From 548b99258854c5b5de1e82c28ad39e3842db292a Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Tue, 14 Apr 2020 17:43:02 +0900
Subject: [PATCH 1/4] =?UTF-8?q?5.4=20=EB=B2=84=EC=A0=84=20=EA=B2=8C?=
 =?UTF-8?q?=EC=8B=9C=ED=8C=90=20=EC=8A=A4=ED=82=A8=20=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/skin/board/basic/view_comment.skin.php  |  3 +++
 .../skin/board/gallery/view_comment.skin.php   |  3 +++
 skin/board/basic/style.css                     |  1 +
 skin/board/basic/view_comment.skin.php         | 18 ++++++++++++------
 skin/board/basic/write.skin.php                |  2 +-
 skin/board/gallery/view_comment.skin.php       | 18 ++++++++++++------
 skin/board/gallery/write.skin.php              |  2 +-
 .../skin/board/basic/view_comment.skin.php     |  3 +++
 .../skin/board/gallery/view_comment.skin.php   |  3 +++
 theme/basic/skin/board/basic/style.css         |  1 +
 .../skin/board/basic/view_comment.skin.php     | 18 ++++++++++++------
 theme/basic/skin/board/basic/write.skin.php    |  2 +-
 .../skin/board/gallery/view_comment.skin.php   | 18 ++++++++++++------
 theme/basic/skin/board/gallery/write.skin.php  |  2 +-
 14 files changed, 66 insertions(+), 28 deletions(-)

diff --git a/mobile/skin/board/basic/view_comment.skin.php b/mobile/skin/board/basic/view_comment.skin.php
index 6ff08887b..eda34f3fa 100644
--- a/mobile/skin/board/basic/view_comment.skin.php
+++ b/mobile/skin/board/basic/view_comment.skin.php
@@ -22,6 +22,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 		$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
     ?>
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-bottom-color:#f8f8f8"<?php } ?>>
         <div class="comment_inner">
@@ -37,6 +38,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php
                 include(G5_SNS_PATH."/view_comment_list.sns.skin.php");
                 ?>
+                <?php if( $is_comment_reply_edit ){ ?>
                 <div class="bo_vl_opt">
                     <button type="button" class="btn_cm_opt btn_b03 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
                     <ul class="bo_vc_act">
@@ -45,6 +47,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                         <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
                     </ul>
                 </div>
+                <?php } ?>
                 <script>
                 $(function() {			    
                     // 댓글 옵션창 열기
diff --git a/mobile/skin/board/gallery/view_comment.skin.php b/mobile/skin/board/gallery/view_comment.skin.php
index 6ff08887b..eda34f3fa 100644
--- a/mobile/skin/board/gallery/view_comment.skin.php
+++ b/mobile/skin/board/gallery/view_comment.skin.php
@@ -22,6 +22,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 		$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
     ?>
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-bottom-color:#f8f8f8"<?php } ?>>
         <div class="comment_inner">
@@ -37,6 +38,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php
                 include(G5_SNS_PATH."/view_comment_list.sns.skin.php");
                 ?>
+                <?php if( $is_comment_reply_edit ){ ?>
                 <div class="bo_vl_opt">
                     <button type="button" class="btn_cm_opt btn_b03 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
                     <ul class="bo_vc_act">
@@ -45,6 +47,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                         <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
                     </ul>
                 </div>
+                <?php } ?>
                 <script>
                 $(function() {			    
                     // 댓글 옵션창 열기
diff --git a/skin/board/basic/style.css b/skin/board/basic/style.css
index c374ddab1..d01e37c74 100644
--- a/skin/board/basic/style.css
+++ b/skin/board/basic/style.css
@@ -101,6 +101,7 @@
 #bo_list .td_numbig {width:80px;text-align:center}
 #bo_list .txt_active {color:#5d910b}
 #bo_list .txt_expired {color:#ccc}
+#bo_list tbody tr {border-left:2px solid transparent}
 #bo_list tbody tr:hover {border-left:2px solid #253dbe}
 
 #bo_cate {margin:25px 0}
diff --git a/skin/board/basic/view_comment.skin.php b/skin/board/basic/view_comment.skin.php
index c9e46ccf3..879a9d074 100644
--- a/skin/board/basic/view_comment.skin.php
+++ b/skin/board/basic/view_comment.skin.php
@@ -26,6 +26,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         $cmt_sv = $cmt_amt - $i + 1; // 댓글 헤더 z-index 재설정 ie8 이하 사이드뷰 겹침 문제 해결
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
 	?>
 
 	<article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
@@ -53,7 +54,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	                <?php if (strstr($list[$i]['wr_option'], "secret")) { ?><img src="<?php echo $board_skin_url; ?>/img/icon_secret.gif" alt="비밀글"><?php } ?>
 	                <?php echo $comment ?>
 	            </p>
-	            <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
+	            <?php if($is_comment_reply_edit) {
 	                if($w == 'cu') {
 	                    $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
 	                    $cmt = sql_fetch($sql);
@@ -70,6 +71,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	        <input type="hidden" value="<?php echo strstr($list[$i]['wr_option'],"secret") ?>" id="secret_comment_<?php echo $comment_id ?>">
 	        <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 		</div>
+        <?php if($is_comment_reply_edit) { ?>
 		<div class="bo_vl_opt">
             <button type="button" class="btn_cm_opt btn_b01 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
         	<ul class="bo_vc_act">
@@ -78,6 +80,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
             </ul>
         </div>
+        <?php } ?>
         <script>
 			$(function() {			    
 		    // 댓글 옵션창 열기
@@ -334,13 +337,16 @@ $(function() {
     );
 });
 <?php } ?>
-$(function() {            
+</script>
+<?php } ?>
+<!-- } 댓글 쓰기 끝 -->
+<script>
+jQuery(function($) {            
     //댓글열기
-    $(".cmt_btn").click(function(){
+    $(".cmt_btn").click(function(e){
+        e.preventDefault();
         $(this).toggleClass("cmt_btn_op");
         $("#bo_vc").toggle();
     });
 });
-</script>
-<?php } ?>
-<!-- } 댓글 쓰기 끝 -->
\ No newline at end of file
+</script>
\ No newline at end of file
diff --git a/skin/board/basic/write.skin.php b/skin/board/basic/write.skin.php
index c62eca526..5e341d278 100644
--- a/skin/board/basic/write.skin.php
+++ b/skin/board/basic/write.skin.php
@@ -130,7 +130,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$board_skin_url.'/style.css">', 0
     <?php for ($i=1; $is_link && $i<=G5_LINK_COUNT; $i++) { ?>
     <div class="bo_w_link write_div">
         <label for="wr_link<?php echo $i ?>"><i class="fa fa-link" aria-hidden="true"></i><span class="sound_only"> 링크  #<?php echo $i ?></span></label>
-        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){echo$write['wr_link'.$i];} ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
+        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){ echo $write['wr_link'.$i]; } ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
     </div>
     <?php } ?>
 
diff --git a/skin/board/gallery/view_comment.skin.php b/skin/board/gallery/view_comment.skin.php
index c918445e3..704020f2b 100644
--- a/skin/board/gallery/view_comment.skin.php
+++ b/skin/board/gallery/view_comment.skin.php
@@ -26,6 +26,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         $cmt_sv = $cmt_amt - $i + 1; // 댓글 헤더 z-index 재설정 ie8 이하 사이드뷰 겹침 문제 해결
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
 	?>
 
 	<article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
@@ -53,7 +54,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	                <?php if (strstr($list[$i]['wr_option'], "secret")) { ?><img src="<?php echo $board_skin_url; ?>/img/icon_secret.gif" alt="비밀글"><?php } ?>
 	                <?php echo $comment ?>
 	            </p>
-	            <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
+	            <?php if($is_comment_reply_edit) {
 	                if($w == 'cu') {
 	                    $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
 	                    $cmt = sql_fetch($sql);
@@ -70,6 +71,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	        <input type="hidden" value="<?php echo strstr($list[$i]['wr_option'],"secret") ?>" id="secret_comment_<?php echo $comment_id ?>">
 	        <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 		</div>
+        <?php if($is_comment_reply_edit) { ?>
 		<div class="bo_vl_opt">
             <button type="button" class="btn_cm_opt btn_b01 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
         	<ul class="bo_vc_act">
@@ -78,6 +80,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
             </ul>
         </div>
+        <?php } ?>
         <script>
 			$(function() {			    
 		    // 댓글 옵션창 열기
@@ -335,13 +338,16 @@ $(function() {
     );
 });
 <?php } ?>
-$(function() {            
+</script>
+<?php } ?>
+<!-- } 댓글 쓰기 끝 -->
+<script>
+jQuery(function($) {            
     //댓글열기
-    $(".cmt_btn").click(function(){
+    $(".cmt_btn").click(function(e){
+        e.preventDefault();
         $(this).toggleClass("cmt_btn_op");
         $("#bo_vc").toggle();
     });
 });
-</script>
-<?php } ?>
-<!-- } 댓글 쓰기 끝 -->
\ No newline at end of file
+</script>
\ No newline at end of file
diff --git a/skin/board/gallery/write.skin.php b/skin/board/gallery/write.skin.php
index 3e3617db6..a99b79000 100644
--- a/skin/board/gallery/write.skin.php
+++ b/skin/board/gallery/write.skin.php
@@ -128,7 +128,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$board_skin_url.'/style.css">', 0
     <?php for ($i=1; $is_link && $i<=G5_LINK_COUNT; $i++) { ?>
     <div class="bo_w_link write_div">
         <label for="wr_link<?php echo $i ?>"><i class="fa fa-link" aria-hidden="true"></i><span class="sound_only"> 링크  #<?php echo $i ?></span></label>
-        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){echo$write['wr_link'.$i];} ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
+        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){ echo $write['wr_link'.$i]; } ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
     </div>
     <?php } ?>
 
diff --git a/theme/basic/mobile/skin/board/basic/view_comment.skin.php b/theme/basic/mobile/skin/board/basic/view_comment.skin.php
index 6ff08887b..eda34f3fa 100644
--- a/theme/basic/mobile/skin/board/basic/view_comment.skin.php
+++ b/theme/basic/mobile/skin/board/basic/view_comment.skin.php
@@ -22,6 +22,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 		$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
     ?>
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-bottom-color:#f8f8f8"<?php } ?>>
         <div class="comment_inner">
@@ -37,6 +38,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php
                 include(G5_SNS_PATH."/view_comment_list.sns.skin.php");
                 ?>
+                <?php if( $is_comment_reply_edit ){ ?>
                 <div class="bo_vl_opt">
                     <button type="button" class="btn_cm_opt btn_b03 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
                     <ul class="bo_vc_act">
@@ -45,6 +47,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                         <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
                     </ul>
                 </div>
+                <?php } ?>
                 <script>
                 $(function() {			    
                     // 댓글 옵션창 열기
diff --git a/theme/basic/mobile/skin/board/gallery/view_comment.skin.php b/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
index 6ff08887b..eda34f3fa 100644
--- a/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
+++ b/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
@@ -22,6 +22,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 		$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp|mms)\:\/\/([^[:space:]]+)\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\<\/a\>\]/i", "<script>doc_write(obj_movie('$1://$2.$3'));</script>", $str);
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
     ?>
     <article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-bottom-color:#f8f8f8"<?php } ?>>
         <div class="comment_inner">
@@ -37,6 +38,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php
                 include(G5_SNS_PATH."/view_comment_list.sns.skin.php");
                 ?>
+                <?php if( $is_comment_reply_edit ){ ?>
                 <div class="bo_vl_opt">
                     <button type="button" class="btn_cm_opt btn_b03 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
                     <ul class="bo_vc_act">
@@ -45,6 +47,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                         <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
                     </ul>
                 </div>
+                <?php } ?>
                 <script>
                 $(function() {			    
                     // 댓글 옵션창 열기
diff --git a/theme/basic/skin/board/basic/style.css b/theme/basic/skin/board/basic/style.css
index c374ddab1..d01e37c74 100644
--- a/theme/basic/skin/board/basic/style.css
+++ b/theme/basic/skin/board/basic/style.css
@@ -101,6 +101,7 @@
 #bo_list .td_numbig {width:80px;text-align:center}
 #bo_list .txt_active {color:#5d910b}
 #bo_list .txt_expired {color:#ccc}
+#bo_list tbody tr {border-left:2px solid transparent}
 #bo_list tbody tr:hover {border-left:2px solid #253dbe}
 
 #bo_cate {margin:25px 0}
diff --git a/theme/basic/skin/board/basic/view_comment.skin.php b/theme/basic/skin/board/basic/view_comment.skin.php
index c9e46ccf3..879a9d074 100644
--- a/theme/basic/skin/board/basic/view_comment.skin.php
+++ b/theme/basic/skin/board/basic/view_comment.skin.php
@@ -26,6 +26,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         $cmt_sv = $cmt_amt - $i + 1; // 댓글 헤더 z-index 재설정 ie8 이하 사이드뷰 겹침 문제 해결
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
 	?>
 
 	<article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
@@ -53,7 +54,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	                <?php if (strstr($list[$i]['wr_option'], "secret")) { ?><img src="<?php echo $board_skin_url; ?>/img/icon_secret.gif" alt="비밀글"><?php } ?>
 	                <?php echo $comment ?>
 	            </p>
-	            <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
+	            <?php if($is_comment_reply_edit) {
 	                if($w == 'cu') {
 	                    $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
 	                    $cmt = sql_fetch($sql);
@@ -70,6 +71,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	        <input type="hidden" value="<?php echo strstr($list[$i]['wr_option'],"secret") ?>" id="secret_comment_<?php echo $comment_id ?>">
 	        <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 		</div>
+        <?php if($is_comment_reply_edit) { ?>
 		<div class="bo_vl_opt">
             <button type="button" class="btn_cm_opt btn_b01 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
         	<ul class="bo_vc_act">
@@ -78,6 +80,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
             </ul>
         </div>
+        <?php } ?>
         <script>
 			$(function() {			    
 		    // 댓글 옵션창 열기
@@ -334,13 +337,16 @@ $(function() {
     );
 });
 <?php } ?>
-$(function() {            
+</script>
+<?php } ?>
+<!-- } 댓글 쓰기 끝 -->
+<script>
+jQuery(function($) {            
     //댓글열기
-    $(".cmt_btn").click(function(){
+    $(".cmt_btn").click(function(e){
+        e.preventDefault();
         $(this).toggleClass("cmt_btn_op");
         $("#bo_vc").toggle();
     });
 });
-</script>
-<?php } ?>
-<!-- } 댓글 쓰기 끝 -->
\ No newline at end of file
+</script>
\ No newline at end of file
diff --git a/theme/basic/skin/board/basic/write.skin.php b/theme/basic/skin/board/basic/write.skin.php
index c62eca526..5e341d278 100644
--- a/theme/basic/skin/board/basic/write.skin.php
+++ b/theme/basic/skin/board/basic/write.skin.php
@@ -130,7 +130,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$board_skin_url.'/style.css">', 0
     <?php for ($i=1; $is_link && $i<=G5_LINK_COUNT; $i++) { ?>
     <div class="bo_w_link write_div">
         <label for="wr_link<?php echo $i ?>"><i class="fa fa-link" aria-hidden="true"></i><span class="sound_only"> 링크  #<?php echo $i ?></span></label>
-        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){echo$write['wr_link'.$i];} ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
+        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){ echo $write['wr_link'.$i]; } ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
     </div>
     <?php } ?>
 
diff --git a/theme/basic/skin/board/gallery/view_comment.skin.php b/theme/basic/skin/board/gallery/view_comment.skin.php
index c918445e3..0c856557a 100644
--- a/theme/basic/skin/board/gallery/view_comment.skin.php
+++ b/theme/basic/skin/board/gallery/view_comment.skin.php
@@ -26,6 +26,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         $cmt_sv = $cmt_amt - $i + 1; // 댓글 헤더 z-index 재설정 ie8 이하 사이드뷰 겹침 문제 해결
 		$c_reply_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=c#bo_vc_w';
 		$c_edit_href = $comment_common_url.'&amp;c_id='.$comment_id.'&amp;w=cu#bo_vc_w';
+        $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0;
 	?>
 
 	<article id="c_<?php echo $comment_id ?>" <?php if ($cmt_depth) { ?>style="margin-left:<?php echo $cmt_depth ?>px;border-top-color:#e0e0e0"<?php } ?>>
@@ -53,7 +54,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	                <?php if (strstr($list[$i]['wr_option'], "secret")) { ?><img src="<?php echo $board_skin_url; ?>/img/icon_secret.gif" alt="비밀글"><?php } ?>
 	                <?php echo $comment ?>
 	            </p>
-	            <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
+	            <?php if($is_comment_reply_edit) {
 	                if($w == 'cu') {
 	                    $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
 	                    $cmt = sql_fetch($sql);
@@ -70,6 +71,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
 	        <input type="hidden" value="<?php echo strstr($list[$i]['wr_option'],"secret") ?>" id="secret_comment_<?php echo $comment_id ?>">
 	        <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 		</div>
+        <?php if($is_comment_reply_edit){ ?>
 		<div class="bo_vl_opt">
             <button type="button" class="btn_cm_opt btn_b01 btn"><i class="fa fa-ellipsis-v" aria-hidden="true"></i><span class="sound_only">댓글 옵션</span></button>
         	<ul class="bo_vc_act">
@@ -78,6 +80,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
                 <?php if ($list[$i]['is_del']) { ?><li><a href="<?php echo $list[$i]['del_link']; ?>" onclick="return comment_delete();">삭제</a></li><?php } ?>
             </ul>
         </div>
+        <?php } ?>
         <script>
 			$(function() {			    
 		    // 댓글 옵션창 열기
@@ -335,13 +338,16 @@ $(function() {
     );
 });
 <?php } ?>
-$(function() {            
+</script>
+<?php } ?>
+<!-- } 댓글 쓰기 끝 -->
+<script>
+jQuery(function($) {            
     //댓글열기
-    $(".cmt_btn").click(function(){
+    $(".cmt_btn").click(function(e){
+        e.preventDefault();
         $(this).toggleClass("cmt_btn_op");
         $("#bo_vc").toggle();
     });
 });
-</script>
-<?php } ?>
-<!-- } 댓글 쓰기 끝 -->
\ No newline at end of file
+</script>
\ No newline at end of file
diff --git a/theme/basic/skin/board/gallery/write.skin.php b/theme/basic/skin/board/gallery/write.skin.php
index 3e3617db6..a99b79000 100644
--- a/theme/basic/skin/board/gallery/write.skin.php
+++ b/theme/basic/skin/board/gallery/write.skin.php
@@ -128,7 +128,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$board_skin_url.'/style.css">', 0
     <?php for ($i=1; $is_link && $i<=G5_LINK_COUNT; $i++) { ?>
     <div class="bo_w_link write_div">
         <label for="wr_link<?php echo $i ?>"><i class="fa fa-link" aria-hidden="true"></i><span class="sound_only"> 링크  #<?php echo $i ?></span></label>
-        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){echo$write['wr_link'.$i];} ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
+        <input type="text" name="wr_link<?php echo $i ?>" value="<?php if($w=="u"){ echo $write['wr_link'.$i]; } ?>" id="wr_link<?php echo $i ?>" class="frm_input full_input" size="50">
     </div>
     <?php } ?>
 

From e221783c20ba8c0f53e48513bac46fe2f67a6a1d Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 17 Apr 2020 13:48:37 +0900
Subject: [PATCH 2/4] =?UTF-8?q?=EC=9E=98=EB=AA=BB=EB=90=9C=20=ED=91=9C?=
 =?UTF-8?q?=EA=B8=B0=20=EB=98=90=EB=8A=94=20=EB=AC=B8=EB=B2=95=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/db_table.optimize.php |  2 +-
 bbs/download.php          |  6 +++---
 bbs/qadownload.php        | 11 ++++++++---
 bbs/write_update.php      | 22 +++++++++++-----------
 4 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/bbs/db_table.optimize.php b/bbs/db_table.optimize.php
index 828923029..97a2fd8fa 100644
--- a/bbs/db_table.optimize.php
+++ b/bbs/db_table.optimize.php
@@ -53,7 +53,7 @@ if($config['cf_leave_day'] > 0) {
 }
 
 // 음성 캡챠 파일 삭제
-$captcha_mp3 = glob(G5_PATH.'/data/cache/kcaptcha-*.mp3');
+$captcha_mp3 = glob(G5_DATA_PATH.'/cache/kcaptcha-*.mp3');
 if($captcha_mp3 && is_array($captcha_mp3)) {
     foreach ($captcha_mp3 as $file) {
         if (filemtime($file) + 86400 < G5_SERVER_TIME) {
diff --git a/bbs/download.php b/bbs/download.php
index e4f7fa3fe..2b2aa1f2b 100644
--- a/bbs/download.php
+++ b/bbs/download.php
@@ -108,17 +108,17 @@ run_event('download_file_header', $file, $file_exist_check);
 
 if(preg_match("/msie/i", $_SERVER['HTTP_USER_AGENT']) && preg_match("/5\.5/", $_SERVER['HTTP_USER_AGENT'])) {
     header("content-type: doesn/matter");
-    header("content-length: ".filesize("$filepath"));
+    header("content-length: ".filesize($filepath));
     header("content-disposition: attachment; filename=\"$original\"");
     header("content-transfer-encoding: binary");
 } else if (preg_match("/Firefox/i", $_SERVER['HTTP_USER_AGENT'])){
     header("content-type: file/unknown");
-    header("content-length: ".filesize("$filepath"));
+    header("content-length: ".filesize($filepath));
     header("content-disposition: attachment; filename=\"".basename($file['bf_source'])."\"");
     header("content-description: php generated data");
 } else {
     header("content-type: file/unknown");
-    header("content-length: ".filesize("$filepath"));
+    header("content-length: ".filesize($filepath));
     header("content-disposition: attachment; filename=\"$original\"");
     header("content-description: php generated data");
 }
diff --git a/bbs/qadownload.php b/bbs/qadownload.php
index 3c1a838c0..b6f163ed7 100644
--- a/bbs/qadownload.php
+++ b/bbs/qadownload.php
@@ -22,21 +22,26 @@ if($is_guest) {
 
 $filepath = G5_DATA_PATH.'/qa/'.$file['qa_file'.$no];
 $filepath = addslashes($filepath);
-if (!is_file($filepath) || !file_exists($filepath))
+$file_exist_check = (!is_file($filepath) || !file_exists($filepath)) ? false : true;
+
+if ( false === run_replace('qa_download_file_exist_check', $file_exist_check, $file) ){
     alert('파일이 존재하지 않습니다.');
+}
 
 $g5['title'] = '다운로드 &gt; '.conv_subject($file['qa_subject'], 255);
 
+run_event('qa_download_file_header', $file, $file_exist_check);
+
 $original = urlencode($file['qa_source'.$no]);
 
 if(preg_match("/msie/i", $_SERVER['HTTP_USER_AGENT']) && preg_match("/5\.5/", $_SERVER['HTTP_USER_AGENT'])) {
     header("content-type: doesn/matter");
-    header("content-length: ".filesize("$filepath"));
+    header("content-length: ".filesize($filepath));
     header("content-disposition: attachment; filename=\"$original\"");
     header("content-transfer-encoding: binary");
 } else {
     header("content-type: file/unknown");
-    header("content-length: ".filesize("$filepath"));
+    header("content-length: ".filesize($filepath));
     header("content-disposition: attachment; filename=\"$original\"");
     header("content-description: php generated data");
 }
diff --git a/bbs/write_update.php b/bbs/write_update.php
index 3f50cc96a..723cb7857 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -466,9 +466,9 @@ for ($i=0; $i<count($_FILES['bf_file']['name']); $i++) {
     $upload[$i]['source']   = '';
     $upload[$i]['filesize'] = 0;
     $upload[$i]['image']    = array();
-    $upload[$i]['image'][0] = '';
-    $upload[$i]['image'][1] = '';
-    $upload[$i]['image'][2] = '';
+    $upload[$i]['image'][0] = 0;
+    $upload[$i]['image'][1] = 0;
+    $upload[$i]['image'][2] = 0;
     $upload[$i]['fileurl'] = '';
     $upload[$i]['thumburl'] = '';
     $upload[$i]['storage'] = '';
@@ -593,10 +593,10 @@ for ($i=0; $i<count($upload); $i++)
                              bf_fileurl = '{$upload[$i]['fileurl']}',
                              bf_thumburl = '{$upload[$i]['thumburl']}',
                              bf_storage = '{$upload[$i]['storage']}',
-                             bf_filesize = '{$upload[$i]['filesize']}',
-                             bf_width = '{$upload[$i]['image']['0']}',
-                             bf_height = '{$upload[$i]['image']['1']}',
-                             bf_type = '{$upload[$i]['image']['2']}',
+                             bf_filesize = '".(int)$upload[$i]['filesize']."',
+                             bf_width = '".(int)$upload[$i]['image'][0]."',
+                             bf_height = '".(int)$upload[$i]['image'][1]."',
+                             bf_type = '".(int)$upload[$i]['image'][2]."',
                              bf_datetime = '".G5_TIME_YMDHIS."'
                       where bo_table = '{$bo_table}'
                                 and wr_id = '{$wr_id}'
@@ -626,10 +626,10 @@ for ($i=0; $i<count($upload); $i++)
                          bf_thumburl = '{$upload[$i]['thumburl']}',
                          bf_storage = '{$upload[$i]['storage']}',
                          bf_download = 0,
-                         bf_filesize = '{$upload[$i]['filesize']}',
-                         bf_width = '{$upload[$i]['image']['0']}',
-                         bf_height = '{$upload[$i]['image']['1']}',
-                         bf_type = '{$upload[$i]['image']['2']}',
+                         bf_filesize = '".(int)$upload[$i]['filesize']."',
+                         bf_width = '".(int)$upload[$i]['image'][0]."',
+                         bf_height = '".(int)$upload[$i]['image'][1]."',
+                         bf_type = '".(int)$upload[$i]['image'][2]."',
                          bf_datetime = '".G5_TIME_YMDHIS."' ";
         sql_query($sql);
 

From 1dc7e5640db0c00315aa3f957c078807bde0b4a9 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 20 Apr 2020 16:50:27 +0900
Subject: [PATCH 3/4] =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=EC=82=AC=EC=9D=B4?=
 =?UTF-8?q?=EB=93=9C=EB=B7=B0=20no=20=ED=94=84=EB=A1=9C=ED=95=84=20?=
 =?UTF-8?q?=EC=9D=B4=EB=AF=B8=EC=A7=80=20=EC=82=AC=EC=9D=B4=EC=A6=88=20?=
 =?UTF-8?q?=EC=84=A4=EC=A0=95=20=EC=BD=94=EB=93=9C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 extend/default.config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/extend/default.config.php b/extend/default.config.php
index 8bde033a9..4a134a7a8 100644
--- a/extend/default.config.php
+++ b/extend/default.config.php
@@ -2,7 +2,7 @@
 if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 
 // 유저 사이드뷰에서 아이콘 지정 안했을시 기본 no 프로필 이미지
-define('G5_NO_PROFILE_IMG', '<span class="profile_img"><img src="'.G5_IMG_URL.'/no_profile.gif" alt="no_profile" width="20" height="20"></span>');
+define('G5_NO_PROFILE_IMG', '<span class="profile_img"><img src="'.G5_IMG_URL.'/no_profile.gif" alt="no_profile" width="'.$config['cf_member_icon_width'].'" height="'.$config['cf_member_icon_height'].'"></span>');
 
 // 썸네일 처리 방식, 비율유지 하지 않고 썸네일을 생성하려면 주석을 풀고 값은 false 입력합니다. ( true 또는 주석으로 된 경우에는 비율 유지합니다. )
 //define('G5_USE_THUMB_RATIO', false);

From 4c41828e73cbc220ffeeaf9d171589c541b6c3f8 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 23 Apr 2020 17:33:23 +0900
Subject: [PATCH 4/4] =?UTF-8?q?[KVE-2020-0200,0202]=EA=B7=B8=EB=88=84?=
 =?UTF-8?q?=EB=B3=B4=EB=93=9C,=EC=98=81=EC=B9=B4=ED=8A=B8=20=EB=8B=A4?=
 =?UTF-8?q?=EC=A4=91=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/admin.lib.php              |  2 +-
 adm/board_form.php             |  1 +
 install/ajax.install.check.php |  4 ++++
 install/install_config.php     |  2 +-
 install/install_db.php         | 12 ++++++++----
 lib/common.lib.php             | 16 ++++++++++++++++
 6 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/adm/admin.lib.php b/adm/admin.lib.php
index 31f765e45..daf6383c7 100644
--- a/adm/admin.lib.php
+++ b/adm/admin.lib.php
@@ -477,7 +477,7 @@ function admin_check_xss_params($params){
 
         if( is_array($value) ){
             admin_check_xss_params($value);
-        } else if ( preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value)) ){
+        } else if ( (preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*get_ajax_token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) ){
             alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.');
             die();
         }
diff --git a/adm/board_form.php b/adm/board_form.php
index 3e60031d2..f75650a74 100644
--- a/adm/board_form.php
+++ b/adm/board_form.php
@@ -82,6 +82,7 @@ if (!isset($board['bo_use_captcha'])) {
 
 $required = "";
 $readonly = "";
+$sound_only = "";
 if ($w == '') {
 
     $html_title .= ' 생성';
diff --git a/install/ajax.install.check.php b/install/ajax.install.check.php
index fd5616f73..a6fc82f2c 100644
--- a/install/ajax.install.check.php
+++ b/install/ajax.install.check.php
@@ -15,6 +15,10 @@ if (file_exists($dbconfig_file)) {
     die(install_json_msg('프로그램이 이미 설치되어 있습니다.'));
 }
 
+if (preg_match("/[^0-9a-z_]+/i", $_POST['table_prefix']) ) {
+    die(install_json_msg('TABLE명 접두사는 영문자, 숫자, _ 만 입력하세요.'));
+}
+
 $mysql_host  = safe_install_string_check($_POST['mysql_host'], 'json');
 $mysql_user  = safe_install_string_check($_POST['mysql_user'], 'json');
 $mysql_pass  = safe_install_string_check($_POST['mysql_pass'], 'json');
diff --git a/install/install_config.php b/install/install_config.php
index 468c89372..03d3f3e86 100644
--- a/install/install_config.php
+++ b/install/install_config.php
@@ -61,7 +61,7 @@ $ajax_token = md5($tmp_str.$_SERVER['REMOTE_ADDR'].$_SERVER['DOCUMENT_ROOT']);
         <th scope="row"><label for="table_prefix">TABLE명 접두사</label></th>
         <td>
             <input name="table_prefix" type="text" value="g5_" id="table_prefix">
-            <span>가능한 변경하지 마십시오.</span>
+            <span>TABLE명 접두사는 영문자, 숫자, _ 만 입력 가능합니다.</span>
         </td>
     </tr>
     </tbody>
diff --git a/install/install_db.php b/install/install_db.php
index 89e78a8ec..bd2a66acf 100644
--- a/install/install_db.php
+++ b/install/install_db.php
@@ -33,6 +33,10 @@ $admin_pass  = $_POST['admin_pass'];
 $admin_name  = $_POST['admin_name'];
 $admin_email = $_POST['admin_email'];
 
+if (preg_match("/[^0-9a-z_]+/i", $table_prefix) ) {
+    die('<div class="ins_inner"><p>TABLE명 접두사는 영문자, 숫자, _ 만 입력하세요.</p><div class="inner_btn"><a href="./install_config.php">뒤로가기</a></div></div>');
+}
+
 if (preg_match("/[^0-9a-z_]+/i", $admin_id)) {
     die('<div class="ins_inner"><p>관리자 아이디는 영문자, 숫자, _ 만 입력하세요.</p><div class="inner_btn"><a href="./install_config.php">뒤로가기</a></div></div>');
 }
@@ -340,10 +344,10 @@ $f = @fopen($file, 'a');
 
 fwrite($f, "<?php\n");
 fwrite($f, "if (!defined('_GNUBOARD_')) exit;\n");
-fwrite($f, "define('G5_MYSQL_HOST', '{$mysql_host}');\n");
-fwrite($f, "define('G5_MYSQL_USER', '{$mysql_user}');\n");
-fwrite($f, "define('G5_MYSQL_PASSWORD', '{$mysql_pass}');\n");
-fwrite($f, "define('G5_MYSQL_DB', '{$mysql_db}');\n");
+fwrite($f, "define('G5_MYSQL_HOST', '".addcslashes($mysql_host, "\\'")."');\n");
+fwrite($f, "define('G5_MYSQL_USER', '".addcslashes($mysql_user, "\\'")."');\n");
+fwrite($f, "define('G5_MYSQL_PASSWORD', '".addcslashes($mysql_pass, "\\'")."');\n");
+fwrite($f, "define('G5_MYSQL_DB', '".addcslashes($mysql_db, "\\'")."');\n");
 fwrite($f, "define('G5_MYSQL_SET_MODE', {$mysql_set_mode});\n\n");
 fwrite($f, "define('G5_TABLE_PREFIX', '{$table_prefix}');\n\n");
 fwrite($f, "\$g5['write_prefix'] = G5_TABLE_PREFIX.'write_'; // 게시판 테이블명 접두사\n\n");
diff --git a/lib/common.lib.php b/lib/common.lib.php
index 88f2c45cd..971960623 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -3070,6 +3070,22 @@ function clean_xss_attributes($str)
     return $str;
 }
 
+function clean_relative_paths($path){
+    $path_len = strlen($path);
+    
+    $i = 0;
+    while($i <= $path_len){
+        $result = str_replace('../', '', str_replace('\\', '/', $path));
+
+        if((string)$result === (string)$path) break;
+
+        $path = $result;
+        $i++;
+    }
+
+    return $path;
+}
+
 // unescape nl 얻기
 function conv_unescape_nl($str)
 {