From 0b4fe3148fc02d5466e31a840dcf11d7dca4594b Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Wed, 30 Jul 2014 10:40:16 +0900
Subject: [PATCH 1/3] =?UTF-8?q?=ED=8F=AC=ED=8A=B8=EB=B2=88=ED=98=B8=20?=
 =?UTF-8?q?=EC=A4=91=EB=B3=B5=EB=90=98=EB=8A=94=20=EC=98=A4=EB=A5=98=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 common.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/common.php b/common.php
index b689a7791..5e528a392 100644
--- a/common.php
+++ b/common.php
@@ -35,7 +35,10 @@ function g5_path()
     $port = $_SERVER['SERVER_PORT'] != 80 ? ':'.$_SERVER['SERVER_PORT'] : '';
     $http = 'http' . ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ? 's' : '') . '://';
     $user = str_replace(str_replace($document_root, '', $_SERVER['SCRIPT_FILENAME']), '', $_SERVER['SCRIPT_NAME']);
-    $result['url'] = $http.(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']).$port.$user.$root;
+    $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'];
+    if(isset($_SERVER['HTTP_HOST']) && preg_match('/:[0-9]+$/', $host))
+        $host = preg_replace('/:[0-9]+$/', '', $host);
+    $result['url'] = $http.$host.$port.$user.$root;
     return $result;
 }
 

From b5abe21889d5e5697e5b8750d9459d836f4d4b54 Mon Sep 17 00:00:00 2001
From: SIR <admin@sir.co.kr>
Date: Wed, 30 Jul 2014 15:45:45 +0900
Subject: [PATCH 2/3] =?UTF-8?q?=EC=B5=9C=EC=86=8C,=20=EC=B5=9C=EB=8C=80=20?=
 =?UTF-8?q?=EB=8C=93=EA=B8=80=EC=88=98=20=EC=95=88=EB=82=B4=EB=AC=B8?=
 =?UTF-8?q?=EA=B5=AC=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/board_form.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/adm/board_form.php b/adm/board_form.php
index ae69b945c..1cc440d6e 100644
--- a/adm/board_form.php
+++ b/adm/board_form.php
@@ -708,7 +708,7 @@ $frm_submit .= '</div>';
         <tr>
             <th scope="row"><label for="bo_comment_min">최소 댓글수 제한</label></th>
             <td>
-                <?php echo help('댓글 입력시 최소 글자수, 최대 글자수를 설정. 0을 입력하면 검사하지 않음') ?>
+                <?php echo help('댓글 입력시 최소 글자수를 설정. 0을 입력하면 검사하지 않음') ?>
                 <input type="text" name="bo_comment_min" value="<?php echo $board['bo_comment_min'] ?>" id="bo_comment_min" class="numeric frm_input" size="4">
             </td>
             <td class="td_grpset">
@@ -721,7 +721,7 @@ $frm_submit .= '</div>';
         <tr>
             <th scope="row"><label for="bo_comment_max">최대 댓글수 제한</label></th>
             <td>
-                <?php echo help('댓글 입력시 최소 글자수, 최대 글자수를 설정. 0을 입력하면 검사하지 않음') ?>
+                <?php echo help('댓글 입력시 최대 글자수를 설정. 0을 입력하면 검사하지 않음') ?>
                 <input type="text" name="bo_comment_max" value="<?php echo $board['bo_comment_max'] ?>" id="bo_comment_max" class="numeric frm_input" size="4">
             </td>
             <td class="td_grpset">

From eb30cf84b485f5afacddd71119bc1cdb9d998d6b Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Wed, 30 Jul 2014 17:48:48 +0900
Subject: [PATCH 3/3] =?UTF-8?q?=EB=8C=93=EA=B8=80=20wr=5Fname=EC=9D=84=20?=
 =?UTF-8?q?=EC=9D=B4=EC=9A=A9=ED=95=9C=20xss=20=EB=B3=B4=EC=95=88=20?=
 =?UTF-8?q?=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/skin/board/basic/view_comment.skin.php   | 2 +-
 mobile/skin/board/gallery/view_comment.skin.php | 2 +-
 skin/board/basic/view_comment.skin.php          | 2 +-
 skin/board/gallery/view_comment.skin.php        | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/mobile/skin/board/basic/view_comment.skin.php b/mobile/skin/board/basic/view_comment.skin.php
index 946d56c44..d3aa7fe05 100644
--- a/mobile/skin/board/basic/view_comment.skin.php
+++ b/mobile/skin/board/basic/view_comment.skin.php
@@ -23,7 +23,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
     ?>
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
         <header>
-            <h1><?php echo $list[$i]['wr_name'] ?>님의 댓글</h1>
+            <h1><?php echo get_text($list[$i]['wr_name']); ?>님의 댓글</h1>
             <?php echo $list[$i]['name'] ?>
             <?php if ($cmt_depth) { ?><img src="<?php echo $board_skin_url ?>/img/icon_reply.gif" alt="댓글의 댓글" class="icon_reply"><?php } ?>
             <?php if ($is_ip_view) { ?>
diff --git a/mobile/skin/board/gallery/view_comment.skin.php b/mobile/skin/board/gallery/view_comment.skin.php
index 946d56c44..d3aa7fe05 100644
--- a/mobile/skin/board/gallery/view_comment.skin.php
+++ b/mobile/skin/board/gallery/view_comment.skin.php
@@ -23,7 +23,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
     ?>
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
         <header>
-            <h1><?php echo $list[$i]['wr_name'] ?>님의 댓글</h1>
+            <h1><?php echo get_text($list[$i]['wr_name']); ?>님의 댓글</h1>
             <?php echo $list[$i]['name'] ?>
             <?php if ($cmt_depth) { ?><img src="<?php echo $board_skin_url ?>/img/icon_reply.gif" alt="댓글의 댓글" class="icon_reply"><?php } ?>
             <?php if ($is_ip_view) { ?>
diff --git a/skin/board/basic/view_comment.skin.php b/skin/board/basic/view_comment.skin.php
index 287c7a29c..1d4514dd2 100644
--- a/skin/board/basic/view_comment.skin.php
+++ b/skin/board/basic/view_comment.skin.php
@@ -29,7 +29,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
         <header style="z-index:<?php echo $cmt_sv; ?>">
-            <h1><?php echo $list[$i]['wr_name'] ?>님의 댓글</h1>
+            <h1><?php echo get_text($list[$i]['wr_name']); ?>님의 댓글</h1>
             <?php echo $list[$i]['name'] ?>
             <?php if ($cmt_depth) { ?><img src="<?php echo $board_skin_url ?>/img/icon_reply.gif" class="icon_reply" alt="댓글의 댓글"><?php } ?>
             <?php if ($is_ip_view) { ?>
diff --git a/skin/board/gallery/view_comment.skin.php b/skin/board/gallery/view_comment.skin.php
index 97529e075..a74a0fa76 100644
--- a/skin/board/gallery/view_comment.skin.php
+++ b/skin/board/gallery/view_comment.skin.php
@@ -29,7 +29,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
         <header style="z-index:<?php echo $cmt_sv; ?>">
-            <h1><?php echo $list[$i]['wr_name'] ?>님의 댓글</h1>
+            <h1><?php echo get_text($list[$i]['wr_name']); ?>님의 댓글</h1>
             <?php echo $list[$i]['name'] ?>
             <?php if ($cmt_depth) { ?><img src="<?php echo $board_skin_url ?>/img/icon_reply.gif" class="icon_reply" alt="댓글의 댓글"><?php } ?>
             <?php if ($is_ip_view) { ?>