diff --git a/adm/shop_admin/couponformupdate.php b/adm/shop_admin/couponformupdate.php
index 6d907567f..700ec60e4 100644
--- a/adm/shop_admin/couponformupdate.php
+++ b/adm/shop_admin/couponformupdate.php
@@ -166,7 +166,7 @@ if($w == '' && ($_POST['cp_sms_send'] || $_POST['cp_email_send'])) {
// E-MAIL
if($config['cf_email_use'] && $_POST['cp_email_send'] && $arr_send_list[$i]['mb_email'] && $arr_send_list[$i]['mb_mailling']) {
- $mb_name = $arr_send_list[$i]['mb_name'];
+ $mb_name = get_text($arr_send_list[$i]['mb_name']);
switch($cp_method) {
case 2:
$coupon_method = '결제금액할인';
diff --git a/adm/shop_admin/couponmember.php b/adm/shop_admin/couponmember.php
index 37f1e8002..65a7082f9 100644
--- a/adm/shop_admin/couponmember.php
+++ b/adm/shop_admin/couponmember.php
@@ -59,7 +59,7 @@ $qstr1 = 'mb_name='.$_GET['mb_name'];
for($i=0; $row=sql_fetch_array($result); $i++) {
?>
- |
+ |
|
|
diff --git a/adm/shop_admin/itemqaform.php b/adm/shop_admin/itemqaform.php
index 17310d9eb..e94b4381f 100644
--- a/adm/shop_admin/itemqaform.php
+++ b/adm/shop_admin/itemqaform.php
@@ -12,7 +12,7 @@ $sql = " select *
$iq = sql_fetch($sql);
if (!$iq['iq_id']) alert('등록된 자료가 없습니다.');
-$name = get_sideview($is['mb_id'], $iq['iq_name'], $is['mb_email'], $is['mb_homepage']);
+$name = get_sideview($is['mb_id'], get_text($iq['iq_name']), $is['mb_email'], $is['mb_homepage']);
$g5['title'] = '상품문의';
include_once (G5_ADMIN_PATH.'/admin.head.php');
diff --git a/adm/shop_admin/itemqalist.php b/adm/shop_admin/itemqalist.php
index a02e21f9f..ee2024e9b 100644
--- a/adm/shop_admin/itemqalist.php
+++ b/adm/shop_admin/itemqalist.php
@@ -120,7 +120,7 @@ $listall = '전체목록 0)
$s_receipt_way .= $s_br."포인트";
- $mb_nick = get_sideview($row['mb_id'], $row['od_name'], $row['od_email'], '');
+ $mb_nick = get_sideview($row['mb_id'], get_text($row['od_name']), $row['od_email'], '');
$od_cnt = 0;
if ($row['mb_id'])
diff --git a/shop/itemqaformupdate.php b/shop/itemqaformupdate.php
index f524ed02c..b4d1dc7f9 100644
--- a/shop/itemqaformupdate.php
+++ b/shop/itemqaformupdate.php
@@ -12,7 +12,7 @@ $iq_answer = trim($_POST['iq_answer']);
$hash = trim($_REQUEST['hash']);
if ($w == "" || $w == "u") {
- $iq_name = $member['mb_name'];
+ $iq_name = addslashes($member['mb_name']);
$iq_password = $member['mb_password'];
if (!$iq_subject) alert("제목을 입력하여 주십시오.");
diff --git a/shop/itemrecommendmail.php b/shop/itemrecommendmail.php
index 2be39e147..b3504754b 100644
--- a/shop/itemrecommendmail.php
+++ b/shop/itemrecommendmail.php
@@ -36,7 +36,7 @@ if (!$it['it_id'])
$subject = stripslashes($subject);
$content = nl2br(stripslashes($content));
-$from_name = $member['mb_name'];
+$from_name = get_text($member['mb_name']);
$from_email = $member['mb_email'];
$it_id = $it['it_id'];
$it_name = $it['it_name'];
diff --git a/shop/itemuseformupdate.php b/shop/itemuseformupdate.php
index 642330d2a..45ddb11c2 100644
--- a/shop/itemuseformupdate.php
+++ b/shop/itemuseformupdate.php
@@ -16,7 +16,7 @@ $is_score = (int)$_POST['is_score'] > 5 ? 0 : (int)$_POST['is_score'];
check_itemuse_write($it_id, $member['mb_id']);
if ($w == "" || $w == "u") {
- $is_name = $member['mb_name'];
+ $is_name = addslashes($member['mb_name']);
$is_password = $member['mb_password'];
if (!$is_subject) alert("제목을 입력하여 주십시오.");