From a7541256cbb573dcccb257d5fd81021308cb45b0 Mon Sep 17 00:00:00 2001 From: whitedot Date: Thu, 25 Sep 2025 10:02:25 +0900 Subject: [PATCH 01/13] =?UTF-8?q?style:=20=EA=B4=80=EB=A6=AC=EC=9E=90=20>?= =?UTF-8?q?=20=ED=9A=8C=EC=9B=90=EA=B4=80=EB=A6=AC=20>=20=EB=AA=A9?= =?UTF-8?q?=EB=A1=9D,=20=EA=B4=91=EA=B3=A0=EC=84=B1=20=EC=A0=95=EB=B3=B4?= =?UTF-8?q?=20=EC=88=98=EC=8B=A0=20=EB=8F=99=EC=9D=98=EC=97=90=20=EB=94=B0?= =?UTF-8?q?=EB=A5=B8=20=ED=85=8C=EC=9D=B4=EB=B8=94=20=ED=8F=AD=20=EC=A1=B0?= =?UTF-8?q?=EC=A0=95=20=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/css/admin.css | 2 +- adm/member_list.php | 17 ++++++++--------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/adm/css/admin.css b/adm/css/admin.css index 550314d97..5c9284ef9 100644 --- a/adm/css/admin.css +++ b/adm/css/admin.css @@ -586,7 +586,7 @@ td.td_grpset {width:160px;border-left:1px solid #e9ecee;text-align:center} .td_time{text-align:center;width:130px} .td_center{text-align:center;} .td_type{width:120px} -.td_consent{width:200px} +.td_consent{min-width:70px;max-width:200px} .td_mng_s{width:60px} .td_mng_m{width:100px} diff --git a/adm/member_list.php b/adm/member_list.php index bb3be84c6..afcf45e77 100644 --- a/adm/member_list.php +++ b/adm/member_list.php @@ -127,7 +127,7 @@ $colspan = 16; 본인확인 메일인증 정보공개 - 광고성이메일수신 + 광고성이메일 상태 휴대폰 최종접속 @@ -137,9 +137,9 @@ $colspan = 16; 이름 닉네임 - 광고성SMS/카카오톡수신 성인인증 접근차단 + 광고성SMS 권한 전화번호 가입일 @@ -258,7 +258,7 @@ $colspan = 16; value="1" id="mb_open_"> - + value="1" id="mb_mailling_"> @@ -281,12 +281,6 @@ $colspan = 16;
- - - - value="1" id="mb_sms_"> - - value="1" id="mb_adult_"> @@ -297,6 +291,11 @@ $colspan = 16; + + + value="1" id="mb_sms_"> + + From 3432497efea266bea5df39f8cfcea3db3be57bd1 Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 14 Nov 2025 02:08:02 +0000 Subject: [PATCH 02/13] =?UTF-8?q?=EC=82=BC=EC=84=B1=EB=B8=8C=EB=9D=BC?= =?UTF-8?q?=EC=9A=B0=EC=A0=80PC=EB=B2=84=EC=A0=84=20=EB=8C=80=EC=9D=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.php b/config.php index b636b0338..17f40a0a5 100644 --- a/config.php +++ b/config.php @@ -173,7 +173,7 @@ define('G5_DIR_PERMISSION', 0755); // 디렉토리 생성시 퍼미션 define('G5_FILE_PERMISSION', 0644); // 파일 생성시 퍼미션 // 모바일 인지 결정 $_SERVER['HTTP_USER_AGENT'] -define('G5_MOBILE_AGENT', 'phone|samsung|lgtel|mobile|[^A]skt|nokia|blackberry|BB10|android|sony'); +define('G5_MOBILE_AGENT', 'phone|samsung.*mobile|lgtel|mobile|[^A]skt|nokia|blackberry|BB10|android|sony'); // SMTP // lib/mailer.lib.php 에서 사용 From f2ab751e5f81719b0d933ec8f59c758e8e831a3a Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 14 Nov 2025 07:30:47 +0000 Subject: [PATCH 03/13] =?UTF-8?q?[KVE-2025-0828]=EC=98=81=EC=B9=B4?= =?UTF-8?q?=ED=8A=B8=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/shop_admin/configformupdate.php | 2 ++ shop/naverpay/naverpay_order.php | 5 ++++- shop/naverpay/naverpay_wish.php | 4 ++++ shop/settle_naverpay.inc.php | 2 ++ 4 files changed, 12 insertions(+), 1 deletion(-) diff --git a/adm/shop_admin/configformupdate.php b/adm/shop_admin/configformupdate.php index adfb06ea8..adf10c60c 100644 --- a/adm/shop_admin/configformupdate.php +++ b/adm/shop_admin/configformupdate.php @@ -64,6 +64,8 @@ foreach($check_skin_keys as $key){ if( isset($_POST[$key]) && preg_match('#\.+(\/|\\\)#', $_POST[$key]) ){ alert('스킨설정에 유효하지 문자가 포함되어 있습니다.'); } + + $$key = $_POST[$key] = sql_real_escape_string($_POST[$key]); } // 현금영수증 발급수단 diff --git a/shop/naverpay/naverpay_order.php b/shop/naverpay/naverpay_order.php index 7d98b317a..840b493fb 100644 --- a/shop/naverpay/naverpay_order.php +++ b/shop/naverpay/naverpay_order.php @@ -3,6 +3,8 @@ include_once('./_common.php'); include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php'); include_once(G5_LIB_PATH.'/naverpay.lib.php'); +if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return; + $pattern = '#[/\'\"%=*\#\(\)\|\+\&\!\$~\{\}\[\]`;:\?\^\,]#'; $post_naverpay_form = isset($_POST['naverpay_form']) ? clean_xss_tags($_POST['naverpay_form']) : ''; @@ -98,7 +100,8 @@ for($i=0; $i<$count; $i++) { $opt_count = (isset($_POST['io_id'][$it_id]) && is_array($_POST['io_id'][$it_id])) ? count($_POST['io_id'][$it_id]) : 0; if( ! $it_id) continue; - + if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue; + if($opt_count && $_POST['io_type'][$it_id][0] != 0) return_error2json('상품의 선택옵션을 선택해 주십시오.'); diff --git a/shop/naverpay/naverpay_wish.php b/shop/naverpay/naverpay_wish.php index 9e62bf486..6ccd3c34a 100644 --- a/shop/naverpay/naverpay_wish.php +++ b/shop/naverpay/naverpay_wish.php @@ -3,6 +3,8 @@ include_once('./_common.php'); include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php'); include_once(G5_LIB_PATH.'/naverpay.lib.php'); +if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return; + $count = (isset($_POST['it_id']) && is_array($_POST['it_id'])) ? count($_POST['it_id']) : 0; if ($count < 1) @@ -13,6 +15,8 @@ $item = ''; for($i=0; $i<$count; $i++) { $it_id = isset($_POST['it_id']) ? $_POST['it_id'][$i] : ''; + + if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue; // 상품정보 $it = get_shop_item($it_id, true); diff --git a/shop/settle_naverpay.inc.php b/shop/settle_naverpay.inc.php index 93c4b501b..808d8e393 100644 --- a/shop/settle_naverpay.inc.php +++ b/shop/settle_naverpay.inc.php @@ -15,6 +15,8 @@ if(basename($_SERVER['SCRIPT_NAME']) == 'item.php') { return; } +define('G5_SHOP_USE_NAVERPAY', 1); + $naverpay_button_js = ''; $is_mobile_order = is_mobile(); From 0e06b4f9cee4b8d28fe0f44068076a5bcbb85f1a Mon Sep 17 00:00:00 2001 From: thisgun Date: Mon, 26 Jan 2026 09:33:19 +0000 Subject: [PATCH 04/13] =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B85=EC=97=90?= =?UTF-8?q?=EC=84=9C=20=EC=82=AC=EC=9A=A9=EC=9E=90=EA=B0=80=20=ED=98=84?= =?UTF-8?q?=EA=B8=88=EC=98=81=EC=88=98=EC=A6=9D=20=EB=B0=9C=EA=B8=89?= =?UTF-8?q?=EB=B2=84=ED=8A=BC=EC=9D=B4=20=EC=B6=9C=EB=A0=A5=EB=90=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20=EC=98=A4=EB=A5=98=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- shop/orderinquiryview.php | 4 ++-- theme/basic/shop/orderinquiryview.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/shop/orderinquiryview.php b/shop/orderinquiryview.php index bba85f21f..9388041e2 100644 --- a/shop/orderinquiryview.php +++ b/shop/orderinquiryview.php @@ -410,13 +410,13 @@ if($od['od_pg'] == 'lg') { // 현금영수증 발급을 사용하는 경우에만 if ((function_exists('shop_is_taxsave') && shop_is_taxsave($od)) || (function_exists('is_order_cashreceipt') && is_order_cashreceipt($od))) { // 미수금이 없고 현금일 경우에만 현금영수증을 발급 할 수 있습니다. - if ($misu_price == 0 && is_order_cashreceipt($od)) { + if ($misu_price == 0) { ?> 현금영수증
  • 현금영수증 Date: Mon, 26 Jan 2026 09:40:43 +0000 Subject: [PATCH 05/13] =?UTF-8?q?=EA=B2=8C=EC=8B=9C=ED=8C=90=20=EA=B4=80?= =?UTF-8?q?=EB=A6=AC=EC=9E=90=EA=B0=80=20=EA=B2=8C=EC=8B=9C=ED=8C=90=20?= =?UTF-8?q?=EC=88=98=EC=A0=95=EC=8B=9C=20=EC=9E=90=EB=8F=99=EB=93=B1?= =?UTF-8?q?=EB=A1=9D=EB=B0=A9=EC=A7=80=20=EC=88=AB=EC=9E=90=EA=B0=80=20?= =?UTF-8?q?=ED=8B=80=EB=A0=B8=EC=8A=B5=EB=8B=88=EB=8B=A4=20=EB=9D=BC?= =?UTF-8?q?=EA=B3=A0=20=EB=82=98=EC=98=A4=EB=8A=94=20=EC=98=A4=EB=A5=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/board_form_update.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/adm/board_form_update.php b/adm/board_form_update.php index b5f7364b7..83ff74b52 100644 --- a/adm/board_form_update.php +++ b/adm/board_form_update.php @@ -39,14 +39,17 @@ $bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\] $check_captcha = false; // 관리자가 자동등록방지 CAPTCHA를 사용해야 할 경우 -if ($w === 'u') { - if (isset($board['bo_include_head'], $board['bo_include_tail']) && - ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail)) { - $check_captcha = true; - } -} elseif ($w === '') { - if ($bo_include_head !== '_head.php' || $bo_include_tail !== '_tail.php') { - $check_captcha = true; +// 최고 관리자인 경우에만 수정가능 +if ($is_admin === 'super') { + if ($w === 'u') { + if (isset($board['bo_include_head'], $board['bo_include_tail']) && + ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail)) { + $check_captcha = true; + } + } elseif ($w === '') { + if ($bo_include_head !== '_head.php' || $bo_include_tail !== '_tail.php') { + $check_captcha = true; + } } } From b94771de924a9bb6a622aabfd364690c7aac1ff3 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 27 Jan 2026 03:34:20 +0000 Subject: [PATCH 06/13] =?UTF-8?q?=EC=8D=B8=EB=84=A4=EC=9D=BC=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EC=BD=94=EB=93=9C=20=EC=9C=84=EC=B9=98=EB=B3=80?= =?UTF-8?q?=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/thumbnail.lib.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/thumbnail.lib.php b/lib/thumbnail.lib.php index 3b473895c..f8646131b 100644 --- a/lib/thumbnail.lib.php +++ b/lib/thumbnail.lib.php @@ -275,11 +275,10 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h $thumb_filename = preg_replace("/\.[^\.]+$/i", "", $filename); // 확장자제거 // $thumb_file = "$target_path/thumb-{$thumb_filename}_{$thumb_width}x{$thumb_height}.".$ext[$size[2]]; $thumb_file = "$target_path/thumb-{$thumb_filename}_{$thumb_width}x{$thumb_height}.".$file_ext; - - $thumb_time = @filemtime($thumb_file); - $source_time = @filemtime($source_file); if (file_exists($thumb_file)) { + $thumb_time = @filemtime($thumb_file); + $source_time = @filemtime($source_file); if ($is_create == false && $source_time < $thumb_time) { return basename($thumb_file); } From d775d2255fde35631d4c6af03f45620ec5108352 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 27 Jan 2026 05:50:34 +0000 Subject: [PATCH 07/13] =?UTF-8?q?[KVE-2026-0029]Stored=20XSS=20=EC=B7=A8?= =?UTF-8?q?=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/write.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bbs/write.php b/bbs/write.php index 5efad03e3..39ffcbdf8 100644 --- a/bbs/write.php +++ b/bbs/write.php @@ -346,8 +346,10 @@ if ($w == '') { } for($i=0;$i<$file_count;$i++){ - if(! isset($file[$i])) { + if (!isset($file[$i])) { $file[$i] = array('file'=>null, 'source'=>null, 'size'=>null, 'bf_content' => null); + } else { + $file[$i]['bf_content'] = isset($file[$i]['bf_content']) ? htmlspecialchars($file[$i]['bf_content'], ENT_QUOTES, 'UTF-8', false) : null; } } From 7c490448eca8f81e7f2275d994400ce32b87d199 Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 30 Jan 2026 05:00:43 +0000 Subject: [PATCH 08/13] =?UTF-8?q?=EB=A9=94=EC=9D=BC=EB=B3=B4=EB=82=B4?= =?UTF-8?q?=EA=B8=B0=20=EB=B0=9C=EC=8B=A0=EC=9E=90=20=EC=9C=84=EC=9E=A5=20?= =?UTF-8?q?=EB=B0=A9=EC=A7=80=20=EB=B0=8F=20=EC=95=94=ED=98=B8=ED=99=94=20?= =?UTF-8?q?=ED=82=A4=EC=9D=98=20=EC=95=88=EC=A0=84=EC=84=B1=20=EC=B7=A8?= =?UTF-8?q?=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/formmail_send.php | 6 ++++++ install/install_db.php | 2 +- lib/common.lib.php | 12 +++++++++--- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/bbs/formmail_send.php b/bbs/formmail_send.php index 76fab9eea..635f4aca6 100644 --- a/bbs/formmail_send.php +++ b/bbs/formmail_send.php @@ -40,6 +40,12 @@ if ($type) { else $mail_content = $content; +// 환경설정에서 폼메일 사용 여부가 회원만 사용에 체크되어 있으면 +if ($config['cf_formmail_is_member']) { + $fnick = (isset($member['mb_nick']) && $member['mb_nick']) ? $member['mb_nick'] : $member['mb_name']; + $fmail = $member['mb_email']; +} + mailer($fnick, $fmail, $to, $subject, $mail_content, $type, $file); // 임시 첨부파일 삭제 diff --git a/install/install_db.php b/install/install_db.php index f2cba5b4c..7a143b5a6 100644 --- a/install/install_db.php +++ b/install/install_db.php @@ -158,7 +158,7 @@ if ($g5_install || $is_install === false) { cf_theme = 'basic', cf_admin = '$admin_id', cf_admin_email = '$admin_email', - cf_admin_email_name = '".G5_VERSION."', + cf_admin_email_name = '".G5_VERSION.'_'.substr(base_convert(mt_rand(), 10, 36), 0, 6)."', cf_use_point = '1', cf_use_copy_log = '1', cf_login_point = '100', diff --git a/lib/common.lib.php b/lib/common.lib.php index 291af89f3..e2ab98f32 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -3959,10 +3959,16 @@ class str_encrypt function __construct($salt='') { - if(!$salt) - $this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr(G5_MYSQL_USER, -1), $_SERVER['SERVER_SOFTWARE'].$_SERVER['DOCUMENT_ROOT'])); - else + global $config; + + if (!$salt) { + $config_hash = md5(serialize(array($config['cf_title'], $config['cf_theme'], $config['cf_admin_email_name'], $config['cf_login_point'], $config['cf_memo_send_point']))); + + //$this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT'])); + $this->salt = hash('sha256', preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT'])); + } else { $this->salt = $salt; + } $this->length = strlen($this->salt); } From 607e15424d77039540a27c743abafbd2576cd436 Mon Sep 17 00:00:00 2001 From: thisgun Date: Mon, 2 Feb 2026 07:18:28 +0000 Subject: [PATCH 09/13] =?UTF-8?q?=ED=86=A0=EC=8A=A4=EA=B2=B0=EC=A0=9C=20?= =?UTF-8?q?=EB=B9=84=ED=9A=8C=EC=9B=90=EA=B2=B0=EC=A0=9C=EA=B0=80=20?= =?UTF-8?q?=EC=95=88=EB=90=98=EB=8A=94=20=EC=98=A4=EB=A5=98=20=EB=B0=8F=20?= =?UTF-8?q?=EB=AA=A8=EB=B0=94=EC=9D=BC=20=EA=B0=9C=EC=9D=B8=EA=B2=B0?= =?UTF-8?q?=EC=A0=9C=20=EC=B7=A8=EC=86=8C=EA=B3=BC=EC=A0=95=20=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/personalpayformupdate.php | 4 ++-- mobile/shop/toss/toss_approval.php | 2 +- shop/toss/orderform.1.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mobile/shop/personalpayformupdate.php b/mobile/shop/personalpayformupdate.php index c0da09f7b..fda4492e8 100644 --- a/mobile/shop/personalpayformupdate.php +++ b/mobile/shop/personalpayformupdate.php @@ -183,7 +183,7 @@ if((int)$pp['pp_price'] !== (int)$pg_price) { include G5_SHOP_PATH.'/lg/xpay_cancel.php'; break; case 'toss': - include G5_SHOP_PATH.'/toss/toss_result.php'; + include G5_SHOP_PATH.'/toss/toss_cancel.php'; break; case 'inicis': include G5_SHOP_PATH.'/inicis/inipay_cancel.php'; @@ -271,7 +271,7 @@ if($pp_receipt_price > 0 && $pp['pp_id'] && $pp['od_id']) { include G5_SHOP_PATH.'/lg/xpay_cancel.php'; break; case 'toss': - include G5_SHOP_PATH.'/toss/toss_result.php'; + include G5_SHOP_PATH.'/toss/toss_cancel.php'; break; case 'inicis': include G5_SHOP_PATH.'/inicis/inipay_cancel.php'; diff --git a/mobile/shop/toss/toss_approval.php b/mobile/shop/toss/toss_approval.php index 84963ab91..5d7db7042 100644 --- a/mobile/shop/toss/toss_approval.php +++ b/mobile/shop/toss/toss_approval.php @@ -90,7 +90,7 @@ foreach($payReqMap as $key => $value) { * 수정불가. */ const clientKey = ""; -const customerKey = ""; +const customerKey = ""; const tossPayments = TossPayments(clientKey); const payment = tossPayments.payment({ customerKey }); diff --git a/shop/toss/orderform.1.php b/shop/toss/orderform.1.php index bf1727e89..509be6904 100644 --- a/shop/toss/orderform.1.php +++ b/shop/toss/orderform.1.php @@ -13,7 +13,7 @@ if($default['de_iche_use'] || $default['de_vbank_use'] || $default['de_hp_use'] * 수정불가. */ const clientKey = ""; -const customerKey = ""; +const customerKey = ""; const tossPayments = TossPayments(clientKey); const payment = tossPayments.payment({ customerKey }); From bf27af3925fa9e6f1bd548a92c065d2f44bd31f9 Mon Sep 17 00:00:00 2001 From: thisgun Date: Mon, 2 Feb 2026 07:33:36 +0000 Subject: [PATCH 10/13] =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B8=20shop=5Fis?= =?UTF-8?q?=5Ftaxsave=20=EC=97=90=EC=84=9C=20=20=EB=B3=8C=EC=88=98=20?= =?UTF-8?q?=EC=BD=94=EB=93=9C=20=EC=98=A4=ED=83=80=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/shop.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/shop.lib.php b/lib/shop.lib.php index e7e31ada8..f492776e8 100644 --- a/lib/shop.lib.php +++ b/lib/shop.lib.php @@ -2461,7 +2461,7 @@ function get_itemuselist_thumbnail($it_id, $contents, $thumb_width, $thumb_heigh } function shop_is_taxsave($od, $is_view_receipt=false){ - global $default, $is_memeber; + global $default, $is_member; $od_pay_type = ''; From 0ddcda4b0c5489b38c812e75751efe214700fb07 Mon Sep 17 00:00:00 2001 From: thisgun Date: Mon, 2 Feb 2026 09:37:39 +0000 Subject: [PATCH 11/13] =?UTF-8?q?toss=20=EB=AA=A8=EB=B0=94=EC=9D=BC?= =?UTF-8?q?=EA=B2=B0=EC=A0=9C=20=ED=8F=AC=EC=9D=B8=ED=8A=B8=20=EC=A0=81?= =?UTF-8?q?=EC=9A=A9=EC=8B=9C=20=EA=B2=B0=EC=A0=9C=20=EC=98=A4=EB=A5=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/orderform.sub.php | 8 ++++++-- shop/toss/toss_result.php | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/mobile/shop/orderform.sub.php b/mobile/shop/orderform.sub.php index e6f9008b9..7033185d3 100644 --- a/mobile/shop/orderform.sub.php +++ b/mobile/shop/orderform.sub.php @@ -1444,8 +1444,8 @@ function pay_approval() break; } f.method.value = pay_method; - f.orderId.value = ''; - f.orderName.value = ''; + f.orderId.value = ""; + f.orderName.value = ""; f.customerName.value = pf.od_name.value; f.customerEmail.value = pf.od_email.value; @@ -1468,6 +1468,10 @@ function pay_approval() f.amountCurrency.value = 'KRW'; f.amountValue.value = f.good_mny.value; + if (pf && pf.amountValue) { + pf.amountValue.value = f.good_mny.value; + } + f.taxFreeAmount.value = pf.comm_free_mny.value; diff --git a/shop/toss/toss_result.php b/shop/toss/toss_result.php index 6e86aa212..e22bcf64d 100644 --- a/shop/toss/toss_result.php +++ b/shop/toss/toss_result.php @@ -16,9 +16,9 @@ $row = sql_fetch($sql); $data = isset($row['dt_data']) ? unserialize(base64_decode($row['dt_data'])) : array(); -$amount = isset($data['amountValue']) ? $data['amountValue'] : 0; +$amount = isset($data['amountValue']) ? (int)$data['amountValue'] : 0; -if ($amount <= 0) { +if ($amount <= 0 || $amount !== (int)$order_price) { alert('결제금액이 올바르지 않습니다.', G5_SHOP_URL); } From 137d78ff73f2486b5d42503d5f4d46048b5ea246 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 3 Feb 2026 06:24:34 +0000 Subject: [PATCH 12/13] =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B8=20=EA=B4=80?= =?UTF-8?q?=EB=A6=AC=EC=9E=90=EB=AA=A8=EB=93=9C=20=EB=B6=84=EB=A5=98?= =?UTF-8?q?=EC=B6=9C=EB=A0=A5=20=EA=B0=9C=EC=84=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/shop_admin/itemeventform.php | 4 ++- adm/shop_admin/itemeventlist.php | 4 ++- adm/shop_admin/itemform.php | 12 +++++--- adm/shop_admin/itemlist.php | 7 +++-- adm/shop_admin/itemqalist.php | 4 ++- adm/shop_admin/itemsellrank.php | 4 ++- adm/shop_admin/itemstocklist.php | 4 ++- adm/shop_admin/itemtypelist.php | 4 ++- adm/shop_admin/itemuselist.php | 4 ++- adm/shop_admin/optionstocklist.php | 4 ++- adm/shop_admin/wishlist.php | 4 ++- lib/shop.lib.php | 44 ++++++++++++++++++++++++++++++ 12 files changed, 84 insertions(+), 15 deletions(-) diff --git a/adm/shop_admin/itemeventform.php b/adm/shop_admin/itemeventform.php index 1ec6b43c9..a12967713 100644 --- a/adm/shop_admin/itemeventform.php +++ b/adm/shop_admin/itemeventform.php @@ -67,7 +67,9 @@ for ($i=0; $row=sql_fetch_array($result); $i++) for ($i=0; $i<$len; $i++) $nbsp .= "   "; - $category_select .= "\n"; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name']; + $category_select .= "\n"; } // 모바일 1줄당 이미지수 필드 추가 diff --git a/adm/shop_admin/itemeventlist.php b/adm/shop_admin/itemeventlist.php index ce1f81695..a05e56676 100644 --- a/adm/shop_admin/itemeventlist.php +++ b/adm/shop_admin/itemeventlist.php @@ -107,7 +107,9 @@ if($ev_id) { $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo ''.PHP_EOL; } ?> diff --git a/adm/shop_admin/itemform.php b/adm/shop_admin/itemform.php index 0f6ec2a11..0961a2d0c 100644 --- a/adm/shop_admin/itemform.php +++ b/adm/shop_admin/itemform.php @@ -146,9 +146,11 @@ for ($i=0; $row=sql_fetch_array($result); $i++) $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - - $category_select .= "\n"; - + + // 전체 카테고리 경로 표시 (예: 남성의류 > 상의 > 셔츠) + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name']; + $category_select .= "\n"; + $script .= "ca_use['{$row['ca_id']}'] = {$row['ca_use']};\n"; $script .= "ca_stock_qty['{$row['ca_id']}'] = {$row['ca_stock_qty']};\n"; //$script .= "ca_explan_html['$row[ca_id]'] = $row[ca_explan_html];\n"; @@ -1394,7 +1396,9 @@ $(function(){ for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo "\n"; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name']; + echo "\n"; } ?> diff --git a/adm/shop_admin/itemlist.php b/adm/shop_admin/itemlist.php index 7556fb408..a0c2e38bc 100644 --- a/adm/shop_admin/itemlist.php +++ b/adm/shop_admin/itemlist.php @@ -25,7 +25,8 @@ for ($i=0; $row=sql_fetch_array($result); $i++) for ($i=0; $i<$len; $i++) { $nbsp .= '   '; } - $ca_list .= ''.PHP_EOL; + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name']; + $ca_list .= ''.PHP_EOL; } $where = " and "; @@ -100,7 +101,9 @@ $listall = '전체목 $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ''; for ($i=0; $i<$len; $i++) $nbsp .= '   '; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo ''.PHP_EOL; } ?> diff --git a/adm/shop_admin/itemqalist.php b/adm/shop_admin/itemqalist.php index f8f79b3da..2230bf5c3 100644 --- a/adm/shop_admin/itemqalist.php +++ b/adm/shop_admin/itemqalist.php @@ -79,7 +79,9 @@ $listall = '전체목 $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; $selected = ($row1['ca_id'] == $sca) ? ' selected="selected"' : ''; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo ''.PHP_EOL; } ?> diff --git a/adm/shop_admin/itemsellrank.php b/adm/shop_admin/itemsellrank.php index b1e387d58..57be153b7 100644 --- a/adm/shop_admin/itemsellrank.php +++ b/adm/shop_admin/itemsellrank.php @@ -83,7 +83,9 @@ $listall = '전체목 $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo ''.PHP_EOL; } ?> diff --git a/adm/shop_admin/itemstocklist.php b/adm/shop_admin/itemstocklist.php index c55fddde8..9329dc3c5 100644 --- a/adm/shop_admin/itemstocklist.php +++ b/adm/shop_admin/itemstocklist.php @@ -82,7 +82,9 @@ $listall = '전체목 $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo ''.PHP_EOL; } ?> diff --git a/adm/shop_admin/itemtypelist.php b/adm/shop_admin/itemtypelist.php index a7b175b37..0587363fb 100644 --- a/adm/shop_admin/itemtypelist.php +++ b/adm/shop_admin/itemtypelist.php @@ -98,7 +98,9 @@ $listall = '전체목 $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo '전체목 $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; $selected = ($row1['ca_id'] == $sca) ? ' selected="selected"' : ''; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo '전체목 $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo ''.PHP_EOL; + // 전체 카테고리 경로 표시 + $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name']; + echo ''.PHP_EOL; } ?> diff --git a/adm/shop_admin/wishlist.php b/adm/shop_admin/wishlist.php index b54e3bb8c..f0f543daa 100644 --- a/adm/shop_admin/wishlist.php +++ b/adm/shop_admin/wishlist.php @@ -71,7 +71,9 @@ $listall = '전체목 $len = strlen($row1['ca_id']) / 2 - 1; $nbsp = ""; for ($i=0; $i<$len; $i++) $nbsp .= "   "; - echo "