Merge remote-tracking branch '그누보드/master'

2026-02-20 11:42:31 +09:00
parent 4900f86d74 ef1be317e1
commit bdf228e69d
33 changed files with 156 additions and 57 deletions
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@ -39,14 +39,17 @@ $bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]
 $check_captcha = false;

 // 관리자가 자동등록방지 CAPTCHA를 사용해야 할 경우
-if ($w === 'u') {
-    if (isset($board['bo_include_head'], $board['bo_include_tail']) &&
-        ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail)) {
-        $check_captcha = true;
-    }
-} elseif ($w === '') {
-    if ($bo_include_head !== '_head.php' || $bo_include_tail !== '_tail.php') {
-        $check_captcha = true;
+// 최고 관리자인 경우에만 수정가능
+if ($is_admin === 'super') {
+    if ($w === 'u') {
+        if (isset($board['bo_include_head'], $board['bo_include_tail']) &&
+            ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail)) {
+            $check_captcha = true;
+        }
+    } elseif ($w === '') {
+        if ($bo_include_head !== '_head.php' || $bo_include_tail !== '_tail.php') {
+            $check_captcha = true;
+        }
    }
 }

--- a/adm/css/admin.css
+++ b/adm/css/admin.css
@ -587,7 +587,7 @@ td.td_grpset {width:160px;border-left:1px solid #e9ecee;text-align:center}
 .td_time{text-align:center;width:130px}
 .td_center{text-align:center;}
 .td_type{width:120px}
-.td_consent{width:200px}
+.td_consent{min-width:70px;max-width:200px}

 .td_mng_s{width:60px}
 .td_mng_m{width:100px}
--- a/adm/member_list.php
+++ b/adm/member_list.php
@ -127,7 +127,7 @@ $colspan = 16;
                    <th scope="col" rowspan="2" id="mb_list_cert"><?php echo subject_sort_link('mb_certify', '', 'desc') ?>본인확인</a></th>
                    <th scope="col" id="mb_list_mailc"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일인증</a></th>
                    <th scope="col" id="mb_list_open"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보공개</a></th>
-                    <th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>광고성이메일수신</a></th>
+                    <th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>광고성이메일</a></th>
                    <th scope="col" id="mb_list_auth">상태</th>
                    <th scope="col" id="mb_list_mobile">휴대폰</th>
                    <th scope="col" id="mb_list_lastcall"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th>
@ -137,9 +137,9 @@ $colspan = 16;
                <tr>
                    <th scope="col" id="mb_list_name"><?php echo subject_sort_link('mb_name') ?>이름</a></th>
                    <th scope="col" id="mb_list_nick"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
-                    <th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>광고성SMS/카카오톡수신</a></th>
                    <th scope="col" id="mb_list_adultc"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인인증</a></th>
                    <th scope="col" id="mb_list_auth"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근차단</a></th>
+                    <th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>광고성SMS</a></th>
                    <th scope="col" id="mb_list_deny"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
                    <th scope="col" id="mb_list_tel">전화번호</th>
                    <th scope="col" id="mb_list_join"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th>
@ -258,7 +258,7 @@ $colspan = 16;
                            <input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open'] ? 'checked' : ''; ?> value="1" id="mb_open_<?php echo $i; ?>">
                        </td>
                        <td headers="mb_list_mailr" class="td_consent">
-                            <label for="mb_mailling_<?php echo $i; ?>" class="sound_only">메일수신</label>
+                            <label for="mb_mailling_<?php echo $i; ?>" class="sound_only">광고성이메일수신</label>
                            <input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling'] ? 'checked' : ''; ?> value="1" id="mb_mailling_<?php echo $i; ?>">
                            <input type="hidden" name="mb_mailling_default[<?php echo $i; ?>]" value="<?php echo isset($row['mb_mailling']) ? $row['mb_mailling'] : '0'; ?> " id="mb_mailling_default_<?php echo $i; ?>">
                        </td>
@ -281,12 +281,6 @@ $colspan = 16;
                        <td headers="mb_list_nick" class="td_name sv_use">
                            <div><?php echo $mb_nick ?></div>
                        </td>
-
-                        <td headers="mb_list_sms">
-                            <label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
-                            <input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms'] ? 'checked' : ''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
-                            <input type="hidden" name="mb_sms_default[<?php echo $i; ?>]" value="<?php echo isset($row['mb_sms']) ? $row['mb_sms'] : '0'; ?> " id="mb_sms_default_<?php echo $i; ?>">
-                        </td>
                        <td headers="mb_list_adultc">
                            <label for="mb_adult_<?php echo $i; ?>" class="sound_only">성인인증</label>
                            <input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult'] ? 'checked' : ''; ?> value="1" id="mb_adult_<?php echo $i; ?>">
@ -297,6 +291,11 @@ $colspan = 16;
                                <label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
                            <?php } ?>
                        </td>
+                        <td headers="mb_list_sms">
+                            <label for="mb_sms_<?php echo $i; ?>" class="sound_only">광고성SMS/카카오톡수신</label>
+                            <input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms'] ? 'checked' : ''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
+                            <input type="hidden" name="mb_sms_default[<?php echo $i; ?>]" value="<?php echo isset($row['mb_sms']) ? $row['mb_sms'] : '0'; ?> " id="mb_sms_default_<?php echo $i; ?>">
+                        </td>
                        <td headers="mb_list_auth" class="td_mbstat">
                            <?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
                        </td>
--- a/adm/shop_admin/configformupdate.php
+++ b/adm/shop_admin/configformupdate.php
@ -64,6 +64,8 @@ foreach($check_skin_keys as $key){
    if( isset($_POST[$key]) && preg_match('#\.+(\/|\\\)#', $_POST[$key]) ){
        alert('스킨설정에 유효하지 문자가 포함되어 있습니다.');
    }
+    
+    $$key = $_POST[$key] = sql_real_escape_string($_POST[$key]);
 }

 // 현금영수증 발급수단
--- a/adm/shop_admin/itemeventform.php
+++ b/adm/shop_admin/itemeventform.php
@ -67,7 +67,9 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
    for ($i=0; $i<$len; $i++)
        $nbsp .= "&nbsp;&nbsp;&nbsp;";

-    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$row['ca_name']}</option>\n";
+    // 전체 카테고리 경로 표시
+    $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$category_path}</option>\n";
 }

 // 모바일 1줄당 이미지수 필드 추가
--- a/adm/shop_admin/itemeventlist.php
+++ b/adm/shop_admin/itemeventlist.php
@ -107,7 +107,9 @@ if($ev_id) {
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/itemform.php
+++ b/adm/shop_admin/itemform.php
@ -146,9 +146,11 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
    $nbsp = "";
    for ($i=0; $i<$len; $i++)
        $nbsp .= "&nbsp;&nbsp;&nbsp;";
-
-    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$row['ca_name']}</option>\n";
-
+    
+    // 전체 카테고리 경로 표시 (예: 남성의류 > 상의 > 셔츠)
+    $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$category_path}</option>\n";
+    
    $script .= "ca_use['{$row['ca_id']}'] = {$row['ca_use']};\n";
    $script .= "ca_stock_qty['{$row['ca_id']}'] = {$row['ca_stock_qty']};\n";
    //$script .= "ca_explan_html['$row[ca_id]'] = $row[ca_explan_html];\n";
@ -1394,7 +1396,9 @@ $(function(){
                            for ($i=0; $i<$len; $i++)
                                $nbsp .= "&nbsp;&nbsp;&nbsp;";

-                            echo "<option value=\"{$row['ca_id']}\">$nbsp{$row['ca_name']}</option>\n";
+                            // 전체 카테고리 경로 표시
+                            $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+                            echo "<option value=\"{$row['ca_id']}\">$nbsp{$category_path}</option>\n";
                        }
                    ?>
                </select>
--- a/adm/shop_admin/itemlist.php
+++ b/adm/shop_admin/itemlist.php
@ -25,7 +25,8 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
    for ($i=0; $i<$len; $i++) {
        $nbsp .= '&nbsp;&nbsp;&nbsp;';
    }
-    $ca_list .= '<option value="'.$row['ca_id'].'">'.$nbsp.$row['ca_name'].'</option>'.PHP_EOL;
+    $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+    $ca_list .= '<option value="'.$row['ca_id'].'">'.$nbsp.$category_path.'</option>'.PHP_EOL;
 }

 $where = " and ";
@ -100,7 +101,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = '';
        for ($i=0; $i<$len; $i++) $nbsp .= '&nbsp;&nbsp;&nbsp;';
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/itemqalist.php
+++ b/adm/shop_admin/itemqalist.php
@ -79,7 +79,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
        $selected = ($row1['ca_id'] == $sca) ? ' selected="selected"' : '';
-        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/itemsellrank.php
+++ b/adm/shop_admin/itemsellrank.php
@ -83,7 +83,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/itemstocklist.php
+++ b/adm/shop_admin/itemstocklist.php
@ -82,7 +82,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/itemtypelist.php
+++ b/adm/shop_admin/itemtypelist.php
@ -98,7 +98,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$category_path.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/itemuselist.php
+++ b/adm/shop_admin/itemuselist.php
@ -81,7 +81,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
        $selected = ($row1['ca_id'] == $sca) ? ' selected="selected"' : '';
-        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$category_path.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/optionstocklist.php
+++ b/adm/shop_admin/optionstocklist.php
@ -84,7 +84,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
    }
    ?>
 </select>
--- a/adm/shop_admin/wishlist.php
+++ b/adm/shop_admin/wishlist.php
@ -71,7 +71,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
        $len = strlen($row1['ca_id']) / 2 - 1;
        $nbsp = "";
        for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo "<option value='{$row1['ca_id']}'".get_selected($row1['ca_id'], $sel_ca_id).">$nbsp{$row1['ca_name']}\n";
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo "<option value='{$row1['ca_id']}'".get_selected($row1['ca_id'], $sel_ca_id).">$nbsp{$category_path}\n";
    }
    ?>
 </select>
--- a/bbs/formmail_send.php
+++ b/bbs/formmail_send.php
@ -40,6 +40,12 @@ if ($type) {
 else
    $mail_content = $content;

+// 환경설정에서 폼메일 사용 여부가 회원만 사용에 체크되어 있으면
+if ($config['cf_formmail_is_member']) {
+    $fnick = (isset($member['mb_nick']) && $member['mb_nick']) ? $member['mb_nick'] : $member['mb_name'];
+    $fmail = $member['mb_email'];
+}
+
 mailer($fnick, $fmail, $to, $subject, $mail_content, $type, $file);

 // 임시 첨부파일 삭제
--- a/bbs/write.php
+++ b/bbs/write.php
@ -346,8 +346,10 @@ if ($w == '') {
    }

    for($i=0;$i<$file_count;$i++){
-        if(! isset($file[$i])) {
+        if (!isset($file[$i])) {
            $file[$i] = array('file'=>null, 'source'=>null, 'size'=>null, 'bf_content' => null);
+        } else {
+            $file[$i]['bf_content'] = isset($file[$i]['bf_content']) ? htmlspecialchars($file[$i]['bf_content'], ENT_QUOTES, 'UTF-8', false) : null;
        }
    }

--- a/config.php
+++ b/config.php
@ -173,7 +173,7 @@ define('G5_DIR_PERMISSION',  0755); // 디렉토리 생성시 퍼미션
 define('G5_FILE_PERMISSION', 0644); // 파일 생성시 퍼미션

 // 모바일 인지 결정 $_SERVER['HTTP_USER_AGENT']
-define('G5_MOBILE_AGENT',   'phone|samsung|lgtel|mobile|[^A]skt|nokia|blackberry|BB10|android|sony');
+define('G5_MOBILE_AGENT',   'phone|samsung.*mobile|lgtel|mobile|[^A]skt|nokia|blackberry|BB10|android|sony');

 // SMTP
 // lib/mailer.lib.php 에서 사용
--- a/install/install_db.php
+++ b/install/install_db.php
@ -158,7 +158,7 @@ if ($g5_install || $is_install === false) {
                    cf_theme = 'basic',
                    cf_admin = '$admin_id',
                    cf_admin_email = '$admin_email',
-                    cf_admin_email_name = '".G5_VERSION."',
+                    cf_admin_email_name = '".G5_VERSION.'_'.substr(base_convert(mt_rand(), 10, 36), 0, 6)."',
                    cf_use_point = '1',
                    cf_use_copy_log = '1',
                    cf_login_point = '100',
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -3951,10 +3951,16 @@ class str_encrypt

    function __construct($salt='')
    {
-        if(!$salt)
-            $this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr(G5_MYSQL_USER, -1), $_SERVER['SERVER_SOFTWARE'].$_SERVER['DOCUMENT_ROOT']));
-        else
+        global $config;
+        
+        if (!$salt) {
+            $config_hash = md5(serialize(array($config['cf_title'], $config['cf_theme'], $config['cf_admin_email_name'], $config['cf_login_point'], $config['cf_memo_send_point'])));
+            
+            //$this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT']));
+            $this->salt = hash('sha256', preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT']));
+        } else {
            $this->salt = $salt;
+        }

        $this->length = strlen($this->salt);
    }
--- a/lib/shop.lib.php
+++ b/lib/shop.lib.php
@ -2461,7 +2461,7 @@ function get_itemuselist_thumbnail($it_id, $contents, $thumb_width, $thumb_heigh
 }

 function shop_is_taxsave($od, $is_view_receipt=false){
-	global $default, $is_memeber;
+	global $default, $is_member;

 	$od_pay_type = '';

@ -2770,6 +2770,50 @@ function get_item_images_info($it, $size=array(), $image_width=0, $image_height=
    return $images; 
 }

+// 카테고리 전체 경로를 가져오는 함수 (예: 남성의류 > 상의 > 셔츠)
+function get_shop_category_path($ca_id, $separator = ' &gt; ')
+{
+    global $g5;
+    static $category_cache = array(); // 카테고리명 캐시
+    static $path_cache = array();     // 경로 캐시
+
+    if (!$ca_id) return '';
+
+    // 동일한 separator로 이미 조회한 경로가 있으면 캐시에서 반환
+    $cache_key = $ca_id . '|' . $separator;
+    if (isset($path_cache[$cache_key])) {
+        return $path_cache[$cache_key];
+    }
+
+    $path_arr = array();
+    $ca_id_len = strlen($ca_id);
+
+    // 카테고리 ID를 2자리씩 분할하여 각 단계의 카테고리명을 조회
+    for ($i = 2; $i <= $ca_id_len; $i += 2) {
+        $current_ca_id = substr($ca_id, 0, $i);
+
+        // 캐시에 없으면 DB 조회
+        if (!isset($category_cache[$current_ca_id])) {
+            $sql = " select ca_name from {$g5['g5_shop_category_table']} where ca_id = '$current_ca_id' ";
+            $row = sql_fetch($sql);
+            if ($row) {
+                $category_cache[$current_ca_id] = $row['ca_name'];
+            } else {
+                $category_cache[$current_ca_id] = '';
+            }
+        }
+
+        if ($category_cache[$current_ca_id]) {
+            $path_arr[] = $category_cache[$current_ca_id];
+        }
+    }
+
+    $result = implode($separator, $path_arr);
+    $path_cache[$cache_key] = $result; // 결과를 캐시에 저장
+
+    return $result;
+}
+
 function check_payment_method($od_settle_case) {
    global $default;

--- a/lib/thumbnail.lib.php
+++ b/lib/thumbnail.lib.php
@ -275,11 +275,10 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h
    $thumb_filename = preg_replace("/\.[^\.]+$/i", "", $filename); // 확장자제거
    // $thumb_file = "$target_path/thumb-{$thumb_filename}_{$thumb_width}x{$thumb_height}.".$ext[$size[2]];
    $thumb_file = "$target_path/thumb-{$thumb_filename}_{$thumb_width}x{$thumb_height}.".$file_ext;
-    
-    $thumb_time = @filemtime($thumb_file);
-    $source_time = @filemtime($source_file);

    if (file_exists($thumb_file)) {
+        $thumb_time = @filemtime($thumb_file);
+        $source_time = @filemtime($source_file);
        if ($is_create == false && $source_time < $thumb_time) {
            return basename($thumb_file);
        }
--- a/mobile/shop/orderform.sub.php
+++ b/mobile/shop/orderform.sub.php
@ -1499,8 +1499,8 @@ function pay_approval()
                break;
        }
        f.method.value = pay_method;
-        f.orderId.value = '<?=$od_id?>';
-        f.orderName.value = '<?=$goods?>';
+        f.orderId.value = "<?php echo $od_id; ?>";
+        f.orderName.value = "<?php echo $goods; ?>";

        f.customerName.value = pf.od_name.value;
        f.customerEmail.value = pf.od_email.value;
@ -1523,6 +1523,10 @@ function pay_approval()

        f.amountCurrency.value = 'KRW';
        f.amountValue.value = f.good_mny.value;
+        if (pf && pf.amountValue) {
+            pf.amountValue.value = f.good_mny.value;
+        }
+        
        <?php if($default['de_tax_flag_use']) { ?>
        f.taxFreeAmount.value = pf.comm_free_mny.value;
        <?php } ?>
--- a/mobile/shop/personalpayformupdate.php
+++ b/mobile/shop/personalpayformupdate.php
@ -183,7 +183,7 @@ if((int)$pp['pp_price'] !== (int)$pg_price) {
            include G5_SHOP_PATH.'/lg/xpay_cancel.php';
            break;
        case 'toss':
-            include G5_SHOP_PATH.'/toss/toss_result.php';
+            include G5_SHOP_PATH.'/toss/toss_cancel.php';
            break;
        case 'inicis':
            include G5_SHOP_PATH.'/inicis/inipay_cancel.php';
@ -271,7 +271,7 @@ if($pp_receipt_price > 0 && $pp['pp_id'] && $pp['od_id']) {
                include G5_SHOP_PATH.'/lg/xpay_cancel.php';
                break;
            case 'toss':
-                include G5_SHOP_PATH.'/toss/toss_result.php';
+                include G5_SHOP_PATH.'/toss/toss_cancel.php';
                break;
            case 'inicis':
                include G5_SHOP_PATH.'/inicis/inipay_cancel.php';
--- a/mobile/shop/toss/toss_approval.php
+++ b/mobile/shop/toss/toss_approval.php
@ -90,7 +90,7 @@ foreach($payReqMap as $key => $value) {
 * 수정불가.
 */
 const clientKey = "<?php echo $config['cf_toss_client_key']; ?>";
-const customerKey = "<?php echo isset($member['mb_id']) ? $member['mb_id'] : ''; ?>";
+const customerKey = "<?php echo $is_member ? $member['mb_id'] : md5(get_session('ss_order_id')); ?>";
 const tossPayments = TossPayments(clientKey);

 const payment = tossPayments.payment({ customerKey });
--- a/shop/naverpay/naverpay_order.php
+++ b/shop/naverpay/naverpay_order.php
@ -3,6 +3,8 @@ include_once('./_common.php');
 include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php');
 include_once(G5_LIB_PATH.'/naverpay.lib.php');

+if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return;
+
 $pattern = '#[/\'\"%=*\#\(\)\|\+\&\!\$~\{\}\[\]`;:\?\^\,]#';
 $post_naverpay_form = isset($_POST['naverpay_form']) ? clean_xss_tags($_POST['naverpay_form']) : '';

@ -98,7 +100,8 @@ for($i=0; $i<$count; $i++) {
    $opt_count = (isset($_POST['io_id'][$it_id]) && is_array($_POST['io_id'][$it_id])) ? count($_POST['io_id'][$it_id]) : 0;
    
    if( ! $it_id) continue;
-
+    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue;
+    
    if($opt_count && $_POST['io_type'][$it_id][0] != 0)
        return_error2json('상품의 선택옵션을 선택해 주십시오.');

--- a/shop/naverpay/naverpay_wish.php
+++ b/shop/naverpay/naverpay_wish.php
@ -3,6 +3,8 @@ include_once('./_common.php');
 include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php');
 include_once(G5_LIB_PATH.'/naverpay.lib.php');

+if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return;
+
 $count = (isset($_POST['it_id']) && is_array($_POST['it_id'])) ? count($_POST['it_id']) : 0;

 if ($count < 1)
@ -13,6 +15,8 @@ $item  = '';

 for($i=0; $i<$count; $i++) {
    $it_id = isset($_POST['it_id']) ? $_POST['it_id'][$i] : '';
+    
+    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue;

    // 상품정보
    $it = get_shop_item($it_id, true);
--- a/shop/orderinquiryview.php
+++ b/shop/orderinquiryview.php
@ -410,13 +410,13 @@ if($od['od_pg'] == 'lg') {
                // 현금영수증 발급을 사용하는 경우에만
                if ((function_exists('shop_is_taxsave') && shop_is_taxsave($od)) || (function_exists('is_order_cashreceipt') && is_order_cashreceipt($od))) {
                    // 미수금이 없고 현금일 경우에만 현금영수증을 발급 할 수 있습니다.
-                    if ($misu_price == 0 && is_order_cashreceipt($od)) {
+                    if ($misu_price == 0) {
                ?>
                <tr>
                    <th scope="row">현금영수증</th>
                    <td>
                    <?php
-                    if ($od['od_cash'])
+                    if ($od['od_cash'] && is_order_cashreceipt($od))
                    {
                        if($od['od_pg'] == 'lg') {
                            require_once G5_SHOP_PATH.'/settle_lg.inc.php';
--- a/shop/settle_naverpay.inc.php
+++ b/shop/settle_naverpay.inc.php
@ -15,6 +15,8 @@ if(basename($_SERVER['SCRIPT_NAME']) == 'item.php') {
        return;
 }

+define('G5_SHOP_USE_NAVERPAY', 1);
+
 $naverpay_button_js = '';

 $is_mobile_order = is_mobile();
--- a/shop/toss/orderform.1.php
+++ b/shop/toss/orderform.1.php
@ -13,7 +13,7 @@ if($default['de_iche_use'] || $default['de_vbank_use'] || $default['de_hp_use']
 * 수정불가.
 */
 const clientKey = "<?php echo $config['cf_toss_client_key']; ?>";
-const customerKey = "<?php echo isset($member['mb_id']) ? $member['mb_id'] : ''; ?>";
+const customerKey = "<?php echo $is_member ? $member['mb_id'] : md5(get_session('ss_order_id')); ?>";
 const tossPayments = TossPayments(clientKey);

 const payment = tossPayments.payment({ customerKey });
--- a/shop/toss/toss_result.php
+++ b/shop/toss/toss_result.php
@ -16,9 +16,9 @@ $row = sql_fetch($sql);

 $data = isset($row['dt_data']) ? unserialize(base64_decode($row['dt_data'])) : array();

-$amount = isset($data['amountValue']) ? $data['amountValue'] : 0;
+$amount = isset($data['amountValue']) ? (int)$data['amountValue'] : 0;

-if ($amount <= 0) {
+if ($amount <= 0 || $amount !== (int)$order_price) {
    alert('결제금액이 올바르지 않습니다.', G5_SHOP_URL);
 }

--- a/theme/basic/shop/orderinquiryview.php
+++ b/theme/basic/shop/orderinquiryview.php
@ -536,13 +536,13 @@ if($od['od_pg'] == 'lg') {
                // 현금영수증 발급을 사용하는 경우 또는 현금영수증 발급을 한 주문건이면
 	            if ((function_exists('shop_is_taxsave') && shop_is_taxsave($od)) || (function_exists('is_order_cashreceipt') && is_order_cashreceipt($od))) {
 	                // 미수금이 없고 현금일 경우에만 현금영수증을 발급 할 수 있습니다.
-	                if ($misu_price == 0 && is_order_cashreceipt($od)) {
+	                if ($misu_price == 0) {
 	            ?>
 	            <li>
 	                <strong class="letter-2px">현금영수증</strong>
 	                <span>
 	                <?php
-	                if ($od['od_cash'])
+	                if ($od['od_cash'] && is_order_cashreceipt($od))
 	                {
 	                    if($od['od_pg'] == 'lg') {
 	                        require_once G5_SHOP_PATH.'/settle_lg.inc.php';
--- a/version.php
+++ b/version.php
@ -2,7 +2,7 @@
 if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가

 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.6.23');
+define('G5_GNUBOARD_VER', '5.6.24');
 // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전을 합쳐서 그누보드5.4.6 버전에서 시작함 (kagla-210617)
 // G5_YOUNGCART_VER 이 상수를 사용하는 곳이 있으므로 주석 처리 해제함
 // 그누보드5.4.6 이상 버전 부터는 영카트를 그누보드에 포함하여 배포하므로 영카트5의 버전은 의미가 없습니다.