From 6dd55f325695996c99abde24a6ebfc02e6dacbbb Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Wed, 5 Sep 2018 14:53:01 +0900
Subject: [PATCH 1/9] =?UTF-8?q?get=5Funiqid=20=ED=95=A8=EC=88=98=20?=
 =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B8=20=ED=95=A8=EC=88=98=20=EB=82=B4?=
 =?UTF-8?q?=EC=9A=A9=EA=B3=BC=20=EB=8F=99=EC=9D=BC=ED=95=98=EB=8F=84?=
 =?UTF-8?q?=EB=A1=9D=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/common.lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/common.lib.php b/lib/common.lib.php
index ab261edc3..28a984da4 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -2107,7 +2107,7 @@ function get_uniqid()
     sql_query(" LOCK TABLE {$g5['uniqid_table']} WRITE ");
     while (1) {
         // 년월일시분초에 100분의 1초 두자리를 추가함 (1/100 초 앞에 자리가 모자르면 0으로 채움)
-        $key = date('ymdHis', time()) . str_pad((int)(microtime()*100), 2, "0", STR_PAD_LEFT);
+        $key = date('YmdHis', time()) . str_pad((int)(microtime()*100), 2, "0", STR_PAD_LEFT);
 
         $result = sql_query(" insert into {$g5['uniqid_table']} set uq_id = '$key', uq_ip = '{$_SERVER['REMOTE_ADDR']}' ", false);
         if ($result) break; // 쿼리가 정상이면 빠진다.

From 2b79194f72c2ca28e8197769c2a2212b73b38665 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 6 Sep 2018 10:38:14 +0900
Subject: [PATCH 2/9] =?UTF-8?q?clean=5Fxss=5Fattributes=20=ED=95=A8?=
 =?UTF-8?q?=EC=88=98=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/common.lib.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/common.lib.php b/lib/common.lib.php
index 28a984da4..963701e47 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -2878,6 +2878,14 @@ function clean_xss_tags($str)
     return $str;
 }
 
+// XSS 어트리뷰트 태그 제거
+function clean_xss_attributes($str)
+{
+    $str = preg_replace('#(onabort|onactivate|onafterprint|onafterupdate|onbeforeactivate|onbeforecopy|onbeforecut|onbeforedeactivate|onbeforeeditfocus|onbeforepaste|onbeforeprint|onbeforeunload|onbeforeupdate|onblur|onbounce|oncellchange|onchange|onclick|oncontextmenu|oncontrolselect|oncopy|oncut|ondataavaible|ondatasetchanged|ondatasetcomplete|ondblclick|ondeactivate|ondrag|ondragdrop|ondragend|ondragenter|ondragleave|ondragover|ondragstart|ondrop|onerror|onerrorupdate|onfilterupdate|onfinish|onfocus|onfocusin|onfocusout|onhelp|onkeydown|onkeypress|onkeyup|onlayoutcomplete|onload|onlosecapture|onmousedown|onmouseenter|onmouseleave|onmousemove|onmoveout|onmouseover|onmouseup|onmousewheel|onmove|onmoveend|onmovestart|onpaste|onpropertychange|onreadystatechange|onreset|onresize|onresizeend|onresizestart|onrowexit|onrowsdelete|onrowsinserted|onscroll|onselect|onselectionchange|onselectstart|onstart|onstop|onsubmit|onunload)\\s*=\\s*\\\?".*?"#is', '', $str);
+
+    return $str;
+}
+
 // unescape nl 얻기
 function conv_unescape_nl($str)
 {

From 64f02142b80a9e543af4c24b7c92bd6365f218a7 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Sep 2018 15:19:27 +0900
Subject: [PATCH 3/9] =?UTF-8?q?=EC=B9=B4=EC=B9=B4=EC=98=A4=ED=86=A1=20?=
 =?UTF-8?q?=EA=B3=B5=EC=9C=A0=EB=A5=BC=20PC=20=EC=97=90=EC=84=9C=20?=
 =?UTF-8?q?=ED=95=A0=EC=88=98=20=EC=9E=88=EA=B2=8C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 plugin/sns/view.sns.skin.php             | 9 +++++----
 skin/board/basic/style.css               | 2 ++
 skin/board/gallery/style.css             | 2 ++
 theme/basic/skin/board/basic/style.css   | 2 ++
 theme/basic/skin/board/gallery/style.css | 2 ++
 5 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/plugin/sns/view.sns.skin.php b/plugin/sns/view.sns.skin.php
index dc95a3894..5a45b6392 100644
--- a/plugin/sns/view.sns.skin.php
+++ b/plugin/sns/view.sns.skin.php
@@ -20,9 +20,10 @@ $sns_send .= '&amp;title='.$sns_msg;
 $facebook_url = $sns_send.'&amp;sns=facebook';
 $twitter_url  = $sns_send.'&amp;sns=twitter';
 $gplus_url    = $sns_send.'&amp;sns=gplus';
+$bo_v_sns_class = $config['cf_kakao_js_apikey'] ? 'show_kakao' : '';
 ?>
 
-<?php if(G5_IS_MOBILE && $config['cf_kakao_js_apikey']) { ?>
+<?php if($config['cf_kakao_js_apikey']) { ?>
 <script src="//developers.kakao.com/sdk/js/kakao.min.js"></script>
 <script src="<?php echo G5_JS_URL; ?>/kakaolink.js"></script>
 <script>
@@ -33,12 +34,12 @@ $gplus_url    = $sns_send.'&amp;sns=gplus';
 <div class="bo_v_snswr">
 <button type="button" class="btn btn_b03 btn_share"><i class="fa fa-share-alt" aria-hidden="true"></i> SNS공유</button>
 
-<ul id="bo_v_sns">
+<ul id="bo_v_sns" class="<?php echo $bo_v_sns_class; ?>">
     <li><a href="<?php echo $twitter_url; ?>" target="_blank" class="sns_t"><img src="<?php echo G5_SNS_URL; ?>/icon/twitter.png" alt="트위터로 보내기" width="20"></a></li>
     <li><a href="<?php echo $facebook_url; ?>" target="_blank" class="sns_f"><img src="<?php echo G5_SNS_URL; ?>/icon/facebook.png" alt="페이스북으로 보내기" width="20"></a></li>
     <li><a href="<?php echo $gplus_url; ?>" target="_blank" class="sns_g"><img src="<?php echo G5_SNS_URL; ?>/icon/gplus.png" alt="구글플러스로 보내기" width="20"></a></li>
-    <?php if(G5_IS_MOBILE && $config['cf_kakao_js_apikey']) { ?>
-    <li><a href="javascript:kakaolink_send('<?php echo $sns_msg; ?>', '<?php echo urlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); ?>');" class="sns_k" ><img src="<?php echo G5_SNS_URL; ?>/icon/kakaotalk.png" alt="카카오톡으로 보내기" width="20"></a></li>
+    <?php if($config['cf_kakao_js_apikey']) { ?>
+    <li><a href="javascript:kakaolink_send('<?php echo str_replace(array('%27', '\''), '', $sns_msg); ?>', '<?php echo urlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); ?>');" class="sns_k" ><img src="<?php echo G5_SNS_URL; ?>/icon/kakaotalk.png" alt="카카오톡으로 보내기" width="20"></a></li>
     <?php } ?>
 </ul>
 </div>
diff --git a/skin/board/basic/style.css b/skin/board/basic/style.css
index c1aa1d384..37bf7fab7 100644
--- a/skin/board/basic/style.css
+++ b/skin/board/basic/style.css
@@ -294,6 +294,8 @@ box-shadow: inset 0 2px 5px rgb(33, 135, 202);
 #bo_v_sns li .sns_f{display:block;background:#415b92}
 #bo_v_sns li .sns_t{display:block;background:#35b3dc}
 #bo_v_sns li .sns_g{display:block;background:#d5503a}
+#bo_v_sns.show_kakao{width:240px;margin-left:-120px}
+#bo_v_sns li .sns_k{display:block;background:#fbe300}
 #bo_v_sns li img{vertical-align:top}
 
 /* 게시판 댓글 */
diff --git a/skin/board/gallery/style.css b/skin/board/gallery/style.css
index 4da54a855..7dd98d16b 100644
--- a/skin/board/gallery/style.css
+++ b/skin/board/gallery/style.css
@@ -307,6 +307,8 @@ box-shadow: inset 0 2px 5px rgb(33, 135, 202);}
 #bo_v_sns li .sns_f{display:block;background:#415b92}
 #bo_v_sns li .sns_t{display:block;background:#35b3dc}
 #bo_v_sns li .sns_g{display:block;background:#d5503a}
+#bo_v_sns.show_kakao{width:240px;margin-left:-120px}
+#bo_v_sns li .sns_k{display:block;background:#fbe300}
 #bo_v_sns li img{vertical-align:top}
 
 
diff --git a/theme/basic/skin/board/basic/style.css b/theme/basic/skin/board/basic/style.css
index c1aa1d384..37bf7fab7 100644
--- a/theme/basic/skin/board/basic/style.css
+++ b/theme/basic/skin/board/basic/style.css
@@ -294,6 +294,8 @@ box-shadow: inset 0 2px 5px rgb(33, 135, 202);
 #bo_v_sns li .sns_f{display:block;background:#415b92}
 #bo_v_sns li .sns_t{display:block;background:#35b3dc}
 #bo_v_sns li .sns_g{display:block;background:#d5503a}
+#bo_v_sns.show_kakao{width:240px;margin-left:-120px}
+#bo_v_sns li .sns_k{display:block;background:#fbe300}
 #bo_v_sns li img{vertical-align:top}
 
 /* 게시판 댓글 */
diff --git a/theme/basic/skin/board/gallery/style.css b/theme/basic/skin/board/gallery/style.css
index 59f2aa448..e20ab1c66 100644
--- a/theme/basic/skin/board/gallery/style.css
+++ b/theme/basic/skin/board/gallery/style.css
@@ -307,6 +307,8 @@ box-shadow: inset 0 2px 5px rgb(33, 135, 202);}
 #bo_v_sns li .sns_f{display:block;background:#415b92}
 #bo_v_sns li .sns_t{display:block;background:#35b3dc}
 #bo_v_sns li .sns_g{display:block;background:#d5503a}
+#bo_v_sns.show_kakao{width:240px;margin-left:-120px}
+#bo_v_sns li .sns_k{display:block;background:#fbe300}
 #bo_v_sns li img{vertical-align:top}
 
 

From 4833ff388b6faeba8a2b56e9ae4472f01e3f9aed Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Sep 2018 18:25:06 +0900
Subject: [PATCH 4/9] =?UTF-8?q?=EC=95=84=EC=9D=B4=EC=BD=94=EB=93=9C=20SMS?=
 =?UTF-8?q?=20=EC=9D=91=EB=8B=B5=20=EC=97=86=EC=9D=84=EC=8B=9C=20=EC=A7=80?=
 =?UTF-8?q?=EC=97=B0=20=EC=8B=9C=EA=B0=84=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/common.lib.php       | 6 +++---
 lib/icode.lms.lib.php    | 2 +-
 lib/icode.sms.lib.php    | 4 ++--
 plugin/sms5/sms5.lib.php | 6 +++---
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/lib/common.lib.php b/lib/common.lib.php
index 963701e47..77b78b5e9 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -2678,7 +2678,7 @@ function get_qa_config($fld='*')
 
 // get_sock 함수 대체
 if (!function_exists("get_sock")) {
-    function get_sock($url)
+    function get_sock($url, $timeout=30)
     {
         // host 와 uri 를 분리
         //if (ereg("http://([a-zA-Z0-9_\-\.]+)([^<]*)", $url, $res))
@@ -2689,7 +2689,7 @@ if (!function_exists("get_sock")) {
         }
 
         // 80번 포트로 소캣접속 시도
-        $fp = fsockopen ($host, 80, $errno, $errstr, 30);
+        $fp = fsockopen ($host, 80, $errno, $errstr, $timeout);
         if (!$fp)
         {
             //die("$errstr ($errno)\n");
@@ -2983,7 +2983,7 @@ function replace_filename($name)
 // 아이코드 사용자정보
 function get_icode_userinfo($id, $pass)
 {
-    $res = get_sock('http://www.icodekorea.com/res/userinfo.php?userid='.$id.'&userpw='.$pass);
+    $res = get_sock('http://www.icodekorea.com/res/userinfo.php?userid='.$id.'&userpw='.$pass, 2);
     $res = explode(';', $res);
     $userinfo = array(
         'code'      => $res[0], // 결과코드
diff --git a/lib/icode.lms.lib.php b/lib/icode.lms.lib.php
index e255d1d7b..f7bb6f361 100644
--- a/lib/icode.lms.lib.php
+++ b/lib/icode.lms.lib.php
@@ -119,7 +119,7 @@ class LMS {
 	function Send() {
 		$fsocket = fsockopen($this->socket_host,$this->socket_port, $errno, $errstr, 2);
 		if (!$fsocket) return false;
-		set_time_limit(300);
+		set_time_limit(60);
 
 		foreach($this->Data as $puts) {
 			fputs($fsocket, $puts);
diff --git a/lib/icode.sms.lib.php b/lib/icode.sms.lib.php
index 0ce3e6643..a3bee6613 100644
--- a/lib/icode.sms.lib.php
+++ b/lib/icode.sms.lib.php
@@ -122,9 +122,9 @@ class SMS {
 	}
 
 	function Send () {
-		$fp=@fsockopen(trim($this->SMS_Server),trim($this->SMS_Port));
+		$fp=@fsockopen(trim($this->SMS_Server),trim($this->SMS_Port), $errno, $errstr, 2);
 		if (!$fp) return false;
-		set_time_limit(300);
+		set_time_limit(60);
 
 		## php4.3.10일경우
         ## zend 최신버전으로 업해주세요..
diff --git a/plugin/sms5/sms5.lib.php b/plugin/sms5/sms5.lib.php
index 2cceaa9bf..6f872e300 100644
--- a/plugin/sms5/sms5.lib.php
+++ b/plugin/sms5/sms5.lib.php
@@ -267,7 +267,7 @@ if($config['cf_sms_type'] == 'LMS') {
 
             $fsocket = fsockopen($this->socket_host,$this->socket_port, $errno, $errstr, 2);
             if (!$fsocket) return false;
-            set_time_limit(300);
+            set_time_limit(60);
 
             foreach($this->Data as $puts) {
                 fputs($fsocket, $puts);
@@ -436,9 +436,9 @@ if($config['cf_sms_type'] == 'LMS') {
                 exit;
             }
 
-            $fsocket=fsockopen($this->SMS_Server,$this->SMS_Port);
+            $fsocket=fsockopen($this->SMS_Server,$this->SMS_Port, $errno, $errstr, 2);
             if (!$fsocket) return false;
-            set_time_limit(300);
+            set_time_limit(60);
 
             ## php4.3.10일경우
             ## zend 최신버전으로 업해주세요..

From c0a4d9776bd78a390fb95fa6b8b52bfe0d91a5f2 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 13 Sep 2018 18:30:13 +0900
Subject: [PATCH 5/9] =?UTF-8?q?=EC=86=8C=EC=85=9C=20=ED=8C=9D=EC=97=85?=
 =?UTF-8?q?=EC=B0=BD=20=EC=98=B5=EC=85=98=EC=97=90=20=EC=8A=A4=ED=81=AC?=
 =?UTF-8?q?=EB=A1=A4=20=EC=98=B5=EC=85=98=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/skin/social/social_login.skin.php           | 2 +-
 mobile/skin/social/social_outlogin.skin.1.php      | 2 +-
 mobile/skin/social/social_register.skin.php        | 2 +-
 mobile/skin/social/social_u_register_form.skin.php | 2 +-
 skin/social/social_login.skin.php                  | 2 +-
 skin/social/social_outlogin.skin.1.php             | 2 +-
 skin/social/social_register.skin.php               | 2 +-
 skin/social/social_u_register_form.skin.php        | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/mobile/skin/social/social_login.skin.php b/mobile/skin/social/social_login.skin.php
index 818b8bf7c..44b7f491b 100644
--- a/mobile/skin/social/social_login.skin.php
+++ b/mobile/skin/social/social_login.skin.php
@@ -69,7 +69,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
                     var newWin = window.open(
                         pop_url, 
                         "social_sing_on", 
-                        "location=0,status=0,scrollbars=0,width=600,height=500"
+                        "location=0,status=0,scrollbars=1,width=600,height=500"
                     );
 
                     if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/mobile/skin/social/social_outlogin.skin.1.php b/mobile/skin/social/social_outlogin.skin.1.php
index 43260475d..d5e53f562 100644
--- a/mobile/skin/social/social_outlogin.skin.1.php
+++ b/mobile/skin/social/social_outlogin.skin.1.php
@@ -69,7 +69,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
                     var newWin = window.open(
                         pop_url, 
                         "social_sing_on", 
-                        "location=0,status=0,scrollbars=0,width=600,height=500"
+                        "location=0,status=0,scrollbars=1,width=600,height=500"
                     );
 
                     if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/mobile/skin/social/social_register.skin.php b/mobile/skin/social/social_register.skin.php
index 66ee7d886..0c2427cdb 100644
--- a/mobile/skin/social/social_register.skin.php
+++ b/mobile/skin/social/social_register.skin.php
@@ -70,7 +70,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
                         var newWin = window.open(
                             pop_url, 
                             "social_sing_on", 
-                            "location=0,status=0,scrollbars=0,width=600,height=500"
+                            "location=0,status=0,scrollbars=1,width=600,height=500"
                         );
 
                         if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/mobile/skin/social/social_u_register_form.skin.php b/mobile/skin/social/social_u_register_form.skin.php
index c9a14c752..ddf329627 100644
--- a/mobile/skin/social/social_u_register_form.skin.php
+++ b/mobile/skin/social/social_u_register_form.skin.php
@@ -150,7 +150,7 @@ jQuery(function($){
                 var newWin = window.open(
                     pop_url, 
                     "social_sing_on", 
-                    "location=0,status=0,scrollbars=0,width=600,height=500"
+                    "location=0,status=0,scrollbars=1,width=600,height=500"
                 );
 
                 if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/skin/social/social_login.skin.php b/skin/social/social_login.skin.php
index 02ae62f9a..d248ca90b 100644
--- a/skin/social/social_login.skin.php
+++ b/skin/social/social_login.skin.php
@@ -69,7 +69,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
                     var newWin = window.open(
                         pop_url, 
                         "social_sing_on", 
-                        "location=0,status=0,scrollbars=0,width=600,height=500"
+                        "location=0,status=0,scrollbars=1,width=600,height=500"
                     );
 
                     if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/skin/social/social_outlogin.skin.1.php b/skin/social/social_outlogin.skin.1.php
index 43260475d..d5e53f562 100644
--- a/skin/social/social_outlogin.skin.1.php
+++ b/skin/social/social_outlogin.skin.1.php
@@ -69,7 +69,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
                     var newWin = window.open(
                         pop_url, 
                         "social_sing_on", 
-                        "location=0,status=0,scrollbars=0,width=600,height=500"
+                        "location=0,status=0,scrollbars=1,width=600,height=500"
                     );
 
                     if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/skin/social/social_register.skin.php b/skin/social/social_register.skin.php
index b15d87064..0c7edef6b 100644
--- a/skin/social/social_register.skin.php
+++ b/skin/social/social_register.skin.php
@@ -71,7 +71,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
                         var newWin = window.open(
                             pop_url, 
                             "social_sing_on", 
-                            "location=0,status=0,scrollbars=0,width=600,height=500"
+                            "location=0,status=0,scrollbars=1,width=600,height=500"
                         );
 
                         if(!newWin || newWin.closed || typeof newWin.closed=='undefined')
diff --git a/skin/social/social_u_register_form.skin.php b/skin/social/social_u_register_form.skin.php
index 29d8f6aca..2c036b1c9 100644
--- a/skin/social/social_u_register_form.skin.php
+++ b/skin/social/social_u_register_form.skin.php
@@ -146,7 +146,7 @@ jQuery(function($){
                 var newWin = window.open(
                     pop_url, 
                     "social_sing_on", 
-                    "location=0,status=0,scrollbars=0,width=600,height=500"
+                    "location=0,status=0,scrollbars=1,width=600,height=500"
                 );
 
                 if(!newWin || newWin.closed || typeof newWin.closed=='undefined')

From 333c1e1af4a393f292a2662388077463ba3ee396 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 14 Sep 2018 12:04:37 +0900
Subject: [PATCH 6/9] =?UTF-8?q?=EC=9D=B8=EC=8A=A4=ED=86=A8=EC=8B=9C=20?=
 =?UTF-8?q?=EA=B8=B0=EC=A1=B4=20=EB=8D=B0=EC=9D=B4=ED=84=B0=EB=B2=A0?=
 =?UTF-8?q?=EC=9D=B4=EC=8A=A4=EA=B0=80=20=EC=A1=B4=EC=9E=AC=ED=95=98?=
 =?UTF-8?q?=EB=8A=94=EC=A7=80=20=EC=B2=B4=ED=81=AC=EA=B3=BC=EC=A0=95=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 install/ajax.install.check.php | 53 ++++++++++++++++++++++++++++++++++
 install/install.function.php   | 40 +++++++++++++++++++++++++
 install/install_config.php     | 28 ++++++++++++++++++
 install/install_db.php         | 21 +-------------
 4 files changed, 122 insertions(+), 20 deletions(-)
 create mode 100644 install/ajax.install.check.php
 create mode 100644 install/install.function.php

diff --git a/install/ajax.install.check.php b/install/ajax.install.check.php
new file mode 100644
index 000000000..381fd380a
--- /dev/null
+++ b/install/ajax.install.check.php
@@ -0,0 +1,53 @@
+<?php
+include_once ('../config.php');
+include_once('../lib/json.lib.php');
+include_once('../lib/common.lib.php');    // 공통 라이브러리
+include_once('./install.function.php');    // 인스톨 과정 함수 모음
+
+$data_path = '../'.G5_DATA_DIR;
+
+// 파일이 존재한다면 설치할 수 없다.
+$dbconfig_file = $data_path.'/'.G5_DBCONFIG_FILE;
+if (file_exists($dbconfig_file)) {
+    die(install_json_msg('프로그램이 이미 설치되어 있습니다.'));
+}
+
+$mysql_host  = safe_install_string_check($_POST['mysql_host'], 'json');
+$mysql_user  = safe_install_string_check($_POST['mysql_user'], 'json');
+$mysql_pass  = safe_install_string_check($_POST['mysql_pass'], 'json');
+$mysql_db    = safe_install_string_check($_POST['mysql_db'], 'json');
+$table_prefix= safe_install_string_check($_POST['table_prefix']);
+
+$tmp_str = isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '';
+$ajax_token = md5($tmp_str.$_SERVER['REMOTE_ADDR'].$_SERVER['DOCUMENT_ROOT']);
+
+$bool_ajax_token = ($ajax_token == $_POST['ajax_token']) ? true : false;
+
+if( !($mysql_host && $mysql_user && $mysql_pass && $mysql_db && $table_prefix && $bool_ajax_token) ){
+    die(install_json_msg('잘못된 요청입니다.'));
+}
+
+try {
+    $dblink = sql_connect($mysql_host, $mysql_user, $mysql_pass, $mysql_db);
+} catch (Exception $e) {
+}
+
+if (!$dblink) {
+    die(install_json_msg('MySQL Host, User, Password 를 확인해 주십시오.'));
+}
+
+try {
+    $select_db = sql_select_db($mysql_db, $dblink);
+} catch (Exception $e) {
+}
+
+if (!$select_db) {
+    die(install_json_msg('MySQL DB 를 확인해 주십시오.'));
+}
+
+if(sql_query("DESCRIBE `{$table_prefix}config`", G5_DISPLAY_SQL_ERROR, $dblink)) {
+    die(install_json_msg('주의! 이미 테이블이 존재하므로, 기존 DB 자료가 망실됩니다. 계속 진행하겠습니까?', 'exists'));
+}
+
+die(install_json_msg('ok', 'success'));
+?>
\ No newline at end of file
diff --git a/install/install.function.php b/install/install.function.php
new file mode 100644
index 000000000..4739e9bc4
--- /dev/null
+++ b/install/install.function.php
@@ -0,0 +1,40 @@
+<?php
+if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
+
+if( ! function_exists('safe_install_string_check') ){
+    function safe_install_string_check( $str, $is_json=false ) {
+        $is_check = false;
+
+        if(preg_match('#\);(passthru|eval|pcntl_exec|exec|system|popen|fopen|fsockopen|file|file_get_contents|readfile|unlink|include|include_once|require|require_once)\s?#i', $str)) {
+            $is_check = true;
+        }
+
+        if(preg_match('#\$_(get|post|request)\s?\[.*?\]\s?\)#i', $str)){
+            $is_check = true;
+        }
+
+        if($is_check){
+            $msg = "입력한 값에 안전하지 않는 문자가 포함되어 있습니다. 설치를 중단합니다.";
+
+            if($is_json){
+                die(install_json_msg($msg));
+            }
+
+            die($msg);
+        }
+
+        return $str;
+    }
+}
+
+if( ! function_exists('install_json_msg') ){
+    function install_json_msg($msg, $type='error'){
+
+        $error_msg = ($type==='error') ? $msg : '';
+        $success_msg = ($type==='success') ? $msg : '';
+        $exists_msg = ($type==='exists') ? $msg : '';
+
+        return json_encode(array('error'=>$error_msg, 'success'=>$success_msg, 'exists'=>$exists_msg));
+    }
+}
+?>
\ No newline at end of file
diff --git a/install/install_config.php b/install/install_config.php
index 7020c6647..67d804f3d 100644
--- a/install/install_config.php
+++ b/install/install_config.php
@@ -17,6 +17,9 @@ if (!isset($_POST['agree']) || $_POST['agree'] != '동의함') {
     echo "<div class=\"inner_btn\"><a href=\"./\">뒤로가기</a></div></div>".PHP_EOL;
     exit;
 }
+
+$tmp_str = isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '';
+$ajax_token = md5($tmp_str.$_SERVER['REMOTE_ADDR'].$_SERVER['DOCUMENT_ROOT']);
 ?>
 
 
@@ -66,6 +69,7 @@ if (!isset($_POST['agree']) || $_POST['agree'] != '동의함') {
 
     <table class="ins_frm">
     <caption>최고관리자 정보입력</caption>
+    <input type="hidden" name="ajax_token" value="<?php echo $ajax_token; ?>" >
     <colgroup>
         <col style="width:150px">
         <col>
@@ -108,6 +112,7 @@ if (!isset($_POST['agree']) || $_POST['agree'] != '동의함') {
     </div>
 </div>
 
+<script src="../js/jquery-1.8.3.min.js"></script>
 <script>
 function frm_install_submit(f)
 {
@@ -168,6 +173,29 @@ function frm_install_submit(f)
         f.admin_id.focus();
         return false;
     }
+    
+    if (window.jQuery) {
+
+        var jqxhr = jQuery.post( "ajax.install.check.php", $(f).serialize(), function(data) {
+            
+            if( data.error ){
+                alert(data.error);
+            } else if( data.exists ) {
+                if( confirm(data.exists) ){
+                    f.submit();
+                }
+            } else if( data.success ) {
+                f.submit();
+            }
+
+        }, "json");
+
+        jqxhr.fail(function(xhr) {
+            alert( xhr.responseText );
+        });
+
+        return false;
+    }
 
     return true;
 }
diff --git a/install/install_db.php b/install/install_db.php
index 9f5991a55..431ff1740 100644
--- a/install/install_db.php
+++ b/install/install_db.php
@@ -11,26 +11,7 @@ header('Pragma: no-cache'); // HTTP/1.0
 
 include_once ('../config.php');
 include_once ('../lib/common.lib.php');
-
-if( ! function_exists('safe_install_string_check') ){
-    function safe_install_string_check( $str ) {
-        $is_check = false;
-
-        if(preg_match('#\);(passthru|eval|pcntl_exec|exec|system|popen|fopen|fsockopen|file|file_get_contents|readfile|unlink|include|include_once|require|require_once)\s?#i', $str)) {
-            $is_check = true;
-        }
-
-        if(preg_match('#\$_(get|post|request)\s?\[.*?\]\s?\)#i', $str)){
-            $is_check = true;
-        }
-
-        if($is_check){
-            die("입력한 값에 안전하지 않는 문자가 포함되어 있습니다. 설치를 중단합니다.");
-        }
-
-        return $str;
-    }
-}
+include_once('./install.function.php');    // 인스톨 과정 함수 모음
 
 $title = G5_VERSION." 설치 완료 3/3";
 include_once ('./install.inc.php');

From 37b72f36d68d6a01031a208f93e0dd05ffa75b14 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 14 Sep 2018 12:23:52 +0900
Subject: [PATCH 7/9] =?UTF-8?q?=EC=86=8C=EC=85=9C=20=EB=A1=9C=EA=B7=B8?=
 =?UTF-8?q?=EC=9D=B8=20=EC=8A=A4=ED=82=A8=20=EC=9E=98=EB=AA=BB=20=ED=91=9C?=
 =?UTF-8?q?=EA=B8=B0=EB=90=9C=20=ED=83=9C=EA=B7=B8=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/skin/social/social_login.skin.php    |  4 ++--
 mobile/skin/social/social_register.skin.php |  2 +-
 skin/social/social_login.skin.php           |  2 +-
 skin/social/social_outlogin.skin.1.php      |  4 ++--
 skin/social/social_register.skin.php        | 10 +++++-----
 5 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/mobile/skin/social/social_login.skin.php b/mobile/skin/social/social_login.skin.php
index 44b7f491b..e7af20ad9 100644
--- a/mobile/skin/social/social_login.skin.php
+++ b/mobile/skin/social/social_login.skin.php
@@ -47,13 +47,13 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
         <?php if( social_service_check('twitter') ) {     //트위터 로그인을 사용한다면 ?>
         <a href="<?php echo $self_url;?>?provider=twitter&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-twitter" title="트위터">
             <span class="ico"></span>
-            <span class="txt">트위터+<i> 트위터</i></span>
+            <span class="txt">트위터+<i> 로그인</i></span>
         </a>
         <?php }     //end if ?>
         <?php if( social_service_check('payco') ) {     //페이코 로그인을 사용한다면 ?>
         <a href="<?php echo $self_url;?>?provider=payco&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-payco" title="페이코">
             <span class="ico"></span>
-            <span class="txt">페이코 로그인</span>
+            <span class="txt">페이코<i> 로그인</i></span>
         </a>
         <?php }     //end if ?>
 
diff --git a/mobile/skin/social/social_register.skin.php b/mobile/skin/social/social_register.skin.php
index 0c2427cdb..c07a92c15 100644
--- a/mobile/skin/social/social_register.skin.php
+++ b/mobile/skin/social/social_register.skin.php
@@ -54,7 +54,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
             <?php if( social_service_check('payco') ) {     //페이코 로그인을 사용한다면 ?>
             <a href="<?php echo $self_url;?>?provider=payco&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-payco" title="페이코">
                 <span class="ico"></span>
-                <span class="txt">페이코 로그인</span>
+                <span class="txt">페이코<i> 로그인</i></span>
             </a>
             <?php }     //end if ?>
 
diff --git a/skin/social/social_login.skin.php b/skin/social/social_login.skin.php
index d248ca90b..e81d1393a 100644
--- a/skin/social/social_login.skin.php
+++ b/skin/social/social_login.skin.php
@@ -53,7 +53,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
         <?php if( social_service_check('payco') ) {     //페이코 로그인을 사용한다면 ?>
         <a href="<?php echo $self_url;?>?provider=payco&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-payco" title="페이코">
             <span class="ico"></span>
-            <span class="txt">페이코 로그인</span>
+            <span class="txt">페이코<i> 로그인</i></span>
         </a>
         <?php }     //end if ?>
 
diff --git a/skin/social/social_outlogin.skin.1.php b/skin/social/social_outlogin.skin.1.php
index d5e53f562..228cd80d3 100644
--- a/skin/social/social_outlogin.skin.1.php
+++ b/skin/social/social_outlogin.skin.1.php
@@ -47,13 +47,13 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
         <?php if( social_service_check('twitter') ) {     //트위터 로그인을 사용한다면 ?>
         <a href="<?php echo $self_url;?>?provider=twitter&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-twitter" title="트위터">
             <span class="ico"></span>
-            <span class="txt">트위터+<i> 트위터</i></span>
+            <span class="txt">트위터+<i> 로그인</i></span>
         </a>
         <?php }     //end if ?>
         <?php if( social_service_check('payco') ) {     //페이코 로그인을 사용한다면 ?>
         <a href="<?php echo $self_url;?>?provider=payco&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-payco" title="페이코">
             <span class="ico"></span>
-            <span class="txt">페이코 로그인</span>
+            <span class="txt">페이코<i> 로그인</i></span>
         </a>
         <?php }     //end if ?>
 
diff --git a/skin/social/social_register.skin.php b/skin/social/social_register.skin.php
index 0c7edef6b..0a26c6e88 100644
--- a/skin/social/social_register.skin.php
+++ b/skin/social/social_register.skin.php
@@ -25,31 +25,31 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
             <?php if( social_service_check('naver') ) {     //네이버 로그인을 사용한다면 ?>
             <a href="<?php echo $self_url;?>?provider=naver&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-naver" title="네이버">
                 <span class="ico"></span>
-                <span class="txt">네이버으로 회원가입하기</span>
+                <span class="txt">네이버로 회원가입하기</span>
             </a>
             <?php }     //end if ?>
             <?php if( social_service_check('kakao') ) {     //카카오 로그인을 사용한다면 ?>
             <a href="<?php echo $self_url;?>?provider=kakao&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-kakao" title="카카오">
                 <span class="ico"></span>
-                <span class="txt">카카오로 회원가입하기</i></span>
+                <span class="txt">카카오로 회원가입하기</span>
             </a>
             <?php }     //end if ?>
             <?php if( social_service_check('facebook') ) {     //페이스북 로그인을 사용한다면 ?>
             <a href="<?php echo $self_url;?>?provider=facebook&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-facebook" title="페이스북">
                 <span class="ico"></span>
-                <span class="txt">페이스북로 회원가입하기</i></span>
+                <span class="txt">페이스북로 회원가입하기</span>
             </a>
             <?php }     //end if ?>
             <?php if( social_service_check('google') ) {     //구글 로그인을 사용한다면 ?>
             <a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
                 <span class="ico"></span>
-                <span class="txt">구글+로 회원가입하기</i></span>
+                <span class="txt">구글+로 회원가입하기</span>
             </a>
             <?php }     //end if ?>
             <?php if( social_service_check('twitter') ) {     //트위터 로그인을 사용한다면 ?>
             <a href="<?php echo $self_url;?>?provider=twitter&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-twitter" title="트위터">
                 <span class="ico"></span>
-                <span class="txt">트위터로 회원가입하기</i></span>
+                <span class="txt">트위터로 회원가입하기</span>
             </a>
             <?php }     //end if ?>
             <?php if( social_service_check('payco') ) {     //페이코 로그인을 사용한다면 ?>

From d7b209e93ce03ae2d2d62c48919ee07c0191ba4d Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 14 Sep 2018 14:36:47 +0900
Subject: [PATCH 8/9] =?UTF-8?q?=EC=A3=BC=EC=86=8C=20=EC=9E=85=EB=A0=A5?=
 =?UTF-8?q?=EC=8B=9C=20=ED=8F=AC=EC=BB=A4=EC=8A=A4=EB=AC=B8=EC=97=90=20set?=
 =?UTF-8?q?Timeout=20=EC=8B=9C=EA=B0=84=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 js/common.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/js/common.js b/js/common.js
index 7c4c8aa2e..071245a70 100644
--- a/js/common.js
+++ b/js/common.js
@@ -440,8 +440,10 @@ var win_zip = function(frm_name, frm_zip, frm_addr1, frm_addr2, frm_addr3, frm_j
         if(of[frm_jibeon] !== undefined){
             of[frm_jibeon].value = data.userSelectedType;
         }
-
-        of[frm_addr2].focus();
+        
+        setTimeout(function(){
+            of[frm_addr2].focus();
+        } , 100);
     };
 
     switch(zip_case) {

From 6025f101165a1b96be017d1ff68605842fadf27d Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 17 Sep 2018 10:07:34 +0900
Subject: [PATCH 9/9] =?UTF-8?q?5.3.1.7=20=EB=B2=84=EC=A0=84=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config.php b/config.php
index 205df5833..c341cebc0 100644
--- a/config.php
+++ b/config.php
@@ -5,7 +5,7 @@
 ********************/
 
 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.3.1.6');
+define('G5_GNUBOARD_VER', '5.3.1.7');
 
 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
 define('_GNUBOARD_', true);