;bo_table=<?php echo $bo_table; ?>&amp;<?php echo $qstr; ?>">게시판 수정으로 돌아가기</a></div>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/boardgroup_form.php
+++ b/adm/boardgroup_form.php
@ -1,10 +1,12 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
-if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.');
+if ($is_admin != 'super' && $w == '') {
    alert('최고관리자만 접근 가능합니다.');
 }
 $html_title = '게시판그룹';
 $gr_id_attr = '';
@ -16,26 +18,30 @@ if( ! isset($group['gr_id']) ){
    $group['gr_device'] = '';
 }
 $gr = array('gr_use_access' => 0, 'gr_admin' => '');
 if ($w == '') {
    $gr_id_attr = 'required';
    $sound_only = '<strong class="sound_only"> 필수</strong>';
    $gr = array('gr_use_access' => 0, 'gr_admin'=>'');
    $html_title .= ' 생성';
 } elseif ($w == 'u') {
    $gr_id_attr = 'readonly';
    $gr = sql_fetch(" select * from {$g5['group_table']} where gr_id = '$gr_id' ");
    $html_title .= ' 수정';
-}
+} else {
 else
    alert('제대로 된 값이 넘어오지 않았습니다.');
 }
 if (!isset($group['gr_device'])) {
    sql_query(" ALTER TABLE `{$g5['group_table']}` ADD `gr_device` ENUM('both','pc','mobile') NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false);
 }
 // 접근회원수
 $sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
 $row1 = sql_fetch($sql1);
 $group_member_count = $row1['cnt'];
 $g5['title'] = $html_title;
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <form name="fboardgroup" id="fboardgroup" action="./boardgroup_form_update.php" onsubmit="return fboardgroup_check(this);" method="post" autocomplete="off">
@ -59,10 +65,11 @@ include_once('./admin.head.php');
                    <th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
                    <td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
                        <?php
-            if ($w=='')
+                        if ($w == '') {
                            echo '영문자, 숫자, _ 만 가능 (공백없이)';
-            else
+                        } else {
                            echo '<a href="' . G5_BBS_URL . '/group.php?gr_id=' . $group['gr_id'] . '" class="btn_frmline">게시판그룹 바로가기</a>';
                        }
                        ?>
                    </td>
                </tr>
@ -71,8 +78,9 @@ include_once('./admin.head.php');
                    <td>
                        <input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
                        <?php
-            if ($w == 'u')
+                        if ($w == 'u') {
                            echo '<a href="./board_form.php?gr_id=' . $gr_id . '" class="btn_frmline">게시판생성</a>';
                        }
                        ?>
                    </td>
                </tr>
@ -88,13 +96,22 @@ include_once('./admin.head.php');
                    </td>
                </tr>
                <tr>
-        <th scope="row"><?php if ($is_admin == 'super') { ?><label for="gr_admin"><?php } ?>그룹 관리자<?php if ($is_admin == 'super') { ?></label><?php } ?></th>
+                    <th scope="row">
                        <?php
                        if ($is_admin == 'super') {
                            echo '<label for="gr_admin">그룹 관리자</label>';
                        } else {
                            echo '그룹 관리자';
                        }
                        ?>
                    </th>
                    <td>
                        <?php
-            if ($is_admin == 'super')
+                        if ($is_admin == 'super') {
                            echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="' . $gr['gr_admin'] . '" maxlength="20">';
-            else
+                        } else {
                            echo '<input type="hidden" id="gr_admin" name="gr_admin" value="' . $gr['gr_admin'] . '">' . $gr['gr_admin'];
                        }
                        ?>
                    </td>
                </tr>
@ -110,10 +127,7 @@ include_once('./admin.head.php');
                    <th scope="row">접근회원수</th>
                    <td>
                        <?php
-            // 접근회원수
+                        echo '<a href="./boardgroupmember_list.php?gr_id=' . $gr_id . '">' . $group_member_count . '</a>';
            $sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
            $row1 = sql_fetch($sql1);
            echo '<a href="./boardgroupmember_list.php?gr_id='.$gr_id.'">'.$row1['cnt'].'</a>';
                        ?>
                    </td>
                </tr>
@ -147,12 +161,11 @@ include_once('./admin.head.php');
 </div>
 <script>
-function fboardgroup_check(f)
+    function fboardgroup_check(f) {
 {
        f.action = './boardgroup_form_update.php';
        return true;
    }
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/boardgroup_form_update.php
+++ b/adm/boardgroup_form_update.php
@ -1,22 +1,28 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
-if ($w == 'u')
+if ($w == 'u') {
    check_demo();
 }
 auth_check_menu($auth, $sub_menu, 'w');
-if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.');
+if ($is_admin != 'super' && $w == '') {
    alert('최고관리자만 접근 가능합니다.');
 }
 check_admin_token();
 $gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : '';
-if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id))
+if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) {
    alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)');
 }
-if (!$gr_subject) alert('그룹 제목을 입력하세요.');
+if (empty($gr_subject)) {
    alert('그룹 제목을 입력하세요.');
 }
 $posts = array();
@ -62,30 +68,28 @@ $sql_common = " gr_subject = '{$posts['gr_subject']}',
                gr_8 = '{$posts['gr_8']}',
                gr_9 = '{$posts['gr_9']}',
                gr_10 = '{$posts['gr_10']}' ";
-if (isset($_POST['gr_use_access']))
+if (isset($_POST['gr_use_access'])) {
    $sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' ";
-else
+} else {
    $sql_common .= ", gr_use_access = '' ";
 }
 if ($w == '') {
    $sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' ";
    $row = sql_fetch($sql);
-    if ($row['cnt'])
+    if ($row['cnt']) {
        alert('이미 존재하는 그룹 ID 입니다.');
    }
    $sql = " insert into {$g5['group_table']}
                set gr_id = '{$gr_id}',
                     {$sql_common} ";
    sql_query($sql);
 } elseif ($w == "u") {
    $sql = " update {$g5['group_table']}
                set {$sql_common}
                where gr_id = '{$gr_id}' ";
    sql_query($sql);
 } else {
    alert('제대로 된 값이 넘어오지 않았습니다.');
 }
--- a/adm/boardgroup_list.php
+++ b/adm/boardgroup_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -16,8 +16,9 @@ if (!isset($group['gr_device'])) {
 $sql_common = " from {$g5['group_table']} ";
 $sql_search = " where (1) ";
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    $sql_search .= " and (gr_admin = '{$member['mb_id']}') ";
 }
 if ($stx) {
    $sql_search .= " and ( ";
@ -33,10 +34,11 @@ if ($stx) {
    $sql_search .= " ) ";
 }
-if ($sst)
+if ($sst) {
    $sql_order = " order by {$sst} {$sod} ";
-else
+} else {
    $sql_order = " order by gr_id asc ";
 }
 $sql = " select count(*) as cnt {$sql_common} {$sql_search} {$sql_order} ";
 $row = sql_fetch($sql);
@ -44,7 +46,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
@ -53,7 +57,7 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">처음</a>';
 $g5['title'] = '게시판그룹설정';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 10;
 ?>
@ -106,8 +110,7 @@ $colspan = 10;
            </thead>
            <tbody>
                <?php
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
                    // 접근회원수
                    $sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
                    $row1 = sql_fetch($sql1);
@ -160,11 +163,11 @@ $colspan = 10;
                        </td>
                        <td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
                    </tr>
                <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
        </table>
    </div>
@ -189,8 +192,7 @@ echo $pagelist;
 ?>
 <script>
-function fboardgrouplist_submit(f)
+    function fboardgrouplist_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -207,4 +209,4 @@ function fboardgrouplist_submit(f)
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/boardgroup_list_update.php
+++ b/adm/boardgroup_list_update.php
@ -1,8 +1,6 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
 //print_r2($_POST); exit;
 check_demo();
@ -14,13 +12,13 @@ $post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array();
 $post_group_id  = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array();
 $act_button     = isset($_POST['act_button']) ? $_POST['act_button'] : '';
-$count = count($post_chk);
+$chk_count = count($post_chk);
-if(!$count)
+if (!$chk_count) {
    alert($act_button . '할 게시판그룹을 1개이상 선택해 주세요.');
 }
-for ($i=0; $i<$count; $i++)
+for ($i = 0; $i < $chk_count; $i++) {
 {
    $k              = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
    $gr_id          = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
    $gr_subject     = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
@ -37,13 +35,15 @@ for ($i=0; $i<$count; $i++)
                        gr_use_access = '" . $gr_use_access . "',
                        gr_order      = '" . $gr_order . "'
                  where gr_id         = '{$gr_id}' ";
-        if ($is_admin != 'super')
+        if ($is_admin != 'super') {
            $sql .= " and gr_admin    = '{$gr_admin}' ";
        }
        sql_query($sql);
    } elseif ($act_button == '선택삭제') {
        $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");
-        if ($row['cnt'])
+        if ($row['cnt']) {
            alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx=' . $gr_id);
        }
        // 그룹 삭제
        sql_query(" delete from {$g5['group_table']} where gr_id = '$gr_id' ");
@ -53,6 +53,6 @@ for ($i=0; $i<$count; $i++)
    }
 }
-run_event('admin_boardgroup_list_update', $act_button, $chk, $post_group_id, $qstr);
+run_event('admin_boardgroup_list_update', $act_button, $post_chk, $post_group_id, $qstr);
 goto_url('./boardgroup_list.php?' . $qstr);
--- a/adm/boardgroupmember_form.php
+++ b/adm/boardgroupmember_form.php
@ -1,17 +1,18 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
 $mb = get_member($mb_id);
 $token = isset($token) ? $token : '';
-if (! (isset($mb['mb_id']) && $mb['mb_id']))
+if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
    alert('존재하지 않는 회원입니다.');
 }
 $g5['title'] = '접근가능그룹';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 4;
 ?>
@ -19,13 +20,14 @@ $colspan = 4;
 <form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php" onsubmit="return boardgroupmember_form_check(this)" method="post">
    <input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
    <input type="hidden" name="token" value="" id="token">
    <div class="local_ov01 local_ov">
        <span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
        <span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
        <span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
    </div>
 <div class="local_cmd01 local_cmd">
    <div class="local_cmd01 local_cmd">
        <label for="gr_id">그룹지정</label>
        <select name="gr_id" id="gr_id">
            <option value="">접근가능 그룹을 선택하세요.</option>
@ -33,9 +35,9 @@ $colspan = 4;
            $sql = " select *
                        from {$g5['group_table']}
                        where gr_use_access = 1 ";
-        //if ($is_admin == 'group') {
+            if ($is_admin != 'super') {
        if ($is_admin != 'super')
                $sql .= " and gr_admin = '{$member['mb_id']}' ";
            }
            $sql .= " order by gr_id ";
            $result = sql_query($sql);
            for ($i = 0; $row = sql_fetch_array($result); $i++) {
@ -76,8 +78,9 @@ $colspan = 4;
                $sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
                        where a.mb_id = '{$mb['mb_id']}'
                        and a.gr_id = b.gr_id ";
-    if ($is_admin != 'super')
+                if ($is_admin != 'super') {
                    $sql .= " and b.gr_admin = '{$member['mb_id']}' ";
                }
                $sql .= " order by a.gr_id desc ";
                $result = sql_query($sql);
                for ($i = 0; $row = sql_fetch_array($result); $i++) {
@ -108,8 +111,7 @@ $colspan = 4;
 </form>
 <script>
-function fboardgroupmember_submit(f)
+    function fboardgroupmember_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -118,8 +120,7 @@ function fboardgroupmember_submit(f)
        return true;
    }
-function boardgroupmember_form_check(f)
+    function boardgroupmember_form_check(f) {
 {
        if (f.gr_id.value == '') {
            alert('접근가능 그룹을 선택하세요.');
            return false;
@ -130,4 +131,4 @@ function boardgroupmember_form_check(f)
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/boardgroupmember_list.php
+++ b/adm/boardgroupmember_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -11,8 +11,8 @@ if (!$gr['gr_id']) {
 $sql_common = " from {$g5['group_member_table']} a
                         left outer join {$g5['member_table']} b on (a.mb_id = b.mb_id) ";
 $sql_search = " where gr_id = '{$gr_id}' ";
 // 회원아이디로 검색되지 않던 오류를 수정
 if (isset($stx) && $stx) {
    $sql_search .= " and ( ";
@ -39,7 +39,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select *
@ -50,7 +52,7 @@ $sql = " select *
 $result = sql_query($sql);
 $g5['title'] = $gr['gr_subject'] . ' 그룹 접근가능회원 (그룹아이디:' . $gr['gr_id'] . ')';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 7;
 ?>
@ -95,14 +97,14 @@ $colspan = 7;
            </thead>
            <tbody>
                <?php
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
                    // 접근가능한 그룹수
                    $sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
                    $row2 = sql_fetch($sql2);
                    $group = "";
-        if ($row2['cnt'])
+                    if ($row2['cnt']) {
                        $group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
                    }
                    $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
@ -123,8 +125,7 @@ $colspan = 7;
                <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
    {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
@ -137,11 +138,12 @@ $colspan = 7;
    </div>
 </form>
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page="); ?>
+<?php
 echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page=");
 ?>
 <script>
-function fboardgroupmember_submit(f)
+    function fboardgroupmember_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -152,4 +154,4 @@ function fboardgroupmember_submit(f)
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/boardgroupmember_update.php
+++ b/adm/boardgroupmember_update.php
@ -1,20 +1,19 @@
 <?php
 $sub_menu = "300200";
-include_once('./_common.php');
+require_once './_common.php';
 sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( 11 ) DEFAULT '0' NOT NULL AUTO_INCREMENT ", false);
-if ($w == '')
+if ($w == '') {
 {
    auth_check_menu($auth, $sub_menu, 'w');
    $mb = get_member($mb_id);
-    if (!$mb['mb_id']) {
+    if (empty($mb['mb_id'])) {
        alert('존재하지 않는 회원입니다.');
    }
    $gr = get_group($gr_id);
-    if (!$gr['gr_id']) {
+    if (empty($gr['gr_id'])) {
        alert('존재하지 않는 그룹입니다.');
    }
@ -25,9 +24,7 @@ if ($w == '')
    $row = sql_fetch($sql);
    if ($row['cnt']) {
        alert('이미 등록되어 있는 자료입니다.');
-    }
+    } else {
    else
    {
        check_admin_token();
        $sql = " insert into {$g5['group_member_table']}
@ -36,14 +33,13 @@ if ($w == '')
                         gm_datetime = '" . G5_TIME_YMDHIS . "' ";
        sql_query($sql);
    }
-}
+} elseif ($w == 'd' || $w == 'ld') {
 else if ($w == 'd' || $w == 'ld')
 {
    auth_check_menu($auth, $sub_menu, 'd');
    $count = count($_POST['chk']);
-    if(!$count)
+    if (!$count) {
        alert('삭제할 목록을 하나이상 선택해 주세요.');
    }
    check_admin_token();
@ -52,18 +48,20 @@ else if ($w == 'd' || $w == 'ld')
        $sql = " select * from {$g5['group_member_table']} where gm_id = '$gm_id' ";
        $gm = sql_fetch($sql);
        if (!$gm['gm_id']) {
-            if($count == 1)
+            if ($count == 1) {
                alert('존재하지 않는 자료입니다.');
-            else
+            } else {
                continue;
            }
        }
        $sql = " delete from {$g5['group_member_table']} where gm_id = '$gm_id' ";
        sql_query($sql);
    }
 }
-if ($w == 'ld')
+if ($w == 'ld') {
    goto_url('./boardgroupmember_list.php?gr_id=' . $gr_id);
-else
+} else {
    goto_url('./boardgroupmember_form.php?mb_id=' . $mb_id);
 }
--- a/adm/browscap.php
+++ b/adm/browscap.php
@ -1,15 +1,17 @@
 <?php
 $sub_menu = "100510";
-include_once('./_common.php');
+require_once './_common.php';
-if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
+if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
    alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
 }
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 $g5['title'] = 'Browscap 업데이트';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <div id="processing">
@ -41,4 +43,4 @@ $(function() {
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/browscap_convert.php
+++ b/adm/browscap_convert.php
@ -1,19 +1,22 @@
 <?php
 $sub_menu = "100520";
-include_once('./_common.php');
+require_once './_common.php';
-if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
+if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
    alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
 }
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 $rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0;
-if(!$rows)
+if (!$rows) {
    $rows = 100;
 }
 $g5['title'] = '접속로그 변환';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <div id="processing">
@ -29,7 +32,9 @@ $(function() {
            $.ajax({
                method: "GET",
                url: "./browscap_converter.php",
-            data: { rows: "<?php echo $rows; ?>" },
+                data: {
                    rows: "<?php echo strval($rows); ?>"
                },
                async: true,
                cache: false,
                dataType: "html",
@ -42,4 +47,4 @@ $(function() {
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/browscap_converter.php
+++ b/adm/browscap_converter.php
@ -1,15 +1,17 @@
 <?php
 ini_set('memory_limit', '-1');
-include_once('./_common.php');
+require_once './_common.php';
 // clean the output buffer
 ob_end_clean();
-if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
+if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
    die('사용할 수 없는 기능입니다.');
 }
-if($is_admin != 'super')
+if ($is_admin != 'super') {
    die('최고관리자로 로그인 후 실행해 주세요.');
 }
 // browscap cache 파일 체크
 if (!is_file(G5_DATA_PATH . '/cache/browscap_cache.php')) {
@ -18,19 +20,20 @@ if(!is_file(G5_DATA_PATH.'/cache/browscap_cache.php')) {
    exit;
 }
-include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php');
+require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
 $browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
 $browscap->doAutoUpdate = false;
 $browscap->cacheFilename = 'browscap_cache.php';
 // 데이터 변환
-$rows = preg_replace('#[^0-9]#', '', $_GET['rows']);
+$rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0;
-if(!$rows)
+if (!$rows) {
    $rows = 100;
 }
 $sql_common = " from {$g5['visit_table']} where vi_agent <> '' and ( vi_browser = '' or vi_os = '' or vi_device = '' ) ";
 $sql_order  = " order by vi_id desc ";
-$sql_limit  = " limit 0, $rows ";
+$sql_limit  = " limit 0, " . strval($rows) . " ";
 $sql = " select count(vi_id) as cnt $sql_common ";
 $row = sql_fetch($sql);
@ -47,16 +50,19 @@ for($i=0; $row=sql_fetch_array($result); $i++) {
    $info = $browscap->getBrowser($row['vi_agent']);
    $brow = $row['vi_browser'];
-    if(!$brow)
+    if (!$brow) {
        $brow = $info->Comment;
    }
    $os = $row['vi_os'];
-    if(!$os)
+    if (!$os) {
        $os = $info->Platform;
    }
    $device = $row['vi_device'];
-    if(!$device)
+    if (!$device) {
        $device = $info->Device_Type;
    }
    $sql2 = " update {$g5['visit_table']}
                set vi_browser  = '$brow',
@ -68,7 +74,8 @@ for($i=0; $row=sql_fetch_array($result); $i++) {
    $cnt++;
 }
-if(($total_count - $cnt) == 0 || $total_count == 0)
+if (($total_count - $cnt) == 0 || $total_count == 0) {
    echo '<div class="check_processing"></div><p>변환완료</p>';
-else
+} else {
    echo '<p>총 ' . number_format($total_count) . '건 중 ' . number_format($cnt) . '건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>';
 }
--- a/adm/browscap_update.php
+++ b/adm/browscap_update.php
@ -2,18 +2,20 @@
 ini_set('memory_limit', '-1');
 $sub_menu = "100510";
-include_once('./_common.php');
+require_once './_common.php';
 // clean the output buffer
 ob_end_clean();
-if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
+if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
    die('사용할 수 없는 기능입니다.');
 }
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    die('최고관리자만 접근 가능합니다.');
 }
-include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php');
+require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
 $browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
 $browscap->updateMethod = 'cURL';
--- a/adm/cache_file_delete.php
+++ b/adm/cache_file_delete.php
@ -1,11 +1,12 @@
 <?php
 $sub_menu = '100900';
-include_once('./_common.php');
+require_once './_common.php';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.', G5_URL);
 }
-@include_once('./safe_check.php');
+@require_once './safe_check.php';
 if (function_exists('social_log_file_delete')) {
    social_log_file_delete();
 }
@ -13,7 +14,7 @@ if(function_exists('social_log_file_delete')){
 run_event('adm_cache_file_delete_before');
 $g5['title'] = '캐시파일 일괄삭제';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <div class="local_desc02 local_desc">
@ -44,10 +45,11 @@ if (is_array($files)) {
        flush();
-        if ($cnt%10==0) 
+        if ($cnt % 10 == 0) {
            echo PHP_EOL;
        }
    }
 }
 run_event('adm_cache_file_delete');
@ -56,4 +58,4 @@ echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 '.$
 ?>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/captcha_file_delete.php
+++ b/adm/captcha_file_delete.php
@ -1,12 +1,13 @@
 <?php
 $sub_menu = '100910';
-include_once('./_common.php');
+require_once './_common.php';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.', G5_URL);
 }
 $g5['title'] = '캡챠파일 일괄삭제';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <div class="local_desc02 local_desc">
@ -31,7 +32,9 @@ if (is_array($files)) {
    foreach ($files as $gcaptcha_file) {
        $modification_time = filemtime($gcaptcha_file); // 파일접근시간
-        if ($modification_time > $before_time) continue;
+        if ($modification_time > $before_time) {
            continue;
        }
        $cnt++;
        unlink($gcaptcha_file);
@ -39,14 +42,15 @@ if (is_array($files)) {
        flush();
-        if ($cnt%10==0) 
+        if ($cnt % 10 == 0) {
            echo PHP_EOL;
        }
    }
 }
 echo '<li>완료됨</li></ul>' . PHP_EOL;
 echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 ' . $cnt . '건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
 ?>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/config_form.php
+++ b/adm/config_form.php
@ -1,64 +1,92 @@
 <?php
 $sub_menu = "100100";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 if (!isset($config['cf_add_script'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_add_script` TEXT NOT NULL AFTER `cf_admin_email_name` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_add_script` TEXT NOT NULL AFTER `cf_admin_email_name` ",
        true
    );
 }
 if (!isset($config['cf_mobile_new_skin'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_mobile_new_skin` VARCHAR(255) NOT NULL AFTER `cf_memo_send_point`,
                    ADD `cf_mobile_search_skin` VARCHAR(255) NOT NULL AFTER `cf_mobile_new_skin`,
                    ADD `cf_mobile_connect_skin` VARCHAR(255) NOT NULL AFTER `cf_mobile_search_skin`,
-                    ADD `cf_mobile_member_skin` VARCHAR(255) NOT NULL AFTER `cf_mobile_connect_skin` ", true);
+                    ADD `cf_mobile_member_skin` VARCHAR(255) NOT NULL AFTER `cf_mobile_connect_skin` ",
        true
    );
 }
 if (isset($config['cf_gcaptcha_mp3'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    CHANGE `cf_gcaptcha_mp3` `cf_captcha_mp3` VARCHAR(255) NOT NULL DEFAULT '' ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    CHANGE `cf_gcaptcha_mp3` `cf_captcha_mp3` VARCHAR(255) NOT NULL DEFAULT '' ",
        true
    );
 } elseif (!isset($config['cf_captcha_mp3'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_captcha_mp3` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_mobile_member_skin` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_captcha_mp3` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_mobile_member_skin` ",
        true
    );
 }
 if (!isset($config['cf_editor'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_editor` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_captcha_mp3` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_editor` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_captcha_mp3` ",
        true
    );
 }
 if (!isset($config['cf_googl_shorturl_apikey'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_googl_shorturl_apikey` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_captcha_mp3` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_googl_shorturl_apikey` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_captcha_mp3` ",
        true
    );
 }
 if (!isset($config['cf_mobile_pages'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_mobile_pages` INT(11) NOT NULL DEFAULT '0' AFTER `cf_write_pages` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_mobile_pages` INT(11) NOT NULL DEFAULT '0' AFTER `cf_write_pages` ",
        true
    );
    sql_query(" UPDATE `{$g5['config_table']}` SET cf_mobile_pages = '5' ", true);
 }
 if (!isset($config['cf_facebook_appid'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_facebook_appid` VARCHAR(255) NOT NULL AFTER `cf_googl_shorturl_apikey`,
                    ADD `cf_facebook_secret` VARCHAR(255) NOT NULL AFTER `cf_facebook_appid`,
                    ADD `cf_twitter_key` VARCHAR(255) NOT NULL AFTER `cf_facebook_secret`,
-                    ADD `cf_twitter_secret` VARCHAR(255) NOT NULL AFTER `cf_twitter_key` ", true);
+                    ADD `cf_twitter_secret` VARCHAR(255) NOT NULL AFTER `cf_twitter_key` ",
        true
    );
 }
 // uniqid 테이블이 없을 경우 생성
 if (!sql_query(" DESC {$g5['uniqid_table']} ", false)) {
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['uniqid_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['uniqid_table']}` (
                  `uq_id` bigint(20) unsigned NOT NULL,
                  `uq_ip` varchar(255) NOT NULL,
                  PRIMARY KEY (`uq_id`)
-                ) ", false);
+                ) ",
        false
    );
 }
 if (!sql_query(" SELECT uq_ip from {$g5['uniqid_table']} limit 1 ", false)) {
@ -67,7 +95,8 @@ if(!sql_query(" SELECT uq_ip from {$g5['uniqid_table']} limit 1 ", false)) {
 // 임시저장 테이블이 없을 경우 생성
 if (!sql_query(" DESC {$g5['autosave_table']} ", false)) {
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['autosave_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['autosave_table']}` (
                  `as_id` int(11) NOT NULL AUTO_INCREMENT,
                  `mb_id` varchar(20) NOT NULL,
                  `as_uid` bigint(20) unsigned NOT NULL,
@ -77,32 +106,47 @@ if(!sql_query(" DESC {$g5['autosave_table']} ", false)) {
                  PRIMARY KEY (`as_id`),
                  UNIQUE KEY `as_uid` (`as_uid`),
                  KEY `mb_id` (`mb_id`)
-                ) ", false);
+                ) ",
        false
    );
 }
 if (!isset($config['cf_admin_email'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_admin_email` VARCHAR(255) NOT NULL AFTER `cf_admin` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_admin_email` VARCHAR(255) NOT NULL AFTER `cf_admin` ",
        true
    );
 }
 if (!isset($config['cf_admin_email_name'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_admin_email_name` VARCHAR(255) NOT NULL AFTER `cf_admin_email` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_admin_email_name` VARCHAR(255) NOT NULL AFTER `cf_admin_email` ",
        true
    );
 }
 if (!isset($config['cf_cert_use'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_cert_use` TINYINT(4) NOT NULL DEFAULT '0' AFTER `cf_editor`,
                    ADD `cf_cert_ipin` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_cert_use`,
                    ADD `cf_cert_hp` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_cert_ipin`,
                    ADD `cf_cert_kcb_cd` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_cert_hp`,
                    ADD `cf_cert_kcp_cd` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_cert_kcb_cd`,
-                    ADD `cf_cert_limit` INT(11) NOT NULL DEFAULT '0' AFTER `cf_cert_kcp_cd` ", true);
+                    ADD `cf_cert_limit` INT(11) NOT NULL DEFAULT '0' AFTER `cf_cert_kcp_cd` ",
-    sql_query(" ALTER TABLE `{$g5['member_table']}`
+        true
-                    CHANGE `mb_hp_certify` `mb_certify` VARCHAR(20) NOT NULL DEFAULT '' ", true);
+    );
    sql_query(
        " ALTER TABLE `{$g5['member_table']}`
                    CHANGE `mb_hp_certify` `mb_certify` VARCHAR(20) NOT NULL DEFAULT '' ",
        true
    );
    sql_query(" update {$g5['member_table']} set mb_certify = 'hp' where mb_certify = '1' ");
    sql_query(" update {$g5['member_table']} set mb_certify = '' where mb_certify = '0' ");
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['cert_history_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['cert_history_table']}` (
                  `cr_id` int(11) NOT NULL auto_increment,
                  `mb_id` varchar(255) NOT NULL DEFAULT '',
                  `cr_company` varchar(255) NOT NULL DEFAULT '',
@ -112,89 +156,131 @@ if(!isset($config['cf_cert_use'])) {
                  `cr_time` time NOT NULL DEFAULT '00:00:00',
                  PRIMARY KEY (`cr_id`),
                  KEY `mb_id` (`mb_id`)
-                )", true);
+                )",
        true
    );
 }
 if (!isset($config['cf_analytics'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_analytics` TEXT NOT NULL AFTER `cf_intercept_ip` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_analytics` TEXT NOT NULL AFTER `cf_intercept_ip` ",
        true
    );
 }
 if (!isset($config['cf_add_meta'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_add_meta` TEXT NOT NULL AFTER `cf_analytics` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_add_meta` TEXT NOT NULL AFTER `cf_analytics` ",
        true
    );
 }
 if (!isset($config['cf_syndi_token'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_syndi_token` VARCHAR(255) NOT NULL AFTER `cf_add_meta` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_syndi_token` VARCHAR(255) NOT NULL AFTER `cf_add_meta` ",
        true
    );
 }
 if (!isset($config['cf_syndi_except'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_syndi_except` TEXT NOT NULL AFTER `cf_syndi_token` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_syndi_except` TEXT NOT NULL AFTER `cf_syndi_token` ",
        true
    );
 }
 if (!isset($config['cf_sms_use'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_sms_use` varchar(255) NOT NULL DEFAULT '' AFTER `cf_cert_limit`,
                    ADD `cf_icode_id` varchar(255) NOT NULL DEFAULT '' AFTER `cf_sms_use`,
                    ADD `cf_icode_pw` varchar(255) NOT NULL DEFAULT '' AFTER `cf_icode_id`,
                    ADD `cf_icode_server_ip` varchar(255) NOT NULL DEFAULT '' AFTER `cf_icode_pw`,
-                    ADD `cf_icode_server_port` varchar(255) NOT NULL DEFAULT '' AFTER `cf_icode_server_ip` ", true);
+                    ADD `cf_icode_server_port` varchar(255) NOT NULL DEFAULT '' AFTER `cf_icode_server_ip` ",
        true
    );
 }
 if (!isset($config['cf_mobile_page_rows'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_mobile_page_rows` int(11) NOT NULL DEFAULT '0' AFTER `cf_page_rows` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_mobile_page_rows` int(11) NOT NULL DEFAULT '0' AFTER `cf_page_rows` ",
        true
    );
 }
 if (!isset($config['cf_cert_req'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_cert_req` tinyint(4) NOT NULL DEFAULT '0' AFTER `cf_cert_limit` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_cert_req` tinyint(4) NOT NULL DEFAULT '0' AFTER `cf_cert_limit` ",
        true
    );
 }
 if (!isset($config['cf_faq_skin'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_faq_skin` varchar(255) NOT NULL DEFAULT '' AFTER `cf_connect_skin`,
-                    ADD `cf_mobile_faq_skin` varchar(255) NOT NULL DEFAULT '' AFTER `cf_mobile_connect_skin` ", true);
+                    ADD `cf_mobile_faq_skin` varchar(255) NOT NULL DEFAULT '' AFTER `cf_mobile_connect_skin` ",
        true
    );
 }
 // LG유플러스 본인확인 필드 추가
 if (!isset($config['cf_lg_mid'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_lg_mid` varchar(255) NOT NULL DEFAULT '' AFTER `cf_cert_kcp_cd`,
-                    ADD `cf_lg_mert_key` varchar(255) NOT NULL DEFAULT '' AFTER `cf_lg_mid` ", true);
+                    ADD `cf_lg_mert_key` varchar(255) NOT NULL DEFAULT '' AFTER `cf_lg_mid` ",
        true
    );
 }
 if (!isset($config['cf_optimize_date'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_optimize_date` date NOT NULL default '0000-00-00' AFTER `cf_popular_del` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_optimize_date` date NOT NULL default '0000-00-00' AFTER `cf_popular_del` ",
        true
    );
 }
 // 카카오톡링크 api 키
 if (!isset($config['cf_kakao_js_apikey'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_kakao_js_apikey` varchar(255) NOT NULL DEFAULT '' AFTER `cf_googl_shorturl_apikey` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_kakao_js_apikey` varchar(255) NOT NULL DEFAULT '' AFTER `cf_googl_shorturl_apikey` ",
        true
    );
 }
 // SMS 전송유형 필드 추가
 if (!isset($config['cf_sms_type'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_sms_type` varchar(10) NOT NULL DEFAULT '' AFTER `cf_sms_use` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_sms_type` varchar(10) NOT NULL DEFAULT '' AFTER `cf_sms_use` ",
        true
    );
 }
 // 접속자 정보 필드 추가
 if (!sql_query(" select vi_browser from {$g5['visit_table']} limit 1 ")) {
-    sql_query(" ALTER TABLE `{$g5['visit_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['visit_table']}`
                    ADD `vi_browser` varchar(255) NOT NULL DEFAULT '' AFTER `vi_agent`,
                    ADD `vi_os` varchar(255) NOT NULL DEFAULT '' AFTER `vi_browser`,
-                    ADD `vi_device` varchar(255) NOT NULL DEFAULT '' AFTER `vi_os` ", true);
+                    ADD `vi_device` varchar(255) NOT NULL DEFAULT '' AFTER `vi_os` ",
        true
    );
 }
 //소셜 로그인 관련 필드 및 구글 리챕챠 필드 추가
 if (!isset($config['cf_social_login_use'])) {
-    sql_query("ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        "ALTER TABLE `{$g5['config_table']}`
                ADD `cf_social_login_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `cf_googl_shorturl_apikey`,
                ADD `cf_google_clientid` varchar(100) NOT NULL DEFAULT '' AFTER `cf_twitter_secret`,
                ADD `cf_google_secret` varchar(100) NOT NULL DEFAULT '' AFTER `cf_google_clientid`,
@ -207,23 +293,31 @@ if(!isset($config['cf_social_login_use'])) {
                ADD `cf_captcha` varchar(100) NOT NULL DEFAULT '' AFTER `cf_kakao_js_apikey`,
                ADD `cf_recaptcha_site_key` varchar(100) NOT NULL DEFAULT '' AFTER `cf_captcha`,
                ADD `cf_recaptcha_secret_key` varchar(100) NOT NULL DEFAULT '' AFTER `cf_recaptcha_site_key`
-    ", true);
+    ",
        true
    );
 }
 //소셜 로그인 관련 필드 카카오 클라이언트 시크릿 추가
 if (!isset($config['cf_kakao_client_secret'])) {
-    sql_query("ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        "ALTER TABLE `{$g5['config_table']}`
                ADD `cf_kakao_client_secret` varchar(100) NOT NULL DEFAULT '' AFTER `cf_kakao_rest_key`
-    ", true);
+    ",
        true
    );
 }
 // 회원 이미지 관련 필드 추가
 if (!isset($config['cf_member_img_size'])) {
-    sql_query("ALTER TABLE `{$g5['config_table']}`
+    sql_query(
        "ALTER TABLE `{$g5['config_table']}`
                ADD `cf_member_img_size` int(11) NOT NULL DEFAULT '0' AFTER `cf_member_icon_height`,
                ADD `cf_member_img_width` int(11) NOT NULL DEFAULT '0' AFTER `cf_member_img_size`,
                ADD `cf_member_img_height` int(11) NOT NULL DEFAULT '0' AFTER `cf_member_img_width`
-    ", true);
+    ",
        true
    );
    $sql = " update {$g5['config_table']} set cf_member_img_size = 50000, cf_member_img_width = 60, cf_member_img_height = 60 ";
    sql_query($sql, false);
@ -235,7 +329,8 @@ if(!isset($config['cf_member_img_size'])) {
 // 소셜 로그인 관리 테이블 없을 경우 생성
 if (!sql_query(" DESC {$g5['social_profile_table']} ", false)) {
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['social_profile_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['social_profile_table']}` (
                  `mp_no` int(11) NOT NULL AUTO_INCREMENT,
                  `mb_id` varchar(255) NOT NULL DEFAULT '',
                  `provider` varchar(50) NOT NULL DEFAULT '',
@ -250,25 +345,36 @@ if(!sql_query(" DESC {$g5['social_profile_table']} ", false)) {
                  UNIQUE KEY `mp_no` (`mp_no`),
                  KEY `mb_id` (`mb_id`),
                  KEY `provider` (`provider`)
-                ) ", true);
+                ) ",
        true
    );
 }
 // 짧은 URL 주소를 사용 여부 필드 추가
 if (!isset($config['cf_bbs_rewrite'])) {
-    sql_query(" ALTER TABLE `{$g5['config_table']}`
+    sql_query(
-                    ADD `cf_bbs_rewrite` tinyint(4) NOT NULL DEFAULT '0' AFTER `cf_link_target` ", true);
+        " ALTER TABLE `{$g5['config_table']}`
                    ADD `cf_bbs_rewrite` tinyint(4) NOT NULL DEFAULT '0' AFTER `cf_link_target` ",
        true
    );
 }
 // 읽지 않은 메모 수 칼럼 추가
 if (!isset($member['mb_memo_cnt'])) {
-    sql_query(" ALTER TABLE `{$g5['member_table']}`
+    sql_query(
-                ADD `mb_memo_cnt` int(11) NOT NULL DEFAULT '0' AFTER `mb_memo_call`", true);
+        " ALTER TABLE `{$g5['member_table']}`
                ADD `mb_memo_cnt` int(11) NOT NULL DEFAULT '0' AFTER `mb_memo_call`",
        true
    );
 }
 // 스크랩 읽은 수 추가
 if (!isset($member['mb_scrap_cnt'])) {
-    sql_query(" ALTER TABLE `{$g5['member_table']}`
+    sql_query(
-                ADD `mb_scrap_cnt` int(11) NOT NULL DEFAULT '0' AFTER `mb_memo_cnt`", true);
+        " ALTER TABLE `{$g5['member_table']}`
                ADD `mb_scrap_cnt` int(11) NOT NULL DEFAULT '0' AFTER `mb_memo_cnt`",
        true
    );
 }
 // 아이코드 토큰키 추가
@ -299,11 +405,15 @@ if(!isset($config['cf_cert_kg_mid']) ){
            ADD COLUMN `cf_cert_kg_mid` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_cert_kg_cd`; ";
    sql_query($sql, false);
 }
-if(!$config['cf_faq_skin']) $config['cf_faq_skin'] = "basic";
+if (!$config['cf_faq_skin']) {
-if(!$config['cf_mobile_faq_skin']) $config['cf_mobile_faq_skin'] = "basic";
+    $config['cf_faq_skin'] = "basic";
 }
 if (!$config['cf_mobile_faq_skin']) {
    $config['cf_mobile_faq_skin'] = "basic";
 }
 $g5['title'] = '환경설정';
-include_once ('./admin.head.php');
+require_once './admin.head.php';
 $pg_anchor = '<ul class="anchor">
    <li><a href="#anc_cf_basic">기본환경</a></li>
@ -322,8 +432,12 @@ $pg_anchor = '<ul class="anchor">
 </ul>';
-if (!$config['cf_icode_server_ip'])   $config['cf_icode_server_ip'] = '211.172.232.124';
+if (!$config['cf_icode_server_ip']) {
-if (!$config['cf_icode_server_port']) $config['cf_icode_server_port'] = '7295';
+    $config['cf_icode_server_ip'] = '211.172.232.124';
 }
 if (!$config['cf_icode_server_port']) {
    $config['cf_icode_server_port'] = '7295';
 }
 $userinfo = array('payment' => '');
 if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
@ -500,7 +614,9 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
                                <?php
                                $arr = get_skin_dir('', G5_EDITOR_PATH);
                                for ($i = 0; $i < count($arr); $i++) {
-                    if ($i == 0) echo "<option value=\"\">사용안함</option>";
+                                    if ($i == 0) {
                                        echo "<option value=\"\">사용안함</option>";
                                    }
                                    echo "<option value=\"" . $arr[$i] . "\"" . get_selected($config['cf_editor'], $arr[$i]) . ">" . $arr[$i] . "</option>\n";
                                }
                                ?>
@ -526,7 +642,9 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
                                <?php
                                $arr = get_skin_dir('mp3', str_replace(array('recaptcha_inv', 'recaptcha'), 'kcaptcha', G5_CAPTCHA_PATH));
                                for ($i = 0; $i < count($arr); $i++) {
-                    if ($i == 0) echo "<option value=\"\">선택</option>";
+                                    if ($i == 0) {
                                        echo "<option value=\"\">선택</option>";
                                    }
                                    echo "<option value=\"" . $arr[$i] . "\"" . get_selected($config['cf_captcha_mp3'], $arr[$i]) . ">" . $arr[$i] . "</option>\n";
                                }
                                ?>
@ -589,7 +707,9 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
                    <tr>
                        <th scope="row"><label for="cf_syndi_token">네이버 신디케이션 연동키</label></th>
                        <td colspan="3">
-                <?php if (!function_exists('curl_init')) echo help('<b>경고) curl이 지원되지 않아 네이버 신디케이션을 사용할수 없습니다.</b>'); ?>
+                            <?php if (!function_exists('curl_init')) {
                                echo help('<b>경고) curl이 지원되지 않아 네이버 신디케이션을 사용할수 없습니다.</b>');
                            } ?>
                            <?php echo help('네이버 신디케이션 연동키(token)을 입력하면 네이버 신디케이션을 사용할 수 있습니다.<br>연동키는 <a href="http://webmastertool.naver.com/" target="_blank"><u>네이버 웹마스터도구</u></a> -> 네이버 신디케이션에서 발급할 수 있습니다.') ?>
                            <input type="text" name="cf_syndi_token" value="<?php echo isset($config['cf_syndi_token']) ? get_sanitize_input($config['cf_syndi_token']) : ''; ?>" id="cf_syndi_token" class="frm_input" size="70">
                        </td>
@ -863,7 +983,7 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
                        <th scope="row" class="cf_cert_service"><label for="cf_cert_find">회원정보찾기</label></th>
                        <td class="cf_cert_service">
                            <?php echo help('휴대폰/아이핀 본인확인을 이용하시다가 간편인증을 이용하시는 경우, 기존 회원은 아이디/비밀번호 찾기에 사용할 수 없을 수 있습니다.') ?>
-                <input type="checkbox" name="cf_cert_find" id="cf_cert_find" value="1" <?php if (isset($config['cf_cert_find']) && $config['cf_cert_find'] == 1) { ?> checked <?php } ?>><label for="cf_cert_find"> 아이디/비밀번호 찾기에 사용하기</label>
+                            <input type="checkbox" name="cf_cert_find" id="cf_cert_find" value="1" <?php if (isset($config['cf_cert_find']) && $config['cf_cert_find'] == 1) { echo "checked"; } ?>><label for="cf_cert_find"> 아이디/비밀번호 찾기에 사용하기</label>
                        </td>
                    </tr>
                    <tr>
@ -944,7 +1064,7 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
    </section>
    <?php
-include_once('_rewrite_config_form.php');
+    require_once '_rewrite_config_form.php';
    ?>
    <section id="anc_cf_mail">
@ -1410,8 +1530,9 @@ include_once('_rewrite_config_form.php');
 <script>
    $(function() {
        <?php
-    if(!$config['cf_cert_use'])
+        if (!$config['cf_cert_use']) {
            echo '$(".cf_cert_service").addClass("cf_cert_hide");';
        }
        ?>
        $("#cf_cert_use").change(function() {
            switch ($(this).val()) {
@ -1446,7 +1567,9 @@ $(function(){
                url: "./theme_config_load.php",
                cache: false,
                async: false,
-            data: { type: type },
+                data: {
                    type: type
                },
                dataType: "json",
                success: function(data) {
                    if (data.error) {
@ -1469,8 +1592,7 @@ $(function(){
        });
    });
-function fconfigform_submit(f)
+    function fconfigform_submit(f) {
 {
        var current_user_ip = "<?php echo $_SERVER['REMOTE_ADDR']; ?>";
        var cf_intercept_ip_val = f.cf_intercept_ip.value;
@ -1503,16 +1625,18 @@ if($config['cf_cert_use']) {
    if ($config['cf_cert_ipin'] == 'kcb' || $config['cf_cert_hp'] == 'kcb') {
        // 실행모듈
        if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
-            if(PHP_INT_MAX == 2147483647) // 32-bit
+            if (PHP_INT_MAX == 2147483647) { // 32-bit
                $exe = G5_OKNAME_PATH . '/bin/okname';
            else
                $exe = G5_OKNAME_PATH.'/bin/okname_x64';
            } else {
-            if(PHP_INT_MAX == 2147483647) // 32-bit
+                $exe = G5_OKNAME_PATH . '/bin/okname_x64';
            }
        } else {
            if (PHP_INT_MAX == 2147483647) { // 32-bit
                $exe = G5_OKNAME_PATH . '/bin/okname.exe';
-            else
+            } else {
                $exe = G5_OKNAME_PATH . '/bin/oknamex64.exe';
            }
        }
        echo module_exec_check($exe, 'okname');
@ -1524,10 +1648,11 @@ if($config['cf_cert_use']) {
    // kcp일 때
    if ($config['cf_cert_hp'] == 'kcp') {
        if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
-            if(PHP_INT_MAX == 2147483647) // 32-bit
+            if (PHP_INT_MAX == 2147483647) { // 32-bit
                $exe = G5_KCPCERT_PATH . '/bin/ct_cli';
-            else
+            } else {
                $exe = G5_KCPCERT_PATH . '/bin/ct_cli_x64';
            }
        } else {
            $exe = G5_KCPCERT_PATH . '/bin/ct_cli_exe.exe';
        }
@ -1540,7 +1665,6 @@ if($config['cf_cert_use']) {
        $log_path = G5_LGXPAY_PATH . '/lgdacom/log';
        if (!is_dir($log_path)) {
            if (is_writable(G5_LGXPAY_PATH . '/lgdacom/')) {
                // 디렉토리가 없다면 생성합니다. (퍼미션도 변경하구요.)
                @mkdir($log_path, G5_DIR_PERMISSION);
@ -1575,4 +1699,4 @@ if (stripos($config['cf_image_extension'], "webp") !== false) {
    }
 }
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/config_form_update.php
+++ b/adm/config_form_update.php
@ -1,13 +1,14 @@
 <?php
 $sub_menu = "100100";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
 auth_check_menu($auth, $sub_menu, 'w');
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 $cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : '';
 $cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : '';
@ -15,8 +16,9 @@ $posts = array();
 $mb = get_member($cf_admin);
-if (! (isset($mb['mb_id']) && $mb['mb_id']))
+if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
    alert('최고관리자 회원아이디가 존재하지 않습니다.');
 }
 check_admin_token();
@ -33,12 +35,12 @@ foreach( $check_keys as $key ){
 $posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295';
 if (isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']) {
    $pattern = explode("\n", trim($_POST['cf_intercept_ip']));
    for ($i = 0; $i < count($pattern); $i++) {
        $pattern[$i] = trim($pattern[$i]);
-        if (empty($pattern[$i]))
+        if (empty($pattern[$i])) {
            continue;
        }
        $pattern[$i] = str_replace(".", "\.", $pattern[$i]);
        $pattern[$i] = str_replace("+", "[0-9\.]+", $pattern[$i]);
@ -173,8 +175,9 @@ foreach( $check_keys as $k => $v ){
 }
 // 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함
-if($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple'])
+if ($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple']) {
    alert('본인확인을 위해 아이핀, 휴대폰 본인확인, KG이니시스 간편인증 서비스 중 하나 이상 선택해 주십시오.');
 }
 if (!$_POST['cf_cert_use']) {
    $posts[$key] = $_POST['cf_cert_ipin'] = '';
--- a/adm/contentform.php
+++ b/adm/contentform.php
@ -1,7 +1,7 @@
 <?php
 $sub_menu = '300600';
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_EDITOR_LIB);
+require_once G5_EDITOR_LIB;
 auth_check_menu($auth, $sub_menu, "w");
@ -16,22 +16,31 @@ if(!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", fa
 // html purifier 사용여부 필드
 if (!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) {
-    sql_query(" ALTER TABLE `{$g5['content_table']}`
+    sql_query(
-                    ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ", true);
+        " ALTER TABLE `{$g5['content_table']}`
                    ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ",
        true
    );
    sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' ");
 }
 // 모바일 내용 추가
 if (!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) {
-    sql_query(" ALTER TABLE `{$g5['content_table']}`
+    sql_query(
-                    ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ", true);
+        " ALTER TABLE `{$g5['content_table']}`
                    ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ",
        true
    );
 }
 // 스킨 설정 추가
 if (!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
-    sql_query(" ALTER TABLE `{$g5['content_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['content_table']}`
                    ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`,
-                    ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ", true);
+                    ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ",
        true
    );
    sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
 }
@ -39,18 +48,16 @@ $html_title = "내용";
 $g5['title'] = $html_title . ' 관리';
 $readonly = '';
-if ($w == "u")
+if ($w == "u") {
 {
    $html_title .= " 수정";
    $readonly = " readonly";
    $sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
    $co = sql_fetch($sql);
-    if (!$co['co_id'])
+    if (!$co['co_id']) {
        alert('등록된 자료가 없습니다.');
    }
-else
+} else {
 {
    $html_title .= ' 입력';
    $co = array(
        'co_id' => '',
@ -66,7 +73,7 @@ else
    );
 }
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 ?>
 <form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
@ -146,7 +153,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
                        <?php
                        echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
-            include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+                        require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
                        $captcha_html = captcha_html();
                        $captcha_js   = chk_captcha_js();
                        echo $captcha_html;
@ -165,10 +172,11 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
                        $himg_str = '';
                        if (file_exists($himg)) {
                            $size = @getimagesize($himg);
-                if($size[0] && $size[0] > 750)
+                            if ($size[0] && $size[0] > 750) {
                                $width = 750;
-                else
+                            } else {
                                $width = $size[0];
                            }
                            echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>';
                            $himg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_h" width="' . $width . '" alt="">';
@ -190,10 +198,11 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
                        $timg_str = '';
                        if (file_exists($timg)) {
                            $size = @getimagesize($timg);
-                if($size[0] && $size[0] > 750)
+                            if ($size[0] && $size[0] > 750) {
                                $width = 750;
-                else
+                            } else {
                                $width = $size[0];
                            }
                            echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>';
                            $timg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_t" width="' . $width . '" alt="">';
@ -227,12 +236,13 @@ function use_captcha_check(){
        $.ajax({
            type: "POST",
            url: g5_admin_url + "/ajax.use_captcha.php",
-        data: { admin_use_captcha: "1" },
+            data: {
                admin_use_captcha: "1"
            },
            cache: false,
            async: false,
            dataType: "json",
-        success: function(data) {
+            success: function(data) {}
        }
        });
    }
@ -267,8 +277,7 @@ jQuery(function($){
        }
    });
-function frmcontentform_check(f)
+    function frmcontentform_check(f) {
 {
        errmsg = "";
        errfld = "";
@ -295,4 +304,4 @@ function frmcontentform_check(f)
 </script>
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/contentformupdate.php
+++ b/adm/contentformupdate.php
@ -1,22 +1,25 @@
 <?php
 $sub_menu = '300600';
-include_once('./_common.php');
+require_once './_common.php';
-if ($w == "u" || $w == "d")
+if ($w == "u" || $w == "d") {
    check_demo();
 }
-if ($w == 'd')
+if ($w == 'd') {
    auth_check_menu($auth, $sub_menu, "d");
-else
+} else {
    auth_check_menu($auth, $sub_menu, "w");
 }
 check_admin_token();
 $co_row = array('co_id' => '', 'co_include_head' => '', 'co_include_tail' => '');
-if ($w == "" || $w == "u")
+if ($w == "" || $w == "u") {
-{
+    if (isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) {
-    if(isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
+        alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
    }
    $sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
    $co_row = sql_fetch($sql);
@ -37,7 +40,7 @@ $co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mo
 // 관리자가 자동등록방지를 사용해야 할 경우
 if (((isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head) || (isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail)) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
-    include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+    include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
    if (!chk_captcha()) {
        alert('자동등록방지 숫자가 틀렸습니다.');
@ -47,13 +50,16 @@ if ((( isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_i
@mkdir(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
-if ($co_himg_del)  @unlink(G5_DATA_PATH."/content/{$co_id}_h");
+if ($co_himg_del) {
-if ($co_timg_del)  @unlink(G5_DATA_PATH."/content/{$co_id}_t");
+    @unlink(G5_DATA_PATH . "/content/{$co_id}_h");
 }
 if ($co_timg_del) {
    @unlink(G5_DATA_PATH . "/content/{$co_id}_t");
 }
 $error_msg = '';
 if ($co_include_head) {
    $file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION);
    if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_head)) {
@ -62,7 +68,6 @@ if( $co_include_head ){
 }
 if ($co_include_tail) {
    $file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION);
    if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail)) {
@ -98,26 +103,22 @@ $sql_common = " co_include_head     = '$co_include_head',
                co_skin             = '$co_skin',
                co_mobile_skin      = '$co_mobile_skin' ";
-if ($w == "")
+if ($w == "") {
 {
    $row = $co_row;
-    if (isset($row['co_id']) && $row['co_id'])
+    if (isset($row['co_id']) && $row['co_id']) {
        alert("이미 같은 ID로 등록된 내용이 있습니다.");
    }
    $sql = " insert {$g5['content_table']}
                set co_id = '$co_id',
                    $sql_common ";
    sql_query($sql);
-}
+} elseif ($w == "u") {
 else if ($w == "u")
 {
    $sql = " update {$g5['content_table']}
                set $sql_common
              where co_id = '$co_id' ";
    sql_query($sql);
-}
+} elseif ($w == "d") {
 else if ($w == "d")
 {
    @unlink(G5_DATA_PATH . "/content/{$co_id}_h");
    @unlink(G5_DATA_PATH . "/content/{$co_id}_t");
@ -125,21 +126,19 @@ else if ($w == "d")
    sql_query($sql);
 }
-if(function_exists('get_admin_captcha_by'))
+if (function_exists('get_admin_captcha_by')) {
    get_admin_captcha_by('remove');
 }
 g5_delete_cache_by_prefix('content-' . $co_id . '-');
-if ($w == "" || $w == "u")
+if ($w == "" || $w == "u") {
-{
+    if ($_FILES['co_himg']['name']) {
    if ($_FILES['co_himg']['name'])
    {
        $dest_path = G5_DATA_PATH . "/content/" . $co_id . "_h";
        @move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path);
        @chmod($dest_path, G5_FILE_PERMISSION);
    }
-    if ($_FILES['co_timg']['name'])
+    if ($_FILES['co_timg']['name']) {
    {
        $dest_path = G5_DATA_PATH . "/content/" . $co_id . "_t";
        @move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path);
        @chmod($dest_path, G5_FILE_PERMISSION);
@ -150,8 +149,6 @@ if ($w == "" || $w == "u")
    } else {
        goto_url("./contentform.php?w=u&amp;co_id=$co_id");
    }
-}
+} else {
 else
 {
    goto_url("./contentlist.php");
 }
--- a/adm/contentlist.php
+++ b/adm/contentlist.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '300600';
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, "r");
@ -12,7 +12,8 @@ if(!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
    if (sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) {
        sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false);
    } else {
-       $query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
+        $query_cp = sql_query(
            " CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
                      `co_id` varchar(20) NOT NULL DEFAULT '',
                      `co_html` tinyint(4) NOT NULL DEFAULT '0',
                      `co_subject` varchar(255) NOT NULL DEFAULT '',
@ -21,7 +22,9 @@ if(!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
                      `co_include_head` varchar(255) NOT NULL,
                      `co_include_tail` varchar(255) NOT NULL,
                      PRIMARY KEY (`co_id`)
-                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
+                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
            true
        );
        // 내용관리 생성
        sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false);
@ -31,7 +34,7 @@ if(!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
 }
 $g5['title'] = '내용관리';
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 $sql_common = " from {$g5['content_table']} ";
@ -42,7 +45,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1;
 } // 페이지가 없으면 첫 페이지 (1 페이지)
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} ";
@ -94,4 +99,4 @@ $result = sql_query($sql);
 <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/dbupgrade.php
+++ b/adm/dbupgrade.php
@ -197,7 +197,7 @@ if (defined('G5_USE_SHOP') && G5_USE_SHOP) {
    $result = sql_query("describe `{$g5['g5_shop_post_log_table']}`");
    while ($row = sql_fetch_array($result)){
-        if( $row['Field'] === 'ol_msg' && $row['Type'] === 'varchar(255)' ){
+        if( isset($row['Field']) && $row['Field'] === 'ol_msg' && $row['Type'] === 'varchar(255)' ){
            sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` MODIFY ol_msg TEXT NOT NULL;", false);
            sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` DROP PRIMARY KEY;", false);
            sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` ADD `log_id` int(11) NOT NULL AUTO_INCREMENT, ADD PRIMARY KEY (`log_id`);", false);
--- a/adm/faqlist.php
+++ b/adm/faqlist.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '300700';
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, "r");
@ -10,9 +10,9 @@ if (isset($_REQUEST['fm_subject'])){
    $g5['title'] .= ' : ' . $fm_subject;
 }
-$fm_id = (int) $fm_id;
+$fm_id = isset($fm_id) ? (int) $fm_id : 0;
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 $sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
 $fm = sql_fetch($sql);
@ -57,8 +57,7 @@ $result = sql_query($sql);
        </thead>
        <tbody>
            <?php
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+            for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
                $row1 = sql_fetch(" select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ");
                $cnt = $row1['cnt'];
@ -81,7 +80,6 @@ $result = sql_query($sql);
                        <a href="./faqformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $fa_subject; ?> </span>삭제</a>
                    </td>
                </tr>
                <?php
            }
@ -96,4 +94,4 @@ $result = sql_query($sql);
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/faqmasterform.php
+++ b/adm/faqmasterform.php
@ -1,25 +1,24 @@
 <?php
 $sub_menu = '300700';
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_EDITOR_LIB);
+require_once G5_EDITOR_LIB;
 auth_check_menu($auth, $sub_menu, "w");
 $html_title = 'FAQ';
-$fm_id = isset($_GET['fm_id']) ? preg_replace('/[^0-9]/', '', $_GET['fm_id']) : 0;
+$fm_id = isset($_GET['fm_id']) ? strval(preg_replace('/[^0-9]/', '', $_GET['fm_id'])) : 0;
-if ($w == "u")
+if ($w == "u") {
 {
    $html_title .= ' 수정';
    $readonly = ' readonly';
    $sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
    $fm = sql_fetch($sql);
-    if (!$fm['fm_id']) alert('등록된 자료가 없습니다.');
+    if (!$fm['fm_id']) {
        alert('등록된 자료가 없습니다.');
    }
-else
+} else {
 {
    $html_title .= ' 입력';
    $fm = array('fm_order' => '', 'fm_subject' => '', 'fm_id' => 0, 'fm_head_html' => '', 'fm_tail_html' => '', 'fm_mobile_head_html' => '', 'fm_mobile_tail_html' => '');
 }
@ -28,12 +27,15 @@ $g5['title'] = $html_title.' 관리';
 // 모바일 상하단 내용 필드추가
 if (!sql_query(" select fm_mobile_head_html from {$g5['faq_master_table']} limit 1 ", false)) {
-    sql_query(" ALTER TABLE `{$g5['faq_master_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['faq_master_table']}`
                    ADD `fm_mobile_head_html` text NOT NULL AFTER `fm_tail_html`,
-                    ADD `fm_mobile_tail_html` text NOT NULL AFTER `fm_mobile_head_html` ", true);
+                    ADD `fm_mobile_tail_html` text NOT NULL AFTER `fm_mobile_head_html` ",
        true
    );
 }
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 ?>
 <form name="frmfaqmasterform" action="./faqmasterformupdate.php" onsubmit="return frmfaqmasterform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
@ -73,13 +75,16 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
                        <?php
                        $himg = G5_DATA_PATH . '/faq/' . $fm['fm_id'] . '_h';
                        $himg_str = '';
                        $width = 0;
                        if (file_exists($himg)) {
                            $size = @getimagesize($himg);
-                if($size[0] && $size[0] > 750)
+                            if ($size) {
                                if ($size[0] && $size[0] > 750) {
                                    $width = 750;
-                else
+                                } else {
                                    $width = $size[0];
-
+                                }
                            }
                            echo '<input type="checkbox" name="fm_himg_del" value="1" id="fm_himg_del"> <label for="fm_himg_del">삭제</label>';
                            $himg_str = '<img src="' . G5_DATA_URL . '/faq/' . $fm['fm_id'] . '_h" width="' . $width . '" alt="">';
                        }
@ -98,12 +103,16 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
                        <?php
                        $timg = G5_DATA_PATH . '/faq/' . $fm['fm_id'] . '_t';
                        $timg_str = '';
                        $width = 0;
                        if (file_exists($timg)) {
                            $size = @getimagesize($timg);
-                if($size[0] && $size[0] > 750)
+                            if ($size) {
                                if ($size[0] && $size[0] > 750) {
                                    $width = 750;
-                else
+                                } else {
                                    $width = $size[0];
                                }
                            }
                            echo '<input type="checkbox" name="fm_timg_del" value="1" id="fm_timg_del"><label for="fm_timg_del">삭제</label>';
                            $timg_str = '<img src="' . G5_DATA_URL . '/faq/' . $fm['fm_id'] . '_t" width="' . $width . '" alt="">';
@ -152,8 +161,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
 </form>
 <script>
-function frmfaqmasterform_check(f)
+    function frmfaqmasterform_check(f) {
 {
        <?php echo get_editor_js('fm_head_html'); ?>
        <?php echo get_editor_js('fm_tail_html'); ?>
        <?php echo get_editor_js('fm_mobile_head_html'); ?>
@ -164,4 +172,4 @@ function frmfaqmasterform_check(f)
 </script>
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/faqmasterformupdate.php
+++ b/adm/faqmasterformupdate.php
@ -1,14 +1,16 @@
 <?php
 $sub_menu = '300700';
-include_once('./_common.php');
+require_once './_common.php';
-if ($w == "u" || $w == "d")
+if ($w == "u" || $w == "d") {
    check_demo();
 }
-if ($w == 'd')
+if ($w == 'd') {
    auth_check_menu($auth, $sub_menu, "d");
-else
+} else {
    auth_check_menu($auth, $sub_menu, "w");
 }
 check_admin_token();
@ -25,8 +27,12 @@ $fm_mobile_head_html = isset($_POST['fm_mobile_head_html']) ? $_POST['fm_mobile_
 $fm_mobile_tail_html = isset($_POST['fm_mobile_tail_html']) ? $_POST['fm_mobile_tail_html'] : '';
 $fm_order = isset($_POST['fm_order']) ? (int) $_POST['fm_order'] : 0;
-if ($fm_himg_del)  @unlink(G5_DATA_PATH."/faq/{$fm_id}_h");
+if ($fm_himg_del) {
-if ($fm_timg_del)  @unlink(G5_DATA_PATH."/faq/{$fm_id}_t");
+    @unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
 }
 if ($fm_timg_del) {
    @unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
 }
 $sql_common = " set fm_subject = '$fm_subject',
                    fm_head_html = '$fm_head_html',
@ -35,8 +41,7 @@ $sql_common = " set fm_subject = '$fm_subject',
                    fm_mobile_tail_html = '$fm_mobile_tail_html',
                    fm_order = '$fm_order' ";
-if ($w == "")
+if ($w == "") {
 {
    $sql = " alter table {$g5['faq_master_table']} auto_increment=1 ";
    sql_query($sql);
@ -44,14 +49,10 @@ if ($w == "")
    sql_query($sql);
    $fm_id = sql_insert_id();
-}
+} elseif ($w == "u") {
 else if ($w == "u")
 {
    $sql = " update {$g5['faq_master_table']} $sql_common where fm_id = '$fm_id' ";
    sql_query($sql);
-}
+} elseif ($w == "d") {
 else if ($w == "d")
 {
    @unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
    @unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
@ -64,8 +65,7 @@ else if ($w == "d")
    sql_query($sql);
 }
-if ($w == "" || $w == "u")
+if ($w == "" || $w == "u") {
 {
    if ($_FILES['fm_himg']['name']) {
        $dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_h";
        @move_uploaded_file($_FILES['fm_himg']['tmp_name'], $dest_path);
@ -78,6 +78,6 @@ if ($w == "" || $w == "u")
    }
    goto_url("./faqmasterform.php?w=u&amp;fm_id=$fm_id");
-}
+} else {
 else
    goto_url("./faqmasterlist.php");
 }
--- a/adm/faqmasterlist.php
+++ b/adm/faqmasterlist.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '300700';
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, "r");
@ -14,14 +14,17 @@ if(!sql_query(" DESCRIBE {$g5['faq_master_table']} ", false)) {
    if (sql_query(" DESCRIBE {$g5['g5_shop_faq_master_table']} ", false)) {
        sql_query(" ALTER TABLE {$g5['g5_shop_faq_master_table']} RENAME TO `{$g5['faq_master_table']}` ;", false);
    } else {
-       $query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['faq_master_table']}` (
+        $query_cp = sql_query(
            " CREATE TABLE IF NOT EXISTS `{$g5['faq_master_table']}` (
                      `fm_id` int(11) NOT NULL AUTO_INCREMENT,
                      `fm_subject` varchar(255) NOT NULL DEFAULT '',
                      `fm_head_html` text NOT NULL,
                      `fm_tail_html` text NOT NULL,
                      `fm_order` int(11) NOT NULL DEFAULT '0',
                      PRIMARY KEY (`fm_id`)
-                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
+                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
            true
        );
    }
    // FAQ Master
    sql_query(" insert into `{$g5['faq_master_table']}` set fm_id = '1', fm_subject = '자주하시는 질문' ", false);
@ -32,7 +35,8 @@ if(!sql_query(" DESCRIBE {$g5['faq_table']} ", false)) {
    if (sql_query(" DESCRIBE {$g5['g5_shop_faq_table']} ", false)) {
        sql_query(" ALTER TABLE {$g5['g5_shop_faq_table']} RENAME TO `{$g5['faq_table']}` ;", false);
    } else {
-       $query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['faq_table']}` (
+        $query_cp = sql_query(
            " CREATE TABLE IF NOT EXISTS `{$g5['faq_table']}` (
                      `fa_id` int(11) NOT NULL AUTO_INCREMENT,
                      `fm_id` int(11) NOT NULL DEFAULT '0',
                      `fa_subject` text NOT NULL,
@ -40,12 +44,14 @@ if(!sql_query(" DESCRIBE {$g5['faq_table']} ", false)) {
                      `fa_order` int(11) NOT NULL DEFAULT '0',
                      PRIMARY KEY (`fa_id`),
                      KEY `fm_id` (`fm_id`)
-                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
+                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
            true
        );
    }
 }
 $g5['title'] = 'FAQ관리';
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 $sql_common = " from {$g5['faq_master_table']} ";
@ -56,7 +62,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1;
 } // 페이지가 없으면 첫 페이지 (1 페이지)
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = "select * $sql_common order by fm_order, fm_id limit $from_record, {$config['cf_page_rows']} ";
@ -64,7 +72,9 @@ $result = sql_query($sql);
 ?>
 <div class="local_ov01 local_ov">
-    <?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
+    <?php if ($page > 1) { ?>
        <a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a>
    <?php } ?>
    <span class="btn_ov01"><span class="ov_txt"> 전체 FAQ </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
 </div>
@ -124,4 +134,4 @@ $result = sql_query($sql);
 <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/index.php
+++ b/adm/index.php
@ -1,14 +1,14 @@
 <?php
 $sub_menu = '100000';
-include_once('./_common.php');
+require_once './_common.php';
-@include_once('./safe_check.php');
+@require_once './safe_check.php';
 if (function_exists('social_log_file_delete')) {
    social_log_file_delete(86400);      //소셜로그인 디버그 파일 24시간 지난것은 삭제
 }
 $g5['title'] = '관리자메인';
-include_once ('./admin.head.php');
+require_once './admin.head.php';
 $new_member_rows = 5;
 $new_point_rows = 5;
@ -18,8 +18,9 @@ $sql_common = " from {$g5['member_table']} ";
 $sql_search = " where (1) ";
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    $sql_search .= " and mb_level <= '{$member['mb_level']}' ";
 }
 if (!$sst) {
    $sst = "mb_datetime";
@ -73,22 +74,19 @@ $colspan = 12;
            </thead>
            <tbody>
                <?php
-        for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
        {
                    // 접근가능한 그룹수
                    $sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
                    $row2 = sql_fetch($sql2);
                    $group = "";
-            if ($row2['cnt'])
+                    if ($row2['cnt']) {
                        $group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
                    }
-            if ($is_admin == 'group')
+                    if ($is_admin == 'group') {
            {
                        $s_mod = '';
                        $s_del = '';
-            }
+                    } else {
            else
            {
                        $s_mod = '<a href="./member_form.php?$qstr&amp;w=u&amp;mb_id=' . $row['mb_id'] . '">수정</a>';
                        $s_del = '<a href="./member_delete.php?' . $qstr . '&amp;w=d&amp;mb_id=' . $row['mb_id'] . '&amp;url=' . $_SERVER['SCRIPT_NAME'] . '" onclick="return delete_confirm(this);">삭제</a>';
                    }
@ -104,7 +102,9 @@ $colspan = 12;
                    <tr>
                        <td class="td_mbid"><?php echo $mb_id ?></td>
                        <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
-            <td class="td_mbname sv_use"><div><?php echo $mb_nick ?></div></td>
+                        <td class="td_mbname sv_use">
                            <div><?php echo $mb_nick ?></div>
                        </td>
                        <td class="td_num"><?php echo $row['mb_level'] ?></td>
                        <td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
                        <td class="td_boolean"><?php echo $row['mb_mailling'] ? '예' : '아니오'; ?></td>
@ -115,8 +115,9 @@ $colspan = 12;
                    </tr>
                <?php
                }
-        if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -131,14 +132,16 @@ $colspan = 12;
 <?php
 $sql_common = " from {$g5['board_new_table']} a, {$g5['board_table']} b, {$g5['group_table']} c where a.bo_table = b.bo_table and b.gr_id = c.gr_id ";
-if ($gr_id)
+if ($gr_id) {
    $sql_common .= " and b.gr_id = '$gr_id' ";
 }
 if (isset($view) && $view) {
-    if ($view == 'w')
+    if ($view == 'w') {
        $sql_common .= " and a.wr_id = a.wr_parent ";
-    else if ($view == 'c')
+    } elseif ($view == 'c') {
        $sql_common .= " and a.wr_id <> a.wr_parent ";
    }
 }
 $sql_order = " order by a.bn_id desc ";
 $sql = " select count(*) as cnt {$sql_common} ";
@ -167,12 +170,11 @@ $colspan = 5;
                <?php
                $sql = " select a.*, b.bo_subject, c.gr_subject, c.gr_id {$sql_common} {$sql_order} limit {$new_write_rows} ";
                $result = sql_query($sql);
-        for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
        {
                    $tmp_write_table = $g5['write_prefix'] . $row['bo_table'];
-            if ($row['wr_id'] == $row['wr_parent']) // 원글
+                     // 원글
-            {
+                    if ($row['wr_id'] == $row['wr_parent']) {
                        $comment = "";
                        $comment_link = "";
                        $row2 = sql_fetch(" select * from $tmp_write_table where wr_id = '{$row['wr_id']}' ");
@ -181,13 +183,12 @@ $colspan = 5;
                        // 당일인 경우 시간으로 표시함
                        $datetime = substr($row2['wr_datetime'], 0, 10);
                        $datetime2 = $row2['wr_datetime'];
-                if ($datetime == G5_TIME_YMD)
+                        if ($datetime == G5_TIME_YMD) {
                            $datetime2 = substr($datetime2, 11, 5);
-                else
+                        } else {
                            $datetime2 = substr($datetime2, 5, 5);
                        }
-            else // 코멘트
+                    } else // 코멘트
                    {
                        $comment = '댓글. ';
                        $comment_link = '#c_' . $row['wr_id'];
@ -198,25 +199,29 @@ $colspan = 5;
                        // 당일인 경우 시간으로 표시함
                        $datetime = substr($row3['wr_datetime'], 0, 10);
                        $datetime2 = $row3['wr_datetime'];
-                if ($datetime == G5_TIME_YMD)
+                        if ($datetime == G5_TIME_YMD) {
                            $datetime2 = substr($datetime2, 11, 5);
-                else
+                        } else {
                            $datetime2 = substr($datetime2, 5, 5);
                        }
                    }
                ?>
                    <tr>
                        <td class="td_category"><a href="<?php echo G5_BBS_URL ?>/new.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo cut_str($row['gr_subject'], 10) ?></a></td>
                        <td class="td_category"><a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo cut_str($row['bo_subject'], 20) ?></a></td>
                        <td><a href="<?php echo get_pretty_url($row['bo_table'], $row2['wr_id']); ?><?php echo $comment_link ?>"><?php echo $comment ?><?php echo conv_subject($row2['wr_subject'], 100) ?></a></td>
-            <td class="td_mbname"><div><?php echo $name ?></div></td>
+                        <td class="td_mbname">
                            <div><?php echo $name ?></div>
                        </td>
                        <td class="td_datetime"><?php echo $datetime ?></td>
                    </tr>
                <?php
                }
-        if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -265,10 +270,8 @@ $colspan = 7;
            <tbody>
                <?php
                $row2['mb_id'] = '';
-        for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
-        {
+                    if ($row2['mb_id'] != $row['mb_id']) {
            if ($row2['mb_id'] != $row['mb_id'])
            {
                        $sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
                        $row2 = sql_fetch($sql2);
                    }
@ -276,8 +279,7 @@ $colspan = 7;
                    $mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
                    $link1 = $link2 = "";
-            if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table'])
+                    if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
            {
                        $link1 = '<a href="' . get_pretty_url($row['po_rel_table'], $row['po_rel_id']) . '" target="_blank">';
                        $link2 = '</a>';
                    }
@ -286,7 +288,9 @@ $colspan = 7;
                    <tr>
                        <td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
                        <td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td>
-            <td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
+                        <td class="td_name sv_use">
                            <div><?php echo $mb_nick ?></div>
                        </td>
                        <td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
                        <td><?php echo $link1 . $row['po_content'] . $link2 ?></td>
                        <td class="td_numbig"><?php echo number_format($row['po_point']) ?></td>
@ -296,8 +300,9 @@ $colspan = 7;
                <?php
                }
-        if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -309,4 +314,4 @@ $colspan = 7;
 </section>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/mail_delete.php
+++ b/adm/mail_delete.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '200300';
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -10,8 +10,9 @@ check_admin_token();
 $post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
-if(! $post_count_chk)
+if (!$post_count_chk) {
    alert('삭제할 메일목록을 1개이상 선택해 주세요.');
 }
 for ($i = 0; $i < $post_count_chk; $i++) {
    $ma_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
--- a/adm/mail_form.php
+++ b/adm/mail_form.php
@ -1,7 +1,7 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_EDITOR_LIB);
+require_once G5_EDITOR_LIB;
 auth_check_menu($auth, $sub_menu, 'r');
@ -16,17 +16,20 @@ if ($w == 'u') {
    $sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
    $ma = sql_fetch($sql);
-    if (!$ma['ma_id'])
+    if (!$ma['ma_id']) {
        alert('등록된 자료가 없습니다.');
    }
 } else {
    $html_title .= '입력';
 }
 $g5['title'] = $html_title;
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
-<div class="local_desc"><p>메일 내용에 {이름} , {닉네임} , {회원아이디} , {이메일} 처럼 내용에 삽입하면 해당 내용에 맞게 변환하여 메일을 발송합니다.</p></div>
+<div class="local_desc">
    <p>메일 내용에 {이름} , {닉네임} , {회원아이디} , {이메일} 처럼 내용에 삽입하면 해당 내용에 맞게 변환하여 메일을 발송합니다.</p>
 </div>
 <form name="fmailform" id="fmailform" action="./mail_update.php" onsubmit="return fmailform_check(this);" method="post">
    <input type="hidden" name="w" value="<?php echo $w ?>" id="w">
@ -59,8 +62,7 @@ include_once('./admin.head.php');
 </form>
 <script>
-function fmailform_check(f)
+    function fmailform_check(f) {
 {
        errmsg = "";
        errfld = "";
@ -83,4 +85,4 @@ document.fmailform.ma_subject.focus();
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/mail_list.php
+++ b/adm/mail_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '200300';
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -17,7 +17,7 @@ $sql = " select * {$sql_common} order by ma_id desc ";
 $result = sql_query($sql);
 $g5['title'] = '회원메일발송';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 7;
 ?>
@ -71,8 +71,9 @@ $colspan = 7;
                <?php
                }
-    if (!$i)
+                if (!$i) {
                    echo "<tr><td colspan=\"" . $colspan . "\" class=\"empty_table\">자료가 없습니다.</td></tr>";
                }
                ?>
            </tbody>
        </table>
@ -101,4 +102,4 @@ $(function() {
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/mail_preview.php
+++ b/adm/mail_preview.php
@ -1,7 +1,7 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_LIB_PATH.'/mailer.lib.php');
+require_once G5_LIB_PATH . '/mailer.lib.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -15,22 +15,18 @@ $content = conv_content($se['ma_content'], 1) . "<hr size=0><p><span style='font
 <!doctype html>
 <html lang="ko">
 <head>
    <meta charset="utf-8">
    <title><?php echo G5_VERSION ?> 메일발송 테스트</title>
 </head>
 <body>
    <h1><?php echo $subject; ?></h1>
-
+    <p><?php echo $content; ?></p>
 <p>
    <?php echo $content; ?>
 </p>
    <p>
        <strong>주의!</strong> 이 화면에 보여지는 디자인은 실제 내용이 발송되었을 때 디자인과 다를 수 있습니다.
    </p>
 </body>
 </html>
--- a/adm/mail_select_form.php
+++ b/adm/mail_select_form.php
@ -1,9 +1,10 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
-if (!$config['cf_email_use'])
+if (!$config['cf_email_use']) {
    alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
 }
 auth_check_menu($auth, $sub_menu, 'r');
@ -11,8 +12,9 @@ $ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
 $sql = " select * from {$g5['mail_table']} where ma_id = '$ma_id' ";
 $ma = sql_fetch($sql);
-if (!$ma['ma_id'])
+if (!$ma['ma_id']) {
    alert('보내실 내용을 선택하여 주십시오.');
 }
 // 전체회원수
 $sql = " select COUNT(*) as cnt from {$g5['member_table']} ";
@ -29,20 +31,30 @@ for ($i=0; $i<count($last_option); $i++) {
    $option = explode('=', $last_option[$i]);
    // 동적변수
    $var = isset($option[0]) ? $option[0] : '';
-    if( isset($option[1]) ) $$var = $option[1];
+    if (isset($option[1])) {
        $$var = $option[1];
    }
 }
-if (!isset($mb_id1)) $mb_id1 = 1;
+if (!isset($mb_id1)) {
-if (!isset($mb_level_from)) $mb_level_from = 1;
+    $mb_id1 = 1;
-if (!isset($mb_level_to)) $mb_level_to = 10;
+}
-if (!isset($mb_mailling)) $mb_mailling = 1;
+if (!isset($mb_level_from)) {
    $mb_level_from = 1;
 }
 if (!isset($mb_level_to)) {
    $mb_level_to = 10;
 }
 if (!isset($mb_mailling)) {
    $mb_mailling = 1;
 }
 $mb_id1_from = isset($mb_id1_from) ? clean_xss_tags($mb_id1_from, 1, 1, 30) : '';
 $mb_id1_to = isset($mb_id1_to) ? clean_xss_tags($mb_id1_to, 1, 1, 30) : '';
 $mb_email = isset($mb_email) ? clean_xss_tags($mb_email, 1, 1, 100) : '';
 $g5['title'] = '회원메일발송';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <div class="local_ov01 local_ov">
@ -124,4 +136,4 @@ include_once('./admin.head.php');
 </form>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/mail_select_list.php
+++ b/adm/mail_select_list.php
@ -1,25 +1,38 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
 $ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0;
 $ma_last_option = "";
 $sql_common = " from {$g5['member_table']} ";
 $sql_where = " where (1) ";
 $mb_id1         = isset($_POST['mb_id1'])       ? (int) $_POST['mb_id1'] : 1;
 $mb_id1_from    = isset($_POST['mb_id1_from'])  ? clean_xss_tags($_POST['mb_id1_from'], 1, 1, 30) : '';
 $mb_id1_to      = isset($_POST['mb_id1_to'])    ? clean_xss_tags($_POST['mb_id1_to'], 1, 1, 30) : '';
 $mb_email       = isset($_POST['mb_email'])     ? clean_xss_tags($_POST['mb_email'], 1, 1, 100) : '';
 $mb_mailling    = isset($_POST['mb_mailling'])  ? clean_xss_tags($_POST['mb_mailling'], 1, 1, 100) : '';
 $mb_level_from  = isset($_POST['mb_level_from'])? (int) $_POST['mb_level_from'] : 1;
 $mb_level_to    = isset($_POST['mb_level_to'])  ? (int) $_POST['mb_level_to'] : 10;
 // 회원ID ..에서 ..까지
-if ($mb_id1 != 1)
+if ($mb_id1 != 1) {
    $sql_where .= " and mb_id between '{$mb_id1_from}' and '{$mb_id1_to}' ";
 }
 // E-mail에 특정 단어 포함
-if ($mb_email != "")
+if ($mb_email != "") {
    $sql_where .= " and mb_email like '%{$mb_email}%' ";
 }
 // 메일링
-if ($mb_mailling != "")
+if ($mb_mailling != "") {
    $sql_where .= " and mb_mailling = '{$mb_mailling}' ";
 }
 // 권한
 $sql_where .= " and mb_level between '{$mb_level_from}' and '{$mb_level_to}' ";
@ -35,8 +48,9 @@ if ($gr_id) {
        $comma = ",";
    }
-    if (!$group_member)
+    if (!$group_member) {
        alert('선택하신 게시판 그룹회원이 한명도 없습니다.');
    }
    $sql_where .= " and mb_id in ($group_member) ";
 }
@ -47,8 +61,9 @@ $sql_where .= " and mb_leave_date = '' and mb_intercept_date = '' ";
 $sql = " select COUNT(*) as cnt {$sql_common} {$sql_where} ";
 $row = sql_fetch($sql);
 $cnt = $row['cnt'];
-if ($cnt == 0)
+if ($cnt == 0) {
    alert('선택하신 내용으로는 해당되는 회원자료가 없습니다.');
 }
 // 마지막 옵션을 저장합니다.
 $ma_last_option .= "mb_id1={$mb_id1}";
@ -63,12 +78,12 @@ $ma_last_option .= "||gr_id={$gr_id}";
 sql_query(" update {$g5['mail_table']} set ma_last_option = '{$ma_last_option}' where ma_id = '{$ma_id}' ");
 $g5['title'] = "메일발송 대상 회원";
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <form name="fmailselectlist" id="fmailselectlist" method="post" action="./mail_select_update.php">
    <input type="hidden" name="token" value="">
-<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>">
+    <input type="hidden" name="ma_id" value="<?php echo get_text($ma_id); ?>">
    <div class="tbl_head01 tbl_wrap">
        <table>
@ -117,4 +132,4 @@ include_once('./admin.head.php');
 </form>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/mail_select_update.php
+++ b/adm/mail_select_update.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
@ -10,8 +10,8 @@ check_demo();
 check_admin_token();
-include_once('./admin.head.php');
+require_once './admin.head.php';
-include_once(G5_LIB_PATH.'/mailer.lib.php');
+require_once G5_LIB_PATH . '/mailer.lib.php';
 $countgap = 10; // 몇건씩 보낼지 설정
 $maxscreen = 500; // 몇건씩 화면에 보여줄건지?
@ -25,7 +25,7 @@ echo "</span>";
 <span id="cont"></span>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
 flush();
 ob_flush();
@ -43,23 +43,21 @@ $ma = sql_fetch($sql);
 $subject = $ma['ma_subject'];
 $cnt = 0;
-for ($i=0; $i<count($member_list); $i++)
+for ($i = 0; $i < count($member_list); $i++) {
 {
    list($to_email, $mb_id, $name, $nick, $datetime) = explode("||", trim($member_list[$i]));
    $sw = preg_match("/[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*@[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*/", $to_email);
    // 올바른 메일 주소만
-    if ($sw == true)
+    if ($sw == true) {
    {
        $cnt++;
        $mb_md5 = md5($mb_id . $to_email . $datetime);
        $content = $ma['ma_content'];
-        $content = preg_replace("/{이름}/", $name, $content);
+        $content = preg_replace("/{이름}/", $name, (string)$content);
-        $content = preg_replace("/{닉네임}/", $nick, $content);
+        $content = preg_replace("/{닉네임}/", $nick, (string)$content);
-        $content = preg_replace("/{회원아이디}/", $mb_id, $content);
+        $content = preg_replace("/{회원아이디}/", $mb_id, (string)$content);
-        $content = preg_replace("/{이메일}/", $to_email, $content);
+        $content = preg_replace("/{이메일}/", $to_email, (string)$content);
        $content = $content . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='" . G5_BBS_URL . "/email_stop.php?mb_id={$mb_id}&amp;mb_md5={$mb_md5}' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
@ -71,15 +69,18 @@ for ($i=0; $i<count($member_list); $i++)
        ob_flush();
        ob_end_flush();
        usleep($sleepsec);
-        if ($cnt % $countgap == 0)
+        if ($cnt % $countgap == 0) {
        {
            echo "<script> document.all.cont.innerHTML += '<br>'; document.body.scrollTop += 1000; </script>\n";
        }
        // 화면을 지운다... 부하를 줄임
-        if ($cnt % $maxscreen == 0)
+        if ($cnt % $maxscreen == 0) {
            echo "<script> document.all.cont.innerHTML = ''; document.body.scrollTop += 1000; </script>\n";
        }
    }
 }
 ?>
-<script> document.all.cont.innerHTML += "<br><br>총 <?php echo number_format($cnt) ?>건 발송<br><br><font color=crimson><b>[끝]</b></font>"; document.body.scrollTop += 1000; </script>
+<script>
    document.all.cont.innerHTML += "<br><br>총 <?php echo number_format($cnt) ?>건 발송<br><br><font color=crimson><b>[끝]</b></font>";
    document.body.scrollTop += 1000;
 </script>
--- a/adm/mail_test.php
+++ b/adm/mail_test.php
@ -1,11 +1,12 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
-if (!$config['cf_email_use'])
+if (!$config['cf_email_use']) {
    alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
 }
-include_once(G5_LIB_PATH.'/mailer.lib.php');
+require_once G5_LIB_PATH . '/mailer.lib.php';
 auth_check_menu($auth, $sub_menu, 'w');
@ -25,10 +26,10 @@ $ma = sql_fetch($sql);
 $subject = $ma['ma_subject'];
 $content = $ma['ma_content'];
-$content = preg_replace("/{이름}/", $name, $content);
+$content = preg_replace("/{이름}/", $name, (string)$content);
-$content = preg_replace("/{닉네임}/", $nick, $content);
+$content = preg_replace("/{닉네임}/", $nick, (string)$content);
-$content = preg_replace("/{회원아이디}/", $mb_id, $content);
+$content = preg_replace("/{회원아이디}/", $mb_id, (string)$content);
-$content = preg_replace("/{이메일}/", $email, $content);
+$content = preg_replace("/{이메일}/", $email, (string)$content);
 $mb_md5 = md5($member['mb_id'] . $member['mb_email'] . $member['mb_datetime']);
--- a/adm/mail_update.php
+++ b/adm/mail_update.php
@ -1,9 +1,10 @@
 <?php
 $sub_menu = "200300";
-include_once('./_common.php');
+require_once './_common.php';
-if ($w == 'u' || $w == 'd')
+if ($w == 'u' || $w == 'd') {
    check_demo();
 }
 auth_check_menu($auth, $sub_menu, 'w');
@ -13,17 +14,14 @@ $ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0;
 $ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : '';
 $ma_content = isset($_POST['ma_content']) ? $_POST['ma_content'] : '';
-if ($w == '')
+if ($w == '') {
 {
    $sql = " insert {$g5['mail_table']}
                set ma_subject = '{$ma_subject}',
                     ma_content = '{$ma_content}',
                     ma_time = '" . G5_TIME_YMDHIS . "',
                     ma_ip = '{$_SERVER['REMOTE_ADDR']}' ";
    sql_query($sql);
-}
+} elseif ($w == 'u') {
 else if ($w == 'u')
 {
    $sql = " update {$g5['mail_table']}
                set ma_subject = '{$ma_subject}',
                     ma_content = '{$ma_content}',
@ -31,9 +29,7 @@ else if ($w == 'u')
                     ma_ip = '{$_SERVER['REMOTE_ADDR']}'
                where ma_id = '{$ma_id}' ";
    sql_query($sql);
-}
+} elseif ($w == 'd') {
 else if ($w == 'd')
 {
    $sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
    sql_query($sql);
 }
--- a/adm/member_delete.php
+++ b/adm/member_delete.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200100";
-include_once("./_common.php");
+require_once "./_common.php";
 check_demo();
@ -8,21 +8,23 @@ auth_check_menu($auth, $sub_menu, "d");
 $mb = isset($_POST['mb_id']) ? get_member($_POST['mb_id']) : array();
-if (! (isset($mb['mb_id']) && $mb['mb_id']))
+if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
    alert("회원자료가 존재하지 않습니다.");
-else if ($member['mb_id'] == $mb['mb_id'])
+} elseif ($member['mb_id'] == $mb['mb_id']) {
    alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
-else if (is_admin($mb['mb_id']) == "super")
+} elseif (is_admin($mb['mb_id']) == "super") {
    alert("최고 관리자는 삭제할 수 없습니다.");
-else if ($mb['mb_level'] >= $member['mb_level'])
+} elseif ($mb['mb_level'] >= $member['mb_level']) {
    alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
 }
 check_admin_token();
 // 회원자료 삭제
 member_delete($mb['mb_id']);
-if ($url)
+if (isset($url)) {
-    goto_url("{$url}?$qstr&amp;w=u&amp;mb_id=$mb_id");
+    goto_url("{$url}?$qstr&amp;w=u&amp;mb_id=" . $mb['mb_id']);
-else
+} else {
    goto_url("./member_list.php?$qstr");
 }
--- a/adm/member_form.php
+++ b/adm/member_form.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200100";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
@ -40,11 +40,12 @@ $mb = array(
 );
 $sound_only = '';
 $required_mb_id = '';
 $required_mb_id_class = '';
 $required_mb_password = '';
 $html_title = '';
-if ($w == '')
+if ($w == '') {
 {
    $required_mb_id = 'required';
    $required_mb_id_class = 'required alnum_';
    $required_mb_password = 'required';
@ -54,15 +55,15 @@ if ($w == '')
    $mb['mb_open'] = 1;
    $mb['mb_level'] = $config['cf_register_level'];
    $html_title = '추가';
-}
+} elseif ($w == 'u') {
 else if ($w == 'u')
 {
    $mb = get_member($mb_id);
-    if (!$mb['mb_id'])
+    if (!$mb['mb_id']) {
        alert('존재하지 않는 회원자료입니다.');
    }
-    if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level'])
+    if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
        alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
    }
    $required_mb_id = 'readonly';
    $html_title = '수정';
@ -90,9 +91,9 @@ else if ($w == 'u')
    $mb['mb_8'] = get_text($mb['mb_8']);
    $mb['mb_9'] = get_text($mb['mb_9']);
    $mb['mb_10'] = get_text($mb['mb_10']);
-}
+} else {
 else
    alert('제대로 된 값이 넘어오지 않았습니다.');
 }
 // 본인확인방법
 switch ($mb['mb_certify']) {
@ -179,7 +180,8 @@ if( !isset($g5['member_cert_history']) ){
 }
 // 멤버 본인인증 정보 변경 내역 테이블 없을 경우 생성
 if (isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cert_history_table']} ", false)) {
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['member_cert_history_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['member_cert_history_table']}` (
                    `ch_id` int(11) NOT NULL auto_increment,
                    `mb_id` varchar(20) NOT NULL DEFAULT '',
                    `ch_name` varchar(255) NOT NULL DEFAULT '',
@ -189,7 +191,9 @@ if(isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cer
                    `ch_datetime` datetime NOT NULL default '0000-00-00 00:00:00',
                    PRIMARY KEY (`ch_id`),
                    KEY `mb_id` (`mb_id`)
-                ) ", true);
+                ) ",
        true
    );
 }
 $mb_cert_history = '';
@ -198,10 +202,13 @@ if (isset($mb_id) && $mb_id) {
    $mb_cert_history = sql_query($sql);
 }
-if ($mb['mb_intercept_date']) $g5['title'] = "차단된 ";
+if ($mb['mb_intercept_date']) {
-else $g5['title'] .= "";
+    $g5['title'] = "차단된 ";
 } else {
    $g5['title'] .= "";
 }
 $g5['title'] .= '회원 ' . $html_title;
-include_once('./admin.head.php');
+require_once './admin.head.php';
 // add_javascript('js 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
 add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
@ -233,7 +240,19 @@ add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
                        <?php if ($w == 'u') { ?><a href="./boardgroupmember_form.php?mb_id=<?php echo $mb['mb_id'] ?>" class="btn_frmline">접근가능그룹보기</a><?php } ?>
                    </td>
                    <th scope="row"><label for="mb_password">비밀번호<?php echo $sound_only ?></label></th>
-        <td><input type="password" name="mb_password" id="mb_password" <?php echo $required_mb_password ?> class="frm_input <?php echo $required_mb_password ?>" size="15" maxlength="20"></td>
+                    <td>
                        <div>
                        <input type="password" name="mb_password" id="mb_password" <?php echo $required_mb_password ?> class="frm_input <?php echo $required_mb_password ?>" size="15" maxlength="20">
                        </div>
                        <div id="mb_password_captcha_wrap" style="display:none">
                            <?php
                            require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
                            $captcha_html = captcha_html();
                            $captcha_js   = chk_captcha_js();
                            echo $captcha_html;
                            ?>
                        </div>
                    </td>
                </tr>
                <tr>
                    <th scope="row"><label for="mb_name">이름(실명)<strong class="sound_only">필수</strong></label></th>
@ -262,11 +281,11 @@ add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
                <tr>
                    <th scope="row">본인확인방법</th>
                    <td colspan="3">
-            <input type="radio" name="mb_certify_case" value="simple" id="mb_certify_sa" <?php if($mb['mb_certify'] == 'simple') echo 'checked="checked"'; ?>>
+                        <input type="radio" name="mb_certify_case" value="simple" id="mb_certify_sa" <?php if ($mb['mb_certify'] == 'simple') { echo 'checked="checked"'; } ?>>
                        <label for="mb_certify_sa">간편인증</label>
-            <input type="radio" name="mb_certify_case" value="hp" id="mb_certify_hp" <?php if($mb['mb_certify'] == 'hp') echo 'checked="checked"'; ?>>
+                        <input type="radio" name="mb_certify_case" value="hp" id="mb_certify_hp" <?php if ($mb['mb_certify'] == 'hp') { echo 'checked="checked"'; } ?>>
                        <label for="mb_certify_hp">휴대폰</label>
-            <input type="radio" name="mb_certify_case" value="ipin" id="mb_certify_ipin" <?php if($mb['mb_certify'] == 'ipin') echo 'checked="checked"'; ?>>
+                        <input type="radio" name="mb_certify_case" value="ipin" id="mb_certify_ipin" <?php if ($mb['mb_certify'] == 'ipin') { echo 'checked="checked"'; } ?>>
                        <label for="mb_certify_ipin">아이핀</label>
                    </td>
                </tr>
@ -275,7 +294,7 @@ add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
                    <td>
                        <input type="radio" name="mb_certify" value="1" id="mb_certify_yes" <?php echo $mb_certify_yes; ?>>
                        <label for="mb_certify_yes">예</label>
-            <input type="radio" name="mb_certify" value="" id="mb_certify_no" <?php echo $mb_certify_no; ?>>
+                        <input type="radio" name="mb_certify" value="0" id="mb_certify_no" <?php echo $mb_certify_no; ?>>
                        <label for="mb_certify_no">아니오</label>
                    </td>
                    <th scope="row">성인인증</th>
@ -378,6 +397,7 @@ add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
                        $cnt = 0;
                        while ($row = sql_fetch_array($mb_cert_history)) {
                            $cnt++;
                            $cert_type = '';
                            switch ($row['ch_type']) {
                                case 'simple':
                                    $cert_type = '간편인증';
@ -443,16 +463,13 @@ add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
                    <th scope="row"><label for="mb_leave_date">탈퇴일자</label></th>
                    <td>
                        <input type="text" name="mb_leave_date" value="<?php echo $mb['mb_leave_date'] ?>" id="mb_leave_date" class="frm_input" maxlength="8">
-            <input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_leave_date_set_today" onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) {
+                        <input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_leave_date_set_today" onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) { this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }">
 this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }">
                        <label for="mb_leave_date_set_today">탈퇴일을 오늘로 지정</label>
                    </td>
                    <th scope="row">접근차단일자</th>
                    <td>
                        <input type="text" name="mb_intercept_date" value="<?php echo $mb['mb_intercept_date'] ?>" id="mb_intercept_date" class="frm_input" maxlength="8">
-            <input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_intercept_date_set_today" onclick="if
+                        <input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_intercept_date_set_today" onclick="if (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else { this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
 (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else {
 this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
                        <label for="mb_intercept_date_set_today">접근차단일을 오늘로 지정</label>
                    </td>
                </tr>
@ -461,7 +478,6 @@ this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
                //소셜계정이 있다면
                if (function_exists('social_login_link_account') && $mb['mb_id']) {
                    if ($my_social_accounts = social_login_link_account($mb['mb_id'], false, 'get_data')) { ?>
                        <tr>
                            <th>소셜계정목록</th>
                            <td colspan="3">
@ -469,7 +485,9 @@ this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
                                    <li class="social_login_container">
                                        <h4>연결된 소셜 계정 목록</h4>
                                        <?php foreach ($my_social_accounts as $account) {     //반복문
-                    if( empty($account) ) continue;
+                                            if (empty($account)) {
                                                continue;
                                            }
                                            $provider = strtolower($account['provider']);
                                            $provider_name = social_get_provider_service_name($provider);
@ -565,8 +583,7 @@ this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
 </form>
 <script>
-function fmember_submit(f)
+    function fmember_submit(f) {
 {
        if (!f.mb_icon.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_icon.value) {
            alert('아이콘은 이미지 파일만 가능합니다.');
            return false;
@ -577,10 +594,37 @@ function fmember_submit(f)
            return false;
        }
        if( jQuery("#mb_password").val() ){
            <?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
        }
        return true;
    }
    jQuery(function($){
        $("#captcha_key").prop('required', false).removeAttr("required").removeClass("required");
        $("#mb_password").on("keyup", function(e) {
            var $warp = $("#mb_password_captcha_wrap"),
                tooptipid = "mp_captcha_tooltip",
                $span_text = $("<span>", {id:tooptipid, style:"font-size:0.95em;letter-spacing:-0.1em"}).html("비밀번호를 수정할 경우 캡챠를 입력해야 합니다."),
                $parent = $(this).parent(),
                is_invisible_recaptcha = $("#captcha").hasClass("invisible_recaptcha");
            if($(this).val()){
                $warp.show();
                if(! is_invisible_recaptcha) {
                    $warp.css("margin-top","1em");
                    if(! $("#"+tooptipid).length){ $parent.append($span_text) }
                }
            } else {
                $warp.hide();
                if($("#"+tooptipid).length && ! is_invisible_recaptcha){ $parent.find("#"+tooptipid).remove(); }
            }
        });
    });
 </script>
 <?php
 run_event('admin_member_form_after', $mb, $w);
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/member_form_update.php
+++ b/adm/member_form_update.php
@ -1,33 +1,45 @@
 <?php
 $sub_menu = "200100";
-include_once("./_common.php");
+require_once "./_common.php";
-include_once(G5_LIB_PATH."/register.lib.php");
+require_once G5_LIB_PATH . "/register.lib.php";
-include_once(G5_LIB_PATH.'/thumbnail.lib.php');
+require_once G5_LIB_PATH . '/thumbnail.lib.php';
-if ($w == 'u')
+if ($w == 'u') {
    check_demo();
 }
 auth_check_menu($auth, $sub_menu, 'w');
 check_admin_token();
 $mb_id          = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : '';
 $mb_password    = isset($_POST['mb_password']) ? trim($_POST['mb_password']) : '';
 $mb_certify_case = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : '';
 $mb_certify     = isset($_POST['mb_certify']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify']) : '';
 $mb_zip         = isset($_POST['mb_zip']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_zip']) : '';
 // 관리자가 자동등록방지를 사용해야 할 경우 ( 회원의 비밀번호 변경시 캡챠를 체크한다 )
 if ($mb_password && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
    include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
    if (!chk_captcha()) {
        alert('자동등록방지 숫자가 틀렸습니다.');
    }
 }
 // 휴대폰번호 체크
 $mb_hp = hyphen_hp_number($_POST['mb_hp']);
 if ($mb_hp) {
    $result = exist_mb_hp($mb_hp, $mb_id);
-    if ($result)
+    if ($result) {
        alert($result);
    }
 }
 // 인증정보처리
 if ($mb_certify_case && $mb_certify) {
-    $mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : '';
+    $mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', (string)$_POST['mb_certify_case']) : '';
-    $mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_adult']) : '';
+    $mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', (string)$_POST['mb_adult']) : '';
 } else {
    $mb_certify = '';
    $mb_adult = 0;
@ -39,7 +51,9 @@ $mb_zip2 = substr($mb_zip, 3);
 $mb_email = isset($_POST['mb_email']) ? get_email_address(trim($_POST['mb_email'])) : '';
 $mb_nick = isset($_POST['mb_nick']) ? trim(strip_tags($_POST['mb_nick'])) : '';
-if ($msg = valid_mb_nick($mb_nick))     alert($msg, "", true, true);
+if ($msg = valid_mb_nick($mb_nick)) {
    alert($msg, "", true, true);
 }
 $posts = array();
 $check_keys = array(
@ -65,8 +79,12 @@ for($i=1;$i<=10;$i++){
 }
 foreach ($check_keys as $key) {
    if( in_array($key, array('mb_signature', 'mb_profile')) ){
        $posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1, 0, 0) : '';
    } else {
        $posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
    }
 }
 $mb_memo = isset($_POST['mb_memo']) ? $_POST['mb_memo'] : '';
@ -104,63 +122,70 @@ $sql_common = "  mb_name = '{$posts['mb_name']}',
                 mb_9 = '{$posts['mb_9']}',
                 mb_10 = '{$posts['mb_10']}' ";
-if ($w == '')
+if ($w == '') {
 {
    $mb = get_member($mb_id);
-    if (isset($mb['mb_id']) && $mb['mb_id'])
+    if (isset($mb['mb_id']) && $mb['mb_id']) {
        alert('이미 존재하는 회원아이디입니다.\\nＩＤ : ' . $mb['mb_id'] . '\\n이름 : ' . $mb['mb_name'] . '\\n닉네임 : ' . $mb['mb_nick'] . '\\n메일 : ' . $mb['mb_email']);
    }
    // 닉네임중복체크
    $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' ";
    $row = sql_fetch($sql);
-    if (isset($row['mb_id']) && $row['mb_id'])
+    if (isset($row['mb_id']) && $row['mb_id']) {
        alert('이미 존재하는 닉네임입니다.\\nＩＤ : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
    }
    // 이메일중복체크
    $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' ";
    $row = sql_fetch($sql);
-    if (isset($row['mb_id']) && $row['mb_id'])
+    if (isset($row['mb_id']) && $row['mb_id']) {
        alert('이미 존재하는 이메일입니다.\\nＩＤ : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
    }
    sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '" . get_encrypt_string($mb_password) . "', mb_datetime = '" . G5_TIME_YMDHIS . "', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '" . G5_TIME_YMDHIS . "', {$sql_common} ");
-}
+} elseif ($w == 'u') {
 else if ($w == 'u')
 {
    $mb = get_member($mb_id);
-    if (! (isset($mb['mb_id']) && $mb['mb_id']))
+    if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
        alert('존재하지 않는 회원자료입니다.');
    }
-    if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level'])
+    if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
        alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
    }
    if ($is_admin !== 'super' && is_admin($mb['mb_id']) === 'super') {
        alert('최고관리자의 비밀번호를 수정할수 없습니다.');
    }
-    if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level'])
+    if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level']) {
        alert($mb['mb_id'] . ' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.');
    }
    // 닉네임중복체크
    $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' and mb_id <> '$mb_id' ";
    $row = sql_fetch($sql);
-    if (isset($row['mb_id']) && $row['mb_id'])
+    if (isset($row['mb_id']) && $row['mb_id']) {
        alert('이미 존재하는 닉네임입니다.\\nＩＤ : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
    }
    // 이메일중복체크
    $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' and mb_id <> '$mb_id' ";
    $row = sql_fetch($sql);
-    if (isset($row['mb_id']) && $row['mb_id'])
+    if (isset($row['mb_id']) && $row['mb_id']) {
        alert('이미 존재하는 이메일입니다.\\nＩＤ : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
    }
-    if ($mb_password)
+    if ($mb_password) {
        $sql_password = " , mb_password = '" . get_encrypt_string($mb_password) . "' ";
-    else
+    } else {
        $sql_password = "";
    }
-    if (isset($passive_certify) && $passive_certify)
+    if (isset($passive_certify) && $passive_certify) {
        $sql_certify = " , mb_email_certify = '" . G5_TIME_YMDHIS . "' ";
-    else
+    } else {
        $sql_certify = "";
    }
    $sql = " update {$g5['member_table']}
                set {$sql_common}
@ -168,18 +193,18 @@ else if ($w == 'u')
                     {$sql_certify}
                where mb_id = '{$mb_id}' ";
    sql_query($sql);
-}
+} else {
 else
    alert('제대로 된 값이 넘어오지 않았습니다.');
 }
 if ($w == '' || $w == 'u') {
    $mb_dir = substr($mb_id, 0, 2);
    $mb_icon_img = get_mb_icon_name($mb_id) . '.gif';
    // 회원 아이콘 삭제
-    if (isset($del_mb_icon) && $del_mb_icon)
+    if (isset($del_mb_icon) && $del_mb_icon) {
        @unlink(G5_DATA_PATH . '/member/' . $mb_dir . '/' . $mb_icon_img);
    }
    $image_regex = "/(\.(gif|jpe?g|png))$/i";
@ -201,6 +226,7 @@ if( $w == '' || $w == 'u' ){
            if (file_exists($dest_path)) {
                $size = @getimagesize($dest_path);
                if ($size) {
                    if ($size[0] > $config['cf_member_icon_width'] || $size[1] > $config['cf_member_icon_height']) {
                        $thumb = null;
                        if ($size[2] === 2 || $size[2] === 3) {
@ -219,6 +245,7 @@ if( $w == '' || $w == 'u' ){
                }
            }
        }
    }
    $mb_img_dir = G5_DATA_PATH . '/member_image/';
    if (!is_dir($mb_img_dir)) {
@ -228,8 +255,9 @@ if( $w == '' || $w == 'u' ){
    $mb_img_dir .= substr($mb_id, 0, 2);
    // 회원 이미지 삭제
-    if (isset($del_mb_img) && $del_mb_img)
+    if (isset($del_mb_img) && $del_mb_img) {
        @unlink($mb_img_dir . '/' . $mb_icon_img);
    }
    // 아이콘 업로드
    if (isset($_FILES['mb_img']) && is_uploaded_file($_FILES['mb_img']['tmp_name'])) {
@ -248,6 +276,7 @@ if( $w == '' || $w == 'u' ){
            if (file_exists($dest_path)) {
                $size = @getimagesize($dest_path);
                if ($size) {
                    if ($size[0] > $config['cf_member_img_width'] || $size[1] > $config['cf_member_img_height']) {
                        $thumb = null;
                        if ($size[2] === 2 || $size[2] === 3) {
@ -267,6 +296,11 @@ if( $w == '' || $w == 'u' ){
            }
        }
    }
 }
 if (function_exists('get_admin_captcha_by')) {
    get_admin_captcha_by('remove');
 }
 run_event('admin_member_form_update', $w, $mb_id);
--- a/adm/member_list.php
+++ b/adm/member_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200100";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -27,8 +27,9 @@ if ($stx) {
    $sql_search .= " ) ";
 }
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    $sql_search .= " and mb_level <= '{$member['mb_level']}' ";
 }
 if (!$sst) {
    $sst = "mb_datetime";
@ -43,7 +44,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 // 탈퇴회원수
@ -59,7 +62,7 @@ $intercept_count = $row['cnt'];
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
 $g5['title'] = '회원관리';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
@ -150,8 +153,9 @@ $colspan = 16;
                    $sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
                    $row2 = sql_fetch($sql2);
                    $group = '';
-        if ($row2['cnt'])
+                    if ($row2['cnt']) {
                        $group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
                    }
                    if ($is_admin == 'group') {
                        $s_mod = '';
@ -172,14 +176,14 @@ $colspan = 16;
                    if ($row['mb_leave_date']) {
                        $mb_id = $mb_id;
                        $leave_msg = '<span class="mb_leave_msg">탈퇴함</span>';
-        }
+                    } elseif ($row['mb_intercept_date']) {
        else if ($row['mb_intercept_date']) {
                        $mb_id = $mb_id;
                        $intercept_msg = '<span class="mb_intercept_msg">차단됨</span>';
                        $intercept_title = '차단해제';
                    }
-        if ($intercept_title == '')
+                    if ($intercept_title == '') {
                        $intercept_title = '차단하기';
                    }
                    $address = $row['mb_zip1'] ? print_address($row['mb_addr1'], $row['mb_addr2'], $row['mb_addr3'], $row['mb_addr_jibeon']) : '';
@ -221,10 +225,11 @@ $colspan = 16;
                            //소셜계정이 있다면
                            if (function_exists('social_login_link_account')) {
                                if ($my_social_accounts = social_login_link_account($row['mb_id'], false, 'get_data')) {
                                    echo '<div class="member_social_provider sns-wrap-over sns-wrap-32">';
                                    foreach ((array) $my_social_accounts as $account) {     //반복문
-                        if( empty($account) || empty($account['provider']) ) continue;
+                                        if (empty($account) || empty($account['provider'])) {
                                            continue;
                                        }
                                        $provider = strtolower($account['provider']);
                                        $provider_name = social_get_provider_service_name($provider);
@ -258,8 +263,11 @@ $colspan = 16;
                        </td>
                        <td headers="mb_list_auth" class="td_mbstat">
                            <?php
-            if ($leave_msg || $intercept_msg) echo $leave_msg.' '.$intercept_msg;
+                            if ($leave_msg || $intercept_msg) {
-            else echo "정상";
+                                echo $leave_msg . ' ' . $intercept_msg;
                            } else {
                                echo "정상";
                            }
                            ?>
                        </td>
                        <td headers="mb_list_mobile" class="td_tel"><?php echo get_text($row['mb_hp']); ?></td>
@ -269,7 +277,9 @@ $colspan = 16;
                    </tr>
                    <tr class="<?php echo $bg; ?>">
                        <td headers="mb_list_name" class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
-        <td headers="mb_list_nick" class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
+                        <td headers="mb_list_nick" class="td_name sv_use">
                            <div><?php echo $mb_nick ?></div>
                        </td>
                        <td headers="mb_list_sms">
                            <label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
@ -296,8 +306,9 @@ $colspan = 16;
                <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
                    echo "<tr><td colspan=\"" . $colspan . "\" class=\"empty_table\">자료가 없습니다.</td></tr>";
                }
                ?>
            </tbody>
        </table>
@ -318,8 +329,7 @@ $colspan = 16;
 <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, '?' . $qstr . '&amp;page='); ?>
 <script>
-function fmemberlist_submit(f)
+    function fmemberlist_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -336,4 +346,4 @@ function fmemberlist_submit(f)
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/member_list_delete.php
+++ b/adm/member_list_delete.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200100";
-include_once("./_common.php");
+require_once "./_common.php";
 check_demo();
@ -9,8 +9,7 @@ auth_check_menu($auth, $sub_menu, "d");
 check_admin_token();
 $msg = "";
-for ($i=0; $i<count($chk); $i++)
+for ($i = 0; $i < count($chk); $i++) {
 {
    // 실제 번호를 넘김
    $k = $_POST['chk'][$i];
@ -30,7 +29,8 @@ for ($i=0; $i<count($chk); $i++)
    }
 }
-if ($msg)
+if ($msg) {
    echo "<script type='text/javascript'> alert('$msg'); </script>";
 }
 goto_url("./member_list.php?$qstr");
--- a/adm/member_list_update.php
+++ b/adm/member_list_update.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200100";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -16,9 +16,7 @@ $mb_datas = array();
 $msg = '';
 if ($_POST['act_button'] == "선택수정") {
-
+    for ($i = 0; $i < count($_POST['chk']); $i++) {
    for ($i=0; $i<count($_POST['chk']); $i++)
    {
        // 실제 번호를 넘김
        $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -38,10 +36,11 @@ if ($_POST['act_button'] == "선택수정") {
        } elseif ($member['mb_id'] == $mb['mb_id']) {
            $msg .= $mb['mb_id'] . ' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n';
        } else {
-            if($post_mb_certify)
+            if ($post_mb_certify) {
                $mb_adult = isset($_POST['mb_adult'][$k]) ? (int) $_POST['mb_adult'][$k] : 0;
-            else
+            } else {
                $mb_adult = 0;
            }
            $sql = " update {$g5['member_table']}
                        set mb_level = '" . $post_mb_level . "',
@ -55,11 +54,8 @@ if ($_POST['act_button'] == "선택수정") {
            sql_query($sql);
        }
    }
 } elseif ($_POST['act_button'] == "선택삭제") {
-
+    for ($i = 0; $i < count($_POST['chk']); $i++) {
    for ($i=0; $i<count($_POST['chk']); $i++)
    {
        // 실제 번호를 넘김
        $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -80,9 +76,10 @@ if ($_POST['act_button'] == "선택수정") {
    }
 }
-if ($msg)
+if ($msg) {
    //echo '<script> alert("'.$msg.'"); </script>';
    alert($msg);
 }
 run_event('admin_member_list_update', $_POST['act_button'], $mb_datas);
--- a/adm/menu_form.php
+++ b/adm/menu_form.php
@ -1,22 +1,24 @@
 <?php
 $sub_menu = "100290";
-include_once('./_common.php');
+require_once './_common.php';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert_close('최고관리자만 접근 가능합니다.');
 }
 $g5['title'] = '메뉴 추가';
-include_once(G5_PATH.'/head.sub.php');
+require_once G5_PATH . '/head.sub.php';
 $new    = isset($_GET['new']) ? clean_xss_tags($_GET['new'], 1, 1) : '';
-$code = isset($_GET['code']) ? preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : '';
+$code   = isset($_GET['code']) ? (string)preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : '';
 // 코드
 if ($new == 'new' || !$code) {
-    $code = base_convert(substr($code,0, 2), 36, 10);
+    $code = (int)base_convert(substr($code, 0, 2), 36, 10);
    $code += 36;
-    $code = base_convert($code, 10, 36);
+    $code = base_convert((string)$code, 10, 36);
 }
 ?>
 <div id="menu_frm" class="new_win">
@ -78,8 +80,9 @@ $(function() {
            var dfd = new $.Deferred();
            $("#menu_result").empty().load(
-            "./menu_form_search.php",
+                "./menu_form_search.php", {
-            { type : type },
+                    type: type
                },
                function() {
                    dfd.resolve('Finished');
                }
@ -114,8 +117,7 @@ $(function() {
        });
    });
-function add_menu_list(name, link, code)
+    function add_menu_list(name, link, code) {
 {
        var $menulist = $("#menulist", opener.document);
        var ms = new Date().getTime();
        var sub_menu_class;
@ -194,4 +196,4 @@ function add_menu_list(name, link, code)
 </script>
 <?php
-include_once(G5_PATH.'/tail.sub.php');
+require_once G5_PATH . '/tail.sub.php';
--- a/adm/menu_form_search.php
+++ b/adm/menu_form_search.php
@ -1,8 +1,9 @@
 <?php
-include_once('./_common.php');
+require_once './_common.php';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    die('최고관리자만 접근 가능합니다.');
 }
 $type = isset($_REQUEST['type']) ? preg_replace('/[^0-9a-z_]/i', '', $_REQUEST['type']) : '';
@ -32,7 +33,6 @@ if($sql) {
    for ($i = 0; $row = sql_fetch_array($result); $i++) {
        if ($i == 0) {
            $bbs_subject_title = ($type == 'board') ? '게시판제목' : '제목';
            ?>
@ -96,7 +96,6 @@ if($sql) {
 </div>
 <?php } else { ?>
 <div class="tbl_frm01 tbl_wrap">
    <table>
        <colgroup>
--- a/adm/menu_list.php
+++ b/adm/menu_list.php
@ -1,9 +1,10 @@
 <?php
 $sub_menu = "100290";
-include_once('./_common.php');
+require_once './_common.php';
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 // 메뉴테이블 생성
 if (!isset($g5['menu_table'])) {
@ -11,7 +12,8 @@ if( !isset($g5['menu_table']) ){
 }
 if (!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['menu_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['menu_table']}` (
                  `me_id` int(11) NOT NULL AUTO_INCREMENT,
                  `me_code` varchar(255) NOT NULL DEFAULT '',
                  `me_name` varchar(255) NOT NULL DEFAULT '',
@ -21,14 +23,16 @@ if(!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
                  `me_use` tinyint(4) NOT NULL DEFAULT '0',
                  `me_mobile_use` tinyint(4) NOT NULL DEFAULT '0',
                  PRIMARY KEY (`me_id`)
-                ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
+                ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
        true
    );
 }
 $sql = " select * from {$g5['menu_table']} order by me_id ";
 $result = sql_query($sql);
 $g5['title'] = "메뉴설정";
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 7;
 $sub_menu_info = '';
@ -59,8 +63,7 @@ $sub_menu_info = '';
            </thead>
            <tbody>
                <?php
-    for ($i=0; $row=sql_fetch_array($result); $i++)
+                for ($i = 0; $row = sql_fetch_array($result); $i++) {
    {
                    $bg = 'bg' . ($i % 2);
                    $sub_menu_class = '';
                    if (strlen($row['me_code']) == 4) {
@ -118,8 +121,9 @@ $sub_menu_info = '';
                <?php
                }
-    if ($i==0)
+                if ($i == 0) {
                    echo '<tr id="empty_menu_list"><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -163,8 +167,7 @@ $(function() {
        });
    });
-function add_menu()
+    function add_menu() {
 {
        var max_code = base_convert(0, 10, 36);
        $("#menulist tr.menu_list").each(function() {
            var me_code = $(this).find("input[name='code[]']").val().substr(0, 2);
@ -177,8 +180,7 @@ function add_menu()
        return false;
    }
-function add_submenu(code)
+    function add_submenu(code) {
 {
        var url = "./menu_form.php?code=" + code;
        window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
        return false;
@ -195,8 +197,7 @@ function base_convert(number, frombase, tobase) {
            .toString(tobase | 0);
    }
-function fmenulist_submit(f)
+    function fmenulist_submit(f) {
 {
        var me_links = document.getElementsByName('me_link[]');
        var reg = /^javascript/;
@ -216,4 +217,4 @@ function fmenulist_submit(f)
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/menu_list_update.php
+++ b/adm/menu_list_update.php
@ -1,11 +1,12 @@
 <?php
 $sub_menu = "100290";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
-if ($is_admin != 'super')
+if ($is_admin != 'super') {
    alert('최고관리자만 접근 가능합니다.');
 }
 check_admin_token();
@ -17,8 +18,7 @@ $group_code = null;
 $primary_code = null;
 $count = isset($_POST['code']) ? count($_POST['code']) : 0;
-for ($i=0; $i<$count; $i++)
+for ($i = 0; $i < $count; $i++) {
 {
    $_POST = array_map_deep('trim', $_POST);
    if (preg_match('/^javascript/i', preg_replace('/[ ]{1,}|[\t]/', '', $_POST['me_link'][$i]))) {
@ -32,8 +32,9 @@ for ($i=0; $i<$count; $i++)
    $me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : '';
    $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags(clean_xss_attributes($_POST['me_link'][$i]));
-    if(!$code || !$me_name || !$me_link)
+    if (!$code || !$me_name || !$me_link) {
        continue;
    }
    $sub_code = '';
    if ($group_code == $code) {
@ -42,9 +43,9 @@ for ($i=0; $i<$count; $i++)
                    where SUBSTRING(me_code,1,2) = '$primary_code' ";
        $row = sql_fetch($sql);
-        $sub_code = base_convert($row['max_me_code'], 36, 10);
+        $sub_code = (int)base_convert($row['max_me_code'], 36, 10);
        $sub_code += 36;
-        $sub_code = base_convert($sub_code, 10, 36);
+        $sub_code = base_convert((string)$sub_code, 10, 36);
        $me_code = $primary_code . $sub_code;
    } else {
@ -53,9 +54,9 @@ for ($i=0; $i<$count; $i++)
                    where LENGTH(me_code) = '2' ";
        $row = sql_fetch($sql);
-        $me_code = base_convert($row['max_me_code'], 36, 10);
+        $me_code = (int)base_convert($row['max_me_code'], 36, 10);
        $me_code += 36;
-        $me_code = base_convert($me_code, 10, 36);
+        $me_code = base_convert((string)$me_code, 10, 36);
        $group_code = $code;
        $primary_code = $me_code;
--- a/adm/newwinform.php
+++ b/adm/newwinform.php
@ -1,11 +1,11 @@
 <?php
 $sub_menu = '100310';
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_EDITOR_LIB);
+require_once G5_EDITOR_LIB;
 auth_check_menu($auth, $sub_menu, "w");
-$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
+$nw_id = isset($_REQUEST['nw_id']) ? (string)preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
 $nw = array(
    'nw_begin_time' => '',
    'nw_end_time' => '',
@ -20,15 +20,14 @@ $html_title = "팝업레이어";
 $sql = " ALTER TABLE `{$g5['new_win_table']}` ADD `nw_division` VARCHAR(10) NOT NULL DEFAULT 'both' ";
 sql_query($sql, false);
-if ($w == "u")
+if ($w == "u") {
 {
    $html_title .= " 수정";
    $sql = " select * from {$g5['new_win_table']} where nw_id = '$nw_id' ";
    $nw = sql_fetch($sql);
-    if (! (isset($nw['nw_id']) && $nw['nw_id'])) alert("등록된 자료가 없습니다.");
+    if (!(isset($nw['nw_id']) && $nw['nw_id'])) {
        alert("등록된 자료가 없습니다.");
    }
-else
+} else {
 {
    $html_title .= " 입력";
    $nw['nw_device'] = 'both';
    $nw['nw_disable_hours'] = 24;
@ -40,7 +39,7 @@ else
 }
 $g5['title'] = $html_title;
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 ?>
 <form name="frmnewwin" action="./newwinformupdate.php" onsubmit="return frmnewwin_check(this);" method="post">
@ -152,8 +151,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
 </form>
 <script>
-function frmnewwin_check(f)
+    function frmnewwin_check(f) {
 {
        errmsg = "";
        errfld = "";
@ -171,4 +169,4 @@ function frmnewwin_check(f)
 </script>
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/newwinformupdate.php
+++ b/adm/newwinformupdate.php
@ -1,16 +1,18 @@
 <?php
 $sub_menu = '100310';
-include_once('./_common.php');
+require_once './_common.php';
-$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
+$nw_id = isset($_REQUEST['nw_id']) ? (string)preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
-if ($w == "u" || $w == "d")
+if ($w == "u" || $w == "d") {
    check_demo();
 }
-if ($w == 'd')
+if ($w == 'd') {
    auth_check_menu($auth, $sub_menu, "d");
-else
+} else {
    auth_check_menu($auth, $sub_menu, "w");
 }
 check_admin_token();
@ -54,29 +56,21 @@ $sql_common = " nw_device = '{$posts['nw_device']}',
                nw_content = '{$posts['nw_content']}',
                nw_content_html = '{$posts['nw_content_html']}' ";
-if($w == "")
+if ($w == "") {
 {
    $sql = " insert {$g5['new_win_table']} set $sql_common ";
    sql_query($sql);
    $nw_id = sql_insert_id();
-}
+} elseif ($w == "u") {
 else if ($w == "u")
 {
    $sql = " update {$g5['new_win_table']} set $sql_common where nw_id = '$nw_id' ";
    sql_query($sql);
-}
+} elseif ($w == "d") {
 else if ($w == "d")
 {
    $sql = " delete from {$g5['new_win_table']} where nw_id = '$nw_id' ";
    sql_query($sql);
 }
-if ($w == "d")
+if ($w == "d") {
 {
    goto_url('./newwinlist.php');
-}
+} else {
 else
 {
    goto_url("./newwinform.php?w=u&amp;nw_id=$nw_id");
 }
--- a/adm/newwinlist.php
+++ b/adm/newwinlist.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '100310';
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, "r");
@ -12,7 +12,8 @@ if(!sql_query(" DESCRIBE {$g5['new_win_table']} ", false)) {
    if (sql_query(" DESCRIBE {$g5['g5_shop_new_win_table']} ", false)) {
        sql_query(" ALTER TABLE {$g5['g5_shop_new_win_table']} RENAME TO `{$g5['new_win_table']}` ;", false);
    } else {
-       $query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['new_win_table']}` (
+        $query_cp = sql_query(
            " CREATE TABLE IF NOT EXISTS `{$g5['new_win_table']}` (
                      `nw_id` int(11) NOT NULL AUTO_INCREMENT,
                      `nw_division` varchar(10) NOT NULL DEFAULT 'both',
                      `nw_device` varchar(10) NOT NULL DEFAULT 'both',
@ -27,12 +28,14 @@ if(!sql_query(" DESCRIBE {$g5['new_win_table']} ", false)) {
                      `nw_content` text NOT NULL,
                      `nw_content_html` tinyint(4) NOT NULL DEFAULT '0',
                      PRIMARY KEY (`nw_id`)
-                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
+                    ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
            true
        );
    }
 }
 $g5['title'] = '팝업레이어 관리';
-include_once (G5_ADMIN_PATH.'/admin.head.php');
+require_once G5_ADMIN_PATH . '/admin.head.php';
 $sql_common = " from {$g5['new_win_table']} ";
@ -115,4 +118,4 @@ $result = sql_query($sql);
 <?php
-include_once (G5_ADMIN_PATH.'/admin.tail.php');
+require_once G5_ADMIN_PATH . '/admin.tail.php';
--- a/adm/phpinfo.php
+++ b/adm/phpinfo.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "100500";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
--- a/adm/point_list.php
+++ b/adm/point_list.php
@ -1,10 +1,10 @@
 <?php
 $sub_menu = "200200";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
-$sql_common = " from {$g5['point_table']} ";
+$sql_common = " from {$g5['point_table']} po";
 $sql_search = " where (1) ";
@ -12,7 +12,7 @@ if ($stx) {
    $sql_search .= " and ( ";
    switch ($sfl) {
        case 'mb_id':
-            $sql_search .= " ({$sfl} = '{$stx}') ";
+            $sql_search .= " (po.{$sfl} = '{$stx}') ";
            break;
        default:
            $sql_search .= " ({$sfl} like '%{$stx}%') ";
@ -36,11 +36,14 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
-$sql = " select *
+$sql = " select po.*, mb.mb_name, mb.mb_nick, mb.mb_email, mb.mb_homepage, mb.mb_point
            {$sql_common}
            LEFT JOIN {$g5['member_table']} mb ON po.mb_id = mb.mb_id 
            {$sql_search}
            {$sql_order}
            limit {$from_record}, {$rows} ";
@ -49,11 +52,12 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
 $mb = array();
-if ($sfl == 'mb_id' && $stx)
+if ($sfl == 'mb_id' && $stx) {
    $mb = get_member($stx);
 }
 $g5['title'] = '포인트관리';
-include_once ('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 9;
@ -62,10 +66,11 @@ if($config['cf_point_term'] > 0) {
    $po_expire_term = $config['cf_point_term'];
 }
-if (strstr($sfl, "mb_id"))
+if (strstr($sfl, "mb_id")) {
    $mb_id = $stx;
-else
+} else {
    $mb_id = "";
 }
 ?>
 <div class="local_ov01 local_ov">
@ -122,12 +127,7 @@ else
            <tbody>
                <?php
                for ($i = 0; $row = sql_fetch_array($result); $i++) {
-        if ($i==0 || ($row2['mb_id'] != $row['mb_id'])) {
+                    $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
            $sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
            $row2 = sql_fetch($sql2);
        }
        $mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
                    $link1 = $link2 = '';
                    if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
@ -136,8 +136,9 @@ else
                    }
                    $expr = '';
-        if($row['po_expired'] == 1)
+                    if ($row['po_expired'] == 1) {
                        $expr = ' txt_expired';
                    }
                    $bg = 'bg' . ($i % 2);
                ?>
@ -150,15 +151,19 @@ else
                            <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
                        </td>
                        <td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
-        <td class="td_left"><?php echo get_text($row2['mb_name']); ?></td>
+                        <td class="td_left"><?php echo get_text($row['mb_name']); ?></td>
-        <td class="td_left sv_use"><div><?php echo $mb_nick ?></div></td>
+                        <td class="td_left sv_use">
                            <div><?php echo $mb_nick ?></div>
                        </td>
                        <td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
                        <td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
                        <td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
                        <td class="td_datetime2<?php echo $expr; ?>">
                            <?php if ($row['po_expired'] == 1) { ?>
                                만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?>
-            <?php } else echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date']; ?>
+                            <?php } else {
                                echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date'];
                            } ?>
                        </td>
                        <td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td>
                    </tr>
@ -166,8 +171,9 @@ else
                <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -230,8 +236,7 @@ else
 </section>
 <script>
-function fpointlist_submit(f)
+    function fpointlist_submit(f) {
 {
        if (!is_checked("chk[]")) {
            alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
            return false;
@ -248,4 +253,4 @@ function fpointlist_submit(f)
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/point_list_delete.php
+++ b/adm/point_list_delete.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = '200200';
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -9,11 +9,11 @@ auth_check_menu($auth, $sub_menu, 'd');
 check_admin_token();
 $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
-if(!$count)
+if (!$count) {
    alert($_POST['act_button'] . ' 하실 항목을 하나 이상 체크하세요.');
 }
-for ($i=0; $i<$count; $i++)
+for ($i = 0; $i < $count; $i++) {
 {
    // 실제 번호를 넘김
    $k = $_POST['chk'][$i];
    $po_id = (int) $_POST['po_id'][$k];
@ -23,17 +23,19 @@ for ($i=0; $i<$count; $i++)
    $sql = " select * from {$g5['point_table']} where po_id = '{$po_id}' ";
    $row = sql_fetch($sql);
-    if(!$row['po_id'])
+    if (!$row['po_id']) {
        continue;
    }
    if ($row['po_point'] < 0) {
        $mb_id = $row['mb_id'];
        $po_point = abs($row['po_point']);
-        if($row['po_rel_table'] == '@expire')
+        if ($row['po_rel_table'] == '@expire') {
            delete_expire_point($mb_id, $po_point);
-        else
+        } else {
            delete_use_point($mb_id, $po_point);
        }
    } else {
        if ($row['po_use_point'] > 0) {
            insert_use_point($row['mb_id'], $row['po_use_point'], $row['po_id']);
--- a/adm/point_update.php
+++ b/adm/point_update.php
@ -1,23 +1,25 @@
 <?php
 $sub_menu = "200200";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
 check_admin_token();
 $mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : '';
-$po_point = isset($_POST['po_point']) ? strip_tags(clean_xss_attributes($_POST['po_point'])) : 0;
+$po_point = isset($_POST['po_point']) ? (int)strip_tags(clean_xss_attributes($_POST['po_point'])) : 0;
 $po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : '';
 $expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : '';
 $mb = get_member($mb_id);
-if (!$mb['mb_id'])
+if (!$mb['mb_id']) {
    alert('존재하는 회원아이디가 아닙니다.', './point_list.php?' . $qstr);
 }
-if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point']))
+if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) {
    alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?' . $qstr);
 }
 insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'] . '-' . uniqid(''), $expire);
--- a/adm/poll_delete.php
+++ b/adm/poll_delete.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200900";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -10,8 +10,9 @@ check_admin_token();
 $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
-if(!$count)
+if (!$count) {
    alert('삭제할 투표목록을 1개이상 선택해 주세요.');
 }
 for ($i = 0; $i < $count; $i++) {
    $po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
--- a/adm/poll_form.php
+++ b/adm/poll_form.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200900";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'w');
@ -13,17 +13,18 @@ $po = array(
 );
 $html_title = '투표';
-if ($w == '')
+if ($w == '') {
    $html_title .= ' 생성';
-else if ($w == 'u')  {
+} elseif ($w == 'u') {
    $html_title .= ' 수정';
    $sql = " select * from {$g5['poll_table']} where po_id = '{$po_id}' ";
    $po = sql_fetch($sql);
-} else
+} else {
    alert('w 값이 제대로 넘어오지 않았습니다.');
 }
 $g5['title'] = $html_title;
-include_once('./admin.head.php');
+require_once './admin.head.php';
 ?>
 <form name="fpoll" id="fpoll" action="./poll_form_update.php" method="post" enctype="multipart/form-data">
@ -49,6 +50,7 @@ include_once('./admin.head.php');
                <?php
                for ($i = 1; $i <= 9; $i++) {
                    $required = '';
                    $sound_only = '';
                    if ($i == 1 || $i == 2) {
                        $required = 'required';
                        $sound_only = '<strong class="sound_only">필수</strong>';
@ -118,4 +120,4 @@ include_once('./admin.head.php');
 </form>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/poll_form_update.php
+++ b/adm/poll_form_update.php
@ -1,10 +1,11 @@
 <?php
 $sub_menu = "200900";
-include_once('./_common.php');
+require_once './_common.php';
 $w = $_POST['w'];
-if ($w == 'u' || $w == 'd')
+if ($w == 'u' || $w == 'd') {
    check_demo();
 }
 auth_check_menu($auth, $sub_menu, 'w');
@ -37,24 +38,25 @@ $check_keys = array(
 );
 foreach ($_POST as $key => $value) {
-    if( empty($value) ) continue;
+    if (empty($value)) {
        continue;
    }
    if (in_array($key, $check_keys)) {
        $_POST[$key] = strip_tags(clean_xss_attributes($value));
    }
 }
-if ($w == '')
+$po_id = isset($_POST['po_id']) ? $_POST['po_id'] : '';
-{
+
 if ($w == '') {
    $sql = " insert {$g5['poll_table']}
                    ( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date )
             values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '" . G5_TIME_YMD . "' ) ";
    sql_query($sql);
    $po_id = sql_insert_id();
-}
+} elseif ($w == 'u') {
 else if ($w == 'u')
 {
    $sql = " update {$g5['poll_table']}
                set po_subject = '{$_POST['po_subject']}',
                     po_poll1 = '{$_POST['po_poll1']}',
@ -80,9 +82,7 @@ else if ($w == 'u')
                     po_point = '{$_POST['po_point']}'
                where po_id = '{$_POST['po_id']}' ";
    sql_query($sql);
-}
+} elseif ($w == 'd') {
 else if ($w == 'd')
 {
    $sql = " delete from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' ";
    sql_query($sql);
@ -96,7 +96,8 @@ else if ($w == 'd')
 $row = sql_fetch(" select max(po_id) as max_po_id from {$g5['poll_table']} ");
 sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']}' ");
-if ($w == 'd')
+if ($w == 'd') {
    goto_url('./poll_list.php?' . $qstr);
-else
+} else {
    goto_url('./poll_form.php?w=u&po_id=' . $po_id . '&amp;' . $qstr);
 }
--- a/adm/poll_list.php
+++ b/adm/poll_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "200900";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -32,7 +32,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
 }
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select *
@ -45,7 +47,7 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
 $g5['title'] = '투표관리';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 7;
 ?>
@ -121,8 +123,9 @@ $colspan = 7;
                    <?php
                }
-    if ($i==0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -154,4 +157,4 @@ $(function() {
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/popular_list.php
+++ b/adm/popular_list.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "300300";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
@ -47,7 +47,9 @@ $total_count = $row['cnt'];
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1;
 } // 페이지가 없으면 첫 페이지 (1 페이지)
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select *
@ -60,7 +62,7 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
 $g5['title'] = '인기검색어관리';
-include_once('./admin.head.php');
+require_once './admin.head.php';
 $colspan = 4;
 ?>
@ -113,11 +115,9 @@ var list_delete_php = 'popular_list.php';
            <tbody>
                <?php
                for ($i = 0; $row = sql_fetch_array($result); $i++) {
                    $word = get_text($row['pp_word']);
                    $bg = 'bg' . ($i % 2);
                ?>
                    <tr class="<?php echo $bg; ?>">
                        <td class="td_chk">
                            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label>
@ -127,12 +127,12 @@ var list_delete_php = 'popular_list.php';
                        <td><?php echo $row['pp_date'] ?></td>
                        <td><?php echo $row['pp_ip'] ?></td>
                    </tr>
                <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -167,4 +167,4 @@ $(function() {
 </script>
 <?php
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/popular_rank.php
+++ b/adm/popular_rank.php
@ -1,14 +1,18 @@
 <?php
 $sub_menu = "300400";
-include_once('./_common.php');
+require_once './_common.php';
 auth_check_menu($auth, $sub_menu, 'r');
 $fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : '';
 $to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : '';
-if (empty($fr_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date) ) $fr_date = G5_TIME_YMD;
+if (empty($fr_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date)) {
-if (empty($to_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date) ) $to_date = G5_TIME_YMD;
+    $fr_date = G5_TIME_YMD;
 }
 if (empty($to_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date)) {
    $to_date = G5_TIME_YMD;
 }
 $qstr = "fr_date={$fr_date}&amp;to_date={$to_date}";
@ -23,7 +27,9 @@ $total_count = sql_num_rows($result);
 $rows = $config['cf_page_rows'];
 $total_page  = ceil($total_count / $rows);  // 전체 페이지 계산
-if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
+if ($page < 1) {
    $page = 1;
 } // 페이지가 없으면 첫 페이지 (1 페이지)
 $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} ";
@ -32,15 +38,22 @@ $result = sql_query($sql);
 $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
 $g5['title'] = '인기검색어순위';
-include_once('./admin.head.php');
+require_once './admin.head.php';
-include_once(G5_PLUGIN_PATH.'/jquery-ui/datepicker.php');
+require_once G5_PLUGIN_PATH . '/jquery-ui/datepicker.php';
 $colspan = 3;
 ?>
 <script>
    $(function() {
-    $("#fr_date, #to_date").datepicker({ changeMonth: true, changeYear: true, dateFormat: "yy-mm-dd", showButtonPanel: true, yearRange: "c-99:c+99", maxDate: "+0d" });
+        $("#fr_date, #to_date").datepicker({
            changeMonth: true,
            changeYear: true,
            dateFormat: "yy-mm-dd",
            showButtonPanel: true,
            yearRange: "c-99:c+99",
            maxDate: "+0d"
        });
    });
 </script>
@ -82,23 +95,20 @@ $(function(){
            <tbody>
                <?php
                for ($i = 0; $row = sql_fetch_array($result); $i++) {
                    $word = get_text($row['pp_word']);
                    $rank = ($i + 1 + ($rows * ($page - 1)));
                    ?>
                    <tr>
                        <td class="td_num"><?php echo $rank ?></td>
                        <td class="td_left"><?php echo $word ?></td>
                        <td class="td_num"><?php echo $row['cnt'] ?></td>
                    </tr>
                    <?php
                }
-    if ($i == 0)
+                if ($i == 0) {
                    echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
                }
                ?>
            </tbody>
        </table>
@ -109,4 +119,4 @@ $(function(){
 <?php
 echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page=");
-include_once('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/qa_config.php
+++ b/adm/qa_config.php
@ -1,16 +1,17 @@
 <?php
 $sub_menu = "300500";
-include_once('./_common.php');
+require_once './_common.php';
-include_once(G5_EDITOR_LIB);
+require_once G5_EDITOR_LIB;
 auth_check_menu($auth, $sub_menu, 'r');
 $g5['title'] = '1:1문의 설정';
-include_once ('./admin.head.php');
+require_once './admin.head.php';
 // DB 테이블 생성
 if (!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` (
+    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` (
                  `qa_title` varchar(255) NOT NULL DEFAULT'',
                  `qa_category` varchar(255) NOT NULL DEFAULT'',
                  `qa_skin` varchar(255) NOT NULL DEFAULT '',
@ -46,8 +47,11 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
                  `qa_3` varchar(255) NOT NULL DEFAULT '',
                  `qa_4` varchar(255) NOT NULL DEFAULT '',
                  `qa_5` varchar(255) NOT NULL DEFAULT ''
-                )", true);
+                )",
-    sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` (
+        true
    );
    sql_query(
        " CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` (
                  `qa_id` int(11) NOT NULL AUTO_INCREMENT,
                  `qa_num` int(11) NOT NULL DEFAULT '0',
                  `qa_parent` int(11) NOT NULL DEFAULT '0',
@ -77,7 +81,9 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
                  `qa_5` varchar(255) NOT NULL DEFAULT '',
                  PRIMARY KEY (`qa_id`),
                  KEY `qa_num_parent` (`qa_num`,`qa_parent`)
-                )", true);
+                )",
        true
    );
 }
 $sql = " SHOW COLUMNS FROM `{$g5['qa_content_table']}` LIKE 'qa_content' ";
@ -100,19 +106,25 @@ if(empty($qaconfig)) {
 // 관리자 이메일필드 추가
 if (!isset($qaconfig['qa_admin_email'])) {
-    sql_query(" ALTER TABLE `{$g5['qa_config_table']}`
+    sql_query(
-                    ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ", true);
+        " ALTER TABLE `{$g5['qa_config_table']}`
                    ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ",
        true
    );
 }
 // 상단 하단 설정 필드 추가
 if (!isset($qaconfig['qa_include_head'])) {
-    sql_query(" ALTER TABLE `{$g5['qa_config_table']}`
+    sql_query(
        " ALTER TABLE `{$g5['qa_config_table']}`
                    ADD `qa_include_head` varchar(255) NOT NULL DEFAULT '' AFTER `qa_insert_content`,
                    ADD `qa_include_tail` varchar(255) NOT NULL DEFAULT '' AFTER `qa_include_head`,
                    ADD `qa_content_head` text NOT NULL AFTER `qa_include_tail`,
                    ADD `qa_content_tail` text NOT NULL AFTER `qa_content_head`,
                    ADD `qa_mobile_content_head` text NOT NULL AFTER `qa_content_tail`,
-                    ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ", true);
+                    ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ",
        true
    );
 }
 ?>
@ -269,7 +281,7 @@ if(!isset($qaconfig['qa_include_head'])) {
                            <?php
                            echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
-                include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+                            require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
                            $captcha_html = captcha_html();
                            $captcha_js   = chk_captcha_js();
                            echo $captcha_html;
@ -332,19 +344,19 @@ if(!isset($qaconfig['qa_include_head'])) {
 </form>
 <script>
    var captcha_chk = false;
    function use_captcha_check() {
        $.ajax({
            type: "POST",
            url: g5_admin_url + "/ajax.use_captcha.php",
-        data: { admin_use_captcha: "1" },
+            data: {
                admin_use_captcha: "1"
            },
            cache: false,
            async: false,
            dataType: "json",
-        success: function(data) {
+            success: function(data) {}
        }
        });
    }
@ -379,8 +391,7 @@ jQuery(function($){
        }
    });
-function fqaconfigform_submit(f)
+    function fqaconfigform_submit(f) {
 {
        <?php echo get_editor_js("qa_content_head"); ?>
        <?php echo get_editor_js("qa_content_tail"); ?>
        <?php echo get_editor_js("qa_mobile_content_head"); ?>
@ -396,4 +407,4 @@ function fqaconfigform_submit(f)
 </script>
 <?php
-include_once ('./admin.tail.php');
+require_once './admin.tail.php';
--- a/adm/qa_config_update.php
+++ b/adm/qa_config_update.php
@ -1,6 +1,6 @@
 <?php
 $sub_menu = "300500";
-include_once('./_common.php');
+require_once './_common.php';
 check_demo();
@ -18,12 +18,12 @@ foreach($check_keys as $key){
    $$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
 }
-$qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255));
+$qa_include_head = isset($qa_include_head) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)) : '';
-$qa_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255));
+$qa_include_tail = isset($qa_include_tail) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255)) : '';
 // 관리자가 자동등록방지를 사용해야 할 경우
 if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
-    include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
+    include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
    if (!chk_captcha()) {
        alert('자동등록방지 숫자가 틀렸습니다.');
@ -67,7 +67,7 @@ $dst_char = array('＆', '〓');
 $qa_category = str_replace($src_char, $dst_char, $_POST['qa_category']);
 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
-$qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $qa_category);
+$qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$qa_category);
 $sql = " update {$g5['qa_config_table']}
            set qa_title                = '{$_POST['qa_title']}',
@ -108,8 +108,9 @@ $sql = " update {$g5['qa_config_table']}
                qa_5                    = '{$_POST['qa_5']}' ";
 sql_query($sql);
-if(function_exists('get_admin_captcha_by'))
+if (function_exists('get_admin_captcha_by')) {
    get_admin_captcha_by('remove');
 }
 if ($error_msg) {
    alert($error_msg, './qa_config.php');
--- a/adm/safe_check.php
+++ b/adm/safe_check.php
@ -1,14 +1,19 @@
 <?php
-if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
+if (!defined('_GNUBOARD_')) {
    exit; // 개별 페이지 접근 불가
 }
-function social_log_file_delete($second=0){
+function social_log_file_delete($second = 0)
 {
    $files = glob(G5_DATA_PATH . '/tmp/social_*');
    if (is_array($files)) {
        $before_time  = $second ? G5_SERVER_TIME - $second : 0;
        foreach ($files as $social_log_file) {
-            $modification_time = filemtime($log_file); // 파일접근시간
+            $modification_time = filemtime($social_log_file); // 파일접근시간
-            if ($before_time && $modification_time > $before_time) continue;
+            if ($before_time && $modification_time > $before_time) {
                continue;
            }
            unlink($social_log_file);
        }
--- a/adm/shop_admin/admin.shop.lib.php
+++ b/adm/shop_admin/admin.shop.lib.php
@ -72,7 +72,7 @@ function order_update_delivery($od_id, $mb_id, $change_status, $delivery)
    if($change_status != '배송')
        return;
-    $sql = " update {$g5['g5_shop_order_table']} set od_delivery_company = '{$delivery['delivery_company']}', od_invoice = '{$delivery['invoice']}', od_invoice_time = '{$delivery['invoice_time']}' where od_id = '$od_id' and od_status = '준비' ";
+    $sql = " update {$g5['g5_shop_order_table']} set od_delivery_company = '".sql_real_escape_string($delivery['delivery_company'])."', od_invoice = '".sql_real_escape_string($delivery['invoice'])."', od_invoice_time = '".sql_real_escape_string($delivery['invoice_time'])."' where od_id = '$od_id' and od_status = '준비' ";
    sql_query($sql);
    $sql = " select * from {$g5['g5_shop_cart_table']} where od_id = '$od_id' ";
--- a/adm/shop_admin/categoryform.php
+++ b/adm/shop_admin/categoryform.php
@ -49,7 +49,7 @@ if ($w == "")
              where SUBSTRING(ca_id,1,$len) = '$ca_id' ";
    $row = sql_fetch($sql);
-    $subid = base_convert($row['max_subid'], 36, 10);
+    $subid = base_convert((string)$row['max_subid'], 36, 10);
    $subid += 36;
    if ($subid >= 36 * 36)
    {
--- a/adm/shop_admin/configformupdate.php
+++ b/adm/shop_admin/configformupdate.php
@ -239,8 +239,12 @@ $check_sanitize_keys = array(
 );
 foreach( $check_sanitize_keys as $key ){
    if( in_array($key, array('de_bank_account')) ){
        $$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1, 0, 0) : '';
    } else {
        $$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
    }
 }
 $warning_msg = '';
--- a/adm/shop_admin/couponformupdate.php
+++ b/adm/shop_admin/couponformupdate.php
@ -139,7 +139,7 @@ if($w == '') {
 }
 // 쿠폰생성알림 발송
-if($w == '' && ($_POST['cp_sms_send'] || $_POST['cp_email_send'])) {
+if ($w == '' && (isset($_POST['cp_sms_send']) || isset($_POST['cp_email_send']))) {
    include_once(G5_LIB_PATH.'/mailer.lib.php');
    $sms_count = 0;
--- a/adm/shop_admin/inorderformupdate.php
+++ b/adm/shop_admin/inorderformupdate.php
@ -232,7 +232,7 @@ $od_b_addr1       = clean_xss_tags($data['od_b_addr1']);
 $od_b_addr2       = clean_xss_tags($data['od_b_addr2']);
 $od_b_addr3       = clean_xss_tags($data['od_b_addr3']);
 $od_b_addr_jibeon = preg_match("/^(N|R)$/", $data['od_b_addr_jibeon']) ? $data['od_b_addr_jibeon'] : '';
-$od_memo          = clean_xss_tags($data['od_memo']);
+$od_memo          = clean_xss_tags($data['od_memo'], 0, 1, 0, 0);
 $od_deposit_name  = clean_xss_tags($data['od_deposit_name']);
 $od_tax_flag      = $default['de_tax_flag_use'];
 $od_receipt_price = $tot_ct_price + $od_send_cost + $od_send_cost2 - ($od_temp_point + $tot_cp_price + $tot_sc_cp_price);
--- a/adm/shop_admin/itemexcelupdate.php
+++ b/adm/shop_admin/itemexcelupdate.php
@ -10,7 +10,7 @@ auth_check_menu($auth, $sub_menu, "w");
 function only_number($n)
 {
-    return preg_replace('/[^0-9]/', '', $n);
+    return preg_replace('/[^0-9]/', '', (string)$n);
 }
 $is_upload_file = (isset($_FILES['excelfile']['tmp_name']) && $_FILES['excelfile']['tmp_name']) ? 1 : 0;
@ -50,44 +50,44 @@ if($is_upload_file) {
        $it_id              = (string) $rowData[0][$j++];
        $it_id              = preg_match('/[-+]?[0-9]*\.?[0-9]+([eE][-+]?[0-9]+)/', $it_id) ? addslashes(sprintf("%.0f", $it_id)) : preg_replace('/[^0-9a-z_\-]/i', '', $it_id);
        $ca_id              = addslashes($rowData[0][$j++]);
-        $ca_id2             = addslashes($rowData[0][$j++]);
+        $ca_id2             = addslashes((string)$rowData[0][$j++]);
-        $ca_id3             = addslashes($rowData[0][$j++]);
+        $ca_id3             = addslashes((string)$rowData[0][$j++]);
        $it_name            = addslashes($rowData[0][$j++]);
-        $it_maker           = addslashes($rowData[0][$j++]);
+        $it_maker           = addslashes((string)$rowData[0][$j++]);
-        $it_origin          = addslashes($rowData[0][$j++]);
+        $it_origin          = addslashes((string)$rowData[0][$j++]);
-        $it_brand           = addslashes($rowData[0][$j++]);
+        $it_brand           = addslashes((string)$rowData[0][$j++]);
-        $it_model           = addslashes($rowData[0][$j++]);
+        $it_model           = addslashes((string)$rowData[0][$j++]);
-        $it_type1           = addslashes($rowData[0][$j++]);
+        $it_type1           = addslashes((string)$rowData[0][$j++]);
-        $it_type2           = addslashes($rowData[0][$j++]);
+        $it_type2           = addslashes((string)$rowData[0][$j++]);
-        $it_type3           = addslashes($rowData[0][$j++]);
+        $it_type3           = addslashes((string)$rowData[0][$j++]);
-        $it_type4           = addslashes($rowData[0][$j++]);
+        $it_type4           = addslashes((string)$rowData[0][$j++]);
-        $it_type5           = addslashes($rowData[0][$j++]);
+        $it_type5           = addslashes((string)$rowData[0][$j++]);
-        $it_basic           = addslashes($rowData[0][$j++]);
+        $it_basic           = addslashes((string)$rowData[0][$j++]);
-        $it_explan          = addslashes($rowData[0][$j++]);
+        $it_explan          = addslashes((string)$rowData[0][$j++]);
-        $it_mobile_explan   = addslashes($rowData[0][$j++]);
+        $it_mobile_explan   = addslashes((string)$rowData[0][$j++]);
        $it_cust_price      = addslashes(only_number($rowData[0][$j++]));
        $it_price           = addslashes(only_number($rowData[0][$j++]));
-        $it_tel_inq         = addslashes($rowData[0][$j++]);
+        $it_tel_inq         = addslashes((string)$rowData[0][$j++]);
        $it_point           = addslashes(only_number($rowData[0][$j++]));
        $it_point_type      = addslashes(only_number($rowData[0][$j++]));
-        $it_sell_email      = addslashes($rowData[0][$j++]);
+        $it_sell_email      = addslashes((string)$rowData[0][$j++]);
-        $it_use             = addslashes($rowData[0][$j++]);
+        $it_use             = addslashes((string)$rowData[0][$j++]);
        $it_stock_qty       = addslashes(only_number($rowData[0][$j++]));
        $it_noti_qty        = addslashes(only_number($rowData[0][$j++]));
        $it_buy_min_qty     = addslashes(only_number($rowData[0][$j++]));
        $it_buy_max_qty     = addslashes(only_number($rowData[0][$j++]));
        $it_notax           = addslashes(only_number($rowData[0][$j++]));
        $it_order           = addslashes(only_number($rowData[0][$j++]));
-        $it_img1            = addslashes($rowData[0][$j++]);
+        $it_img1            = addslashes((string)$rowData[0][$j++]);
-        $it_img2            = addslashes($rowData[0][$j++]);
+        $it_img2            = addslashes((string)$rowData[0][$j++]);
-        $it_img3            = addslashes($rowData[0][$j++]);
+        $it_img3            = addslashes((string)$rowData[0][$j++]);
-        $it_img4            = addslashes($rowData[0][$j++]);
+        $it_img4            = addslashes((string)$rowData[0][$j++]);
-        $it_img5            = addslashes($rowData[0][$j++]);
+        $it_img5            = addslashes((string)$rowData[0][$j++]);
-        $it_img6            = addslashes($rowData[0][$j++]);
+        $it_img6            = addslashes((string)$rowData[0][$j++]);
-        $it_img7            = addslashes($rowData[0][$j++]);
+        $it_img7            = addslashes((string)$rowData[0][$j++]);
-        $it_img8            = addslashes($rowData[0][$j++]);
+        $it_img8            = addslashes((string)$rowData[0][$j++]);
-        $it_img9            = addslashes($rowData[0][$j++]);
+        $it_img9            = addslashes((string)$rowData[0][$j++]);
-        $it_img10           = addslashes($rowData[0][$j++]);
+        $it_img10           = addslashes((string)$rowData[0][$j++]);
        $it_explan2         = strip_tags(trim($it_explan));
        if(!$it_id || !$ca_id || !$it_name) {
--- a/adm/shop_admin/itemformupdate.php
+++ b/adm/shop_admin/itemformupdate.php
@ -476,13 +476,13 @@ if ($w == "" || $w == "u")
        {
            $sql = " insert into {$g5['g5_shop_item_relation_table']}
                        set it_id  = '$it_id',
-                            it_id2 = '$it_id2[$i]',
+                            it_id2 = '".sql_real_escape_string($it_id2[$i])."',
                            ir_no = '$i' ";
            sql_query($sql, false);
            // 관련상품의 반대로도 등록
            $sql = " insert into {$g5['g5_shop_item_relation_table']}
-                        set it_id  = '$it_id2[$i]',
+                        set it_id  = '".sql_real_escape_string($it_id2[$i])."',
                            it_id2 = '$it_id',
                            ir_no = '$i' ";
            sql_query($sql, false);
@ -496,7 +496,7 @@ if ($w == "" || $w == "u")
        if (trim($ev_id[$i]))
        {
            $sql = " insert into {$g5['g5_shop_event_item_table']}
-                        set ev_id = '$ev_id[$i]',
+                        set ev_id = '".sql_real_escape_string($ev_id[$i])."',
                            it_id = '$it_id' ";
            sql_query($sql, false);
        }
@ -510,7 +510,7 @@ if($option_count) {
                    ( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` )
                VALUES ";
    for($i=0; $i<$option_count; $i++) {
-        $sql .= $comma . " ( '{$_POST['opt_id'][$i]}', '0', '$it_id', '{$_POST['opt_price'][$i]}', '{$_POST['opt_stock_qty'][$i]}', '{$_POST['opt_noti_qty'][$i]}', '{$_POST['opt_use'][$i]}' )";
+        $sql .= $comma . " ( '".sql_real_escape_string($_POST['opt_id'][$i])."', '0', '$it_id', '".sql_real_escape_string($_POST['opt_price'][$i])."', '".sql_real_escape_string($_POST['opt_stock_qty'][$i])."', '".sql_real_escape_string($_POST['opt_noti_qty'][$i])."', '".sql_real_escape_string($_POST['opt_use'][$i])."' )";
        $comma = ' , ';
    }
@ -524,7 +524,7 @@ if($supply_count) {
                    ( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` )
                VALUES ";
    for($i=0; $i<$supply_count; $i++) {
-        $sql .= $comma . " ( '{$_POST['spl_id'][$i]}', '1', '$it_id', '{$_POST['spl_price'][$i]}', '{$_POST['spl_stock_qty'][$i]}', '{$_POST['spl_noti_qty'][$i]}', '{$_POST['spl_use'][$i]}' )";
+        $sql .= $comma . " ( '".sql_real_escape_string($_POST['spl_id'][$i])."', '1', '$it_id', '".sql_real_escape_string($_POST['spl_price'][$i])."', '".sql_real_escape_string($_POST['spl_stock_qty'][$i])."', '".sql_real_escape_string($_POST['spl_noti_qty'][$i])."', '".sql_real_escape_string($_POST['spl_use'][$i])."' )";
        $comma = ' , ';
    }
--- a/adm/shop_admin/itemlistupdate.php
+++ b/adm/shop_admin/itemlistupdate.php
@ -35,8 +35,8 @@ if ($post_act_button == "선택수정") {
        $p_it_stock_qty = (isset($_POST['it_stock_qty']) && is_array($_POST['it_stock_qty'])) ? strip_tags($_POST['it_stock_qty'][$k]) : '';
        $p_it_skin = (isset($_POST['it_skin']) && is_array($_POST['it_skin'])) ? strip_tags($_POST['it_skin'][$k]) : '';
        $p_it_mobile_skin = (isset($_POST['it_mobile_skin']) && is_array($_POST['it_mobile_skin'])) ? strip_tags($_POST['it_mobile_skin'][$k]) : '';
-        $p_it_use = (isset($_POST['it_use']) && is_array($_POST['it_use'])) ? strip_tags($_POST['it_use'][$k]) : '';
+        $p_it_use       = isset($_POST['it_use'][$k])       ? clean_xss_tags($_POST['it_use'][$k], 1, 1)        : 0;
-        $p_it_soldout = (isset($_POST['it_soldout']) && is_array($_POST['it_soldout'])) ? strip_tags($_POST['it_soldout'][$k]) : '';
+        $p_it_soldout   = isset($_POST['it_soldout'][$k])   ? clean_xss_tags($_POST['it_soldout'][$k], 1, 1)    : 0;
        $p_it_order = (isset($_POST['it_order']) && is_array($_POST['it_order'])) ? strip_tags($_POST['it_order'][$k]) : '';
        $p_it_id = isset($_POST['it_id'][$k]) ? preg_replace('/[^a-z0-9_\-]/i', '', $_POST['it_id'][$k]) : '';
--- a/adm/shop_admin/itemstocklist.php
+++ b/adm/shop_admin/itemstocklist.php
@ -171,9 +171,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
            <?php echo $row['it_id']; ?>
        </td>
        <td class="td_left"><a href="<?php echo $href; ?>"><?php echo get_it_image($row['it_id'], 50, 50); ?> <?php echo cut_str(stripslashes($row['it_name']), 60, "&#133"); ?></a></td>
-        <td class="td_num<?php echo $it_stock_qty_st; ?>"><?php echo $it_stock_qty; ?></td>
+        <td class="td_num<?php echo $it_stock_qty_st; ?>"><?php echo (int)$it_stock_qty; ?></td>
-        <td class="td_num"><?php echo number_format($wait_qty); ?></td>
+        <td class="td_num"><?php echo number_format((float)$wait_qty); ?></td>
-        <td class="td_num"><?php echo number_format($temporary_qty); ?></td>
+        <td class="td_num"><?php echo number_format((float)$temporary_qty); ?></td>
        <td class="td_num">
            <label for="stock_qty_<?php echo $i; ?>" class="sound_only">재고수정</label>
            <input type="text" name="it_stock_qty[<?php echo $i; ?>]" value="<?php echo $row['it_stock_qty']; ?>" id="stock_qty_<?php echo $i; ?>" class="frm_input" size="10" autocomplete="off">
--- a/adm/shop_admin/itemsupply.php
+++ b/adm/shop_admin/itemsupply.php
@ -85,7 +85,7 @@ if($ps_run) {
        } // for
    } else {
        for($i=0; $i<$subject_count; $i++) {
-            $spl_subject = isset($_POST['subject'][$i]) ? preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['subject'][$i]))) : '';
+            $spl_subject = isset($_POST['subject'][$i]) ? preg_replace(G5_OPTION_ID_FILTER, '', strip_tags(trim(stripslashes($_POST['subject'][$i])))) : '';
            $spl_val = isset($_POST['supply'][$i]) ? explode(',', preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['supply'][$i])))) : '';
            $spl_count = count($spl_val);
@ -103,7 +103,7 @@ if($ps_run) {
                        $sql = " select io_price, io_stock_qty, io_noti_qty, io_use
                                    from {$g5['g5_shop_item_option_table']}
                                    where it_id = '{$post_it_id}'
-                                      and io_id = '$spl_id'
+                                      and io_id = '".sql_real_escape_string($spl_id)."'
                                      and io_type = '1' ";
                        $row = sql_fetch($sql);
@ -117,11 +117,11 @@ if($ps_run) {
    ?>
    <tr>
        <td class="td_chk">
-            <input type="hidden" name="spl_id[]" value="<?php echo $spl_id; ?>">
+            <input type="hidden" name="spl_id[]" value="<?php echo get_text($spl_id); ?>">
-            <label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo $spl_subject.' '.$spl; ?></label>
+            <label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($spl_subject.' '.$spl); ?></label>
            <input type="checkbox" name="spl_chk[]" id="spl_chk_<?php echo $i; ?>" value="1">
        </td>
-        <td class="spl-subject-cell"><?php echo $spl_subject; ?></td>
+        <td class="spl-subject-cell"><?php echo get_text($spl_subject); ?></td>
        <td class="spl-cell"><?php echo $spl; ?></td>
        <td class="td_numsmall">
            <label for="spl_price_<?php echo $i; ?>" class="sound_only">상품금액</label>
--- a/adm/shop_admin/orderdeliveryexcel.php
+++ b/adm/shop_admin/orderdeliveryexcel.php
@ -21,7 +21,6 @@ if(! function_exists('column_char')) {
    }
 }
 if (phpversion() >= '5.2.0') {
    include_once(G5_LIB_PATH.'/PHPExcel.php');
    $headers = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호');
@ -47,7 +46,7 @@ if (phpversion() >= '5.2.0') {
    $data = array_merge(array($headers), $rows);
    $excel = new PHPExcel();
-    $excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
+    $excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
    $excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
    foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
    $excel->getActiveSheet()->fromArray($data,NULL,'A1');
@ -58,47 +57,3 @@ if (phpversion() >= '5.2.0') {
    $writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5');
    $writer->save('php://output');
 } else {
    /*================================================================================
    php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/
    =================================================================================*/
    include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php');
    include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php');
    $fname = tempnam(G5_DATA_PATH, "tmp-deliverylist.xls");
    $workbook = new writeexcel_workbook($fname);
    $worksheet = $workbook->addworksheet();
    // Put Excel data
    $data = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호');
    $data = array_map('iconv_euckr', $data);
    $col = 0;
    foreach($data as $cell) {
        $worksheet->write(0, $col++, $cell);
    }
    for($i=1; $row=sql_fetch_array($result); $i++) {
        $row = array_map('iconv_euckr', $row);
        $worksheet->write($i, 0, ' '.$row['od_id']);
        $worksheet->write($i, 1, $row['od_name']);
        $worksheet->write($i, 2, ' '.$row['od_tel']);
        $worksheet->write($i, 3, ' '.$row['od_hp']);
        $worksheet->write($i, 4, $row['od_b_name']);
        $worksheet->write($i, 5, ' '.$row['od_b_tel']);
        $worksheet->write($i, 6, ' '.$row['od_b_hp']);
        $worksheet->write($i, 7, print_address($row['od_b_addr1'], $row['od_b_addr2'], $row['od_b_addr3'], $row['od_b_addr_jibeon']));
        $worksheet->write($i, 8, $row['od_delivery_company']);
        $worksheet->write($i, 9, $row['od_invoice']);
    }
    $workbook->close();
    header("Content-Type: application/x-msexcel; name=\"deliverylist-".date("ymd", time()).".xls\"");
    header("Content-Disposition: inline; filename=\"deliverylist-".date("ymd", time()).".xls\"");
    $fh=fopen($fname, "rb");
    fpassthru($fh);
    unlink($fname);
 }
--- a/adm/shop_admin/orderprintresult.php
+++ b/adm/shop_admin/orderprintresult.php
@ -168,7 +168,6 @@ if ($csv == 'xls')
    if (!$cnt)
        alert("출력할 내역이 없습니다.");
    if (phpversion() >= '5.2.0') {
        include_once(G5_LIB_PATH.'/PHPExcel.php');
        $headers = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀');
@ -235,7 +234,7 @@ if ($csv == 'xls')
        $data = array_merge(array($headers), $rows);
        $excel = new PHPExcel();
-        $excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
+        $excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
        $excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
        foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
        $excel->getActiveSheet()->fromArray($data,NULL,'A1');
@ -246,95 +245,6 @@ if ($csv == 'xls')
        $writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5');
        $writer->save('php://output');
    } else {
        /*================================================================================
        php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/
        =================================================================================*/
        include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php');
        include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php');
        $fname = tempnam(G5_DATA_PATH, "tmp-orderlist.xls");
        $workbook = new writeexcel_workbook($fname);
        $worksheet = $workbook->addworksheet();
        // Put Excel data
        $data = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀');
        $data = array_map('iconv_euckr', $data);
        $col = 0;
        foreach($data as $cell) {
            $worksheet->write(0, $col++, $cell);
        }
        $save_it_id = '';
        for($i=1; $row=sql_fetch_array($result); $i++)
        {
            if($save_it_id != $row['it_id']) {
                // 합계금액 계산
                $sql = " select SUM(IF(io_type = 1, (io_price * ct_qty), ((ct_price + io_price) * ct_qty))) as price,
                                SUM(ct_qty) as qty
                            from {$g5['g5_shop_cart_table']}
                            where it_id = '{$row['it_id']}'
                              and od_id = '{$row['od_id']}' ";
                $sum = sql_fetch($sql);
                switch($row['ct_send_cost'])
                {
                    case 1:
                        $ct_send_cost = '착불';
                        break;
                    case 2:
                        $ct_send_cost = '무료';
                        break;
                    default:
                        $ct_send_cost = '선불';
                        break;
                }
                // 조건부무료
                if($row['it_sc_type'] == 2) {
                    $sendcost = get_item_sendcost($row['it_id'], $sum['price'], $sum['qty'], $row['od_id']);
                    if($sendcost == 0)
                        $ct_send_cost = '무료';
                }
                $save_it_id = $row['it_id'];
                $ct_send_cost = iconv_euckr($ct_send_cost);
            }
            $pull_address = iconv('UTF-8', 'UHC', print_address($row['od_b_addr1'], $row['od_b_addr2'], $row['od_b_addr3'], $row['od_b_addr_jibeon']));
            $row = array_map('iconv_euckr', $row);
            $worksheet->write($i, 0, ' '.$row['od_b_zip1'].$row['od_b_zip2']);
            $worksheet->write($i, 1, $pull_address);
            $worksheet->write($i, 2, $row['od_b_name']);
            $worksheet->write($i, 3, ' '.$row['od_b_tel']);
            $worksheet->write($i, 4, ' '.$row['od_b_hp']);
            $worksheet->write($i, 5, $row['it_name']);
            $worksheet->write($i, 6, $row['ct_qty']);
            $worksheet->write($i, 7, $row['ct_option']);
            $worksheet->write($i, 8, $ct_send_cost);
            $worksheet->write($i, 9, ' '.$row['it_id']);
            $worksheet->write($i, 10, ' '.$row['od_id']);
            $worksheet->write($i, 11, $row['od_invoice']);
            $worksheet->write($i, 12, $row['od_memo']);
        }
        $workbook->close();
        header("Content-Type: application/x-msexcel; name=\"orderlist-".date("ymd", time()).".xls\"");
        header("Content-Disposition: inline; filename=\"orderlist-".date("ymd", time()).".xls\"");
        $fh=fopen($fname, "rb");
        fpassthru($fh);
        unlink($fname);
        exit;
    }   //end if php 5.2.0
 }
--- a/adm/sms_admin/num_book_file_download.php
+++ b/adm/sms_admin/num_book_file_download.php
@ -51,7 +51,7 @@ for($i=1; $res=sql_fetch_array($qry); $i++)
 $data = array_merge(array($headers), $rows);
-$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
+$excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
 $excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
 foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
 $excel->getActiveSheet()->fromArray($data,NULL,'A1');
--- a/adm/sms_admin/num_book_file_upload.php
+++ b/adm/sms_admin/num_book_file_upload.php
@ -74,13 +74,13 @@ for ($i = 1; $i <= $num_rows; $i++) {
    switch ($ext) {
        case '.csv' :
-            $name = $csv[$i][0];
+            $name = isset($csv[$i][0]) ? $csv[$i][0] : '';
            $str_encode = @mb_detect_encoding($name, $encode);
            if( $str_encode == "EUC-KR" ){
                $name = iconv_utf8( $name );
            }
            $name = addslashes($name);
-            $hp   = addslashes($csv[$i][1]);
+            $hp   = addslashes(isset($csv[$i][1]) ? $csv[$i][1] : '');
            break;
        case '.xls' :
        case '.xlsx' :
--- a/adm/sms_admin/number_move_update.php
+++ b/adm/sms_admin/number_move_update.php
@ -1,4 +1,5 @@
 <?php
 $sub_menu = "900800";
 include_once('./_common.php');
 auth_check_menu($auth, $sub_menu, "r");
@ -20,7 +21,7 @@ for ($kk=0;$row = sql_fetch_array($result);$kk++)
    $bk_no = $row['bk_no'];
    for ($i=0; $i<count($post_chk_bg_no); $i++)
    {
-        $bg_no = $post_chk_bg_no[$i];
+        $bg_no = (int) $post_chk_bg_no[$i];
        if( !$bg_no ) continue;
        $sql = " insert into {$g5['sms5_book_table']}
--- a/adm/sms_admin/sms_write_send.php
+++ b/adm/sms_admin/sms_write_send.php
@ -25,7 +25,7 @@ if ( ! (($config['cf_icode_id'] && $config['cf_icode_pw']) || $config['cf_icode_
 }
 $wr_reply   = isset($_REQUEST['wr_reply']) ? preg_replace('#[^0-9\-]#', '', trim($_REQUEST['wr_reply'])) : '';
-$wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message'])) : '';
+$wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message']), 1, 1, 0, 0) : '';
 $send_list = isset($_REQUEST['send_list']) ? clean_xss_tags(trim($_REQUEST['send_list']), 1, 1) : '';
 $wr_by = isset($_REQUEST['wr_by']) ? clean_xss_tags(trim($_REQUEST['wr_by']), 1, 1) : '';
--- a/adm/theme_config_load.php
+++ b/adm/theme_config_load.php
@ -1,7 +1,6 @@
 <?php
 $sub_menu = "100280";
 include_once('./_common.php');
 include_once(G5_LIB_PATH.'/json.lib.php');
 $data = array();
 $data['error'] = '';
--- a/bbs/ajax.comment_token.php
+++ b/bbs/ajax.comment_token.php
@ -1,6 +1,5 @@
 <?php
 include_once('./_common.php');
 include_once(G5_LIB_PATH.'/json.lib.php');
 $ss_name = 'ss_comment_token';
--- a/bbs/ajax.write.token.php
+++ b/bbs/ajax.write.token.php
@ -1,6 +1,5 @@
 <?php
 include_once('./_common.php');
 include_once(G5_LIB_PATH.'/json.lib.php');
 $token_case = isset($_POST['token_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['token_case']) : '';
--- a/bbs/board.php
+++ b/bbs/board.php
@ -21,7 +21,7 @@ $g5['board_title'] = ((G5_IS_MOBILE && $board['bo_mobile_subject']) ? $board['bo
 // wr_id 값이 있으면 글읽기
 if ((isset($wr_id) && $wr_id) || (isset($wr_seo_title) && $wr_seo_title)) {
    // 글이 없을 경우 해당 게시판 목록으로 이동
-    if (!$write['wr_id']) {
+    if (!isset($write['wr_id'])) {
        $msg = '글이 존재하지 않습니다.\\n\\n글이 삭제되었거나 이동된 경우입니다.';
        alert($msg, get_pretty_url($bo_table));
    }
--- a/Show More
+++ b/Show More