From ab80c9c6c85b4256332f5fd884b61e15eddbecec Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Wed, 28 May 2014 17:46:16 +0900
Subject: [PATCH] =?UTF-8?q?=EA=B2=80=EC=83=89=EC=96=B4=20=ED=8A=B9?=
 =?UTF-8?q?=EC=88=98=EB=AC=B8=EC=9E=90=20=EC=B2=98=EB=A6=AC=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/shop/search.php    |  6 +++---
 mobile/shop/shop.head.php |  2 +-
 shop/search.php           | 12 ++++++------
 shop/shop.head.php        |  2 +-
 4 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/mobile/shop/search.php b/mobile/shop/search.php
index b6376c385..f63022ce9 100644
--- a/mobile/shop/search.php
+++ b/mobile/shop/search.php
@@ -16,13 +16,13 @@ $search_all = true;
 if (isset($_GET['qname']) || isset($_GET['qexplan']) || isset($_GET['qid']))
     $search_all = false;
 
-$q       = utf8_strcut(trim($_GET['q']), 30, "");
+$q       = utf8_strcut(get_search_string(trim($_GET['q'])), 30, "");
 $qname   = isset($_GET['qname']) ? trim($_GET['qname']) : '';
 $qexplan = isset($_GET['qexplan']) ? trim($_GET['qexplan']) : '';
 $qid     = isset($_GET['qid']) ? trim($_GET['qid']) : '';
 $qcaid   = isset($_GET['qcaid']) ? trim($_GET['qcaid']) : '';
-$qfrom   = isset($_GET['qfrom']) ? trim($_GET['qfrom']) : '';
-$qto     = isset($_GET['qto']) ? trim($_GET['qto']) : '';
+$qfrom   = isset($_GET['qfrom']) ? preg_replace('/[^0-9]/', '', trim($_GET['qfrom'])) : '';
+$qto     = isset($_GET['qto']) ? preg_replace('/[^0-9]/', '', trim($_GET['qto'])) : '';
 $qsort   = trim($_GET['qsort']);
 
 // 검색범위 checkbox 처리
diff --git a/mobile/shop/shop.head.php b/mobile/shop/shop.head.php
index 3196cf9f7..65164cbaa 100644
--- a/mobile/shop/shop.head.php
+++ b/mobile/shop/shop.head.php
@@ -28,7 +28,7 @@ include_once(G5_LIB_PATH.'/latest.lib.php');
         <div class="sch_inner">
             <h2>상품 검색</h2>
             <label for="sch_str" class="sound_only">상품명<strong class="sound_only"> 필수</strong></label>
-            <input type="text" name="q" value="<?php echo stripslashes(get_text($q)); ?>" id="sch_str" required class="frm_input">
+            <input type="text" name="q" value="<?php echo stripslashes(get_text(get_search_string($q))); ?>" id="sch_str" required class="frm_input">
             <input type="submit" value="검색" class="btn_submit">
             <button type="button" class="pop_close"><span class="sound_only">검색 </span>닫기</button>
         </div>
diff --git a/shop/search.php b/shop/search.php
index f86b8edb5..05ac84bdb 100644
--- a/shop/search.php
+++ b/shop/search.php
@@ -21,13 +21,13 @@ $search_all = true;
 if (isset($_GET['qname']) || isset($_GET['qexplan']) || isset($_GET['qid']))
     $search_all = false;
 
-$q       = utf8_strcut(trim($_GET['q']), 30, "");
+$q       = utf8_strcut(get_search_string(trim($_GET['q'])), 30, "");
 $qname   = isset($_GET['qname']) ? trim($_GET['qname']) : '';
 $qexplan = isset($_GET['qexplan']) ? trim($_GET['qexplan']) : '';
 $qid     = isset($_GET['qid']) ? trim($_GET['qid']) : '';
 $qcaid   = isset($_GET['qcaid']) ? trim($_GET['qcaid']) : '';
-$qfrom   = isset($_GET['qfrom']) ? trim($_GET['qfrom']) : '';
-$qto     = isset($_GET['qto']) ? trim($_GET['qto']) : '';
+$qfrom   = isset($_GET['qfrom']) ? preg_replace('/[^0-9]/', '', trim($_GET['qfrom'])) : '';
+$qto     = isset($_GET['qto']) ? preg_replace('/[^0-9]/', '', trim($_GET['qto'])) : '';
 $qsort   = trim($_GET['qsort']);
 
 // 검색범위 checkbox 처리
@@ -121,9 +121,9 @@ if ($is_admin) {
         <input type="hidden" name="qcaid" id="qcaid" value="<?php echo $qcaid ?>">
         <div>
             <strong>검색범위</strong>
-            <input type="checkbox" name="qname" id="ssch_qname" <?php echo $qname_check?'checked="checked"':'';?>> <label for="ssch_qname">상품명</label>
-            <input type="checkbox" name="qexplan" id="ssch_qexplan" <?php echo $qexplan_check?'checked="checked"':'';?>> <label for="ssch_qexplan">상품설명</label>
-            <input type="checkbox" name="qid" id="ssch_qid" <?php echo $qid_check?'checked="checked"':'';?>> <label for="ssch_qid">상품코드</label>
+            <input type="checkbox" name="qname" id="ssch_qname" value="1" <?php echo $qname_check?'checked="checked"':'';?>> <label for="ssch_qname">상품명</label>
+            <input type="checkbox" name="qexplan" id="ssch_qexplan" value="1" <?php echo $qexplan_check?'checked="checked"':'';?>> <label for="ssch_qexplan">상품설명</label>
+            <input type="checkbox" name="qid" id="ssch_qid" value="1" <?php echo $qid_check?'checked="checked"':'';?>> <label for="ssch_qid">상품코드</label>
         </div>
         <div>
             <strong>상품가격 (원)</strong>
diff --git a/shop/shop.head.php b/shop/shop.head.php
index e047f6cce..3dfae8df8 100644
--- a/shop/shop.head.php
+++ b/shop/shop.head.php
@@ -37,7 +37,7 @@ include_once(G5_LIB_PATH.'/latest.lib.php');
             <form name="frmsearch1" action="<?php echo G5_SHOP_URL; ?>/search.php" onsubmit="return search_submit(this);">
 
             <label for="sch_str" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
-            <input type="text" name="q" value="<?php echo stripslashes(get_text($q)); ?>" id="sch_str" required>
+            <input type="text" name="q" value="<?php echo stripslashes(get_text(get_search_string($q))); ?>" id="sch_str" required>
             <input type="submit" value="검색" id="sch_submit">
 
             </form>