충돌 수정

2018-11-21 16:41:48 +09:00
parent 58369c7ded 8399dafd4b
commit ceb0e3ef01
25 changed files with 92 additions and 46 deletions
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@ -72,6 +72,9 @@ $bo_category_list = str_replace($src_char, $dst_char, $bo_category_list);
 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
 $str_bo_category_list = isset($_POST['bo_category_list']) ? preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $_POST['bo_category_list']) : '';
 $_POST['bo_subject'] = strip_tags($_POST['bo_subject']);
 $_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']);
 $sql_common = " gr_id               = '{$_POST['gr_id']}',
                bo_subject          = '{$_POST['bo_subject']}',
                bo_mobile_subject   = '{$_POST['bo_mobile_subject']}',
--- a/adm/boardgroup_form.php
+++ b/adm/boardgroup_form.php
@ -117,7 +117,7 @@ include_once('./admin.head.php');
            <label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
            <input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo get_text($group['gr_'.$i.'_subj']) ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
            <label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
-            <input type="text" name="gr_<?php echo $i ?>" value="<?php echo $gr['gr_'.$i] ?>" id="gr_<?php echo $i ?>" class="frm_input">
+            <input type="text" name="gr_<?php echo $i ?>" value="<?php echo get_sanitize_input($gr['gr_'.$i]); ?>" id="gr_<?php echo $i ?>" class="frm_input">
        </td>
    </tr>
    <?php } ?>
--- a/adm/config_form.php
+++ b/adm/config_form.php
@ -1317,7 +1317,7 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
                <label for="cf_<?php echo $i ?>_subj">여분필드<?php echo $i ?> 제목</label>
                <input type="text" name="cf_<?php echo $i ?>_subj" value="<?php echo get_text($config['cf_'.$i.'_subj']) ?>" id="cf_<?php echo $i ?>_subj" class="frm_input" size="30">
                <label for="cf_<?php echo $i ?>">여분필드<?php echo $i ?> 값</label>
-                <input type="text" name="cf_<?php echo $i ?>" value="<?php echo $config['cf_'.$i] ?>" id="cf_<?php echo $i ?>" class="frm_input" size="30">
+                <input type="text" name="cf_<?php echo $i ?>" value="<?php echo get_sanitize_input($config['cf_'.$i]); ?>" id="cf_<?php echo $i ?>" class="frm_input" size="30">
            </td>
        </tr>
        <?php } ?>
--- a/adm/config_form_update.php
+++ b/adm/config_form_update.php
@ -26,6 +26,8 @@ if(!$_POST['cf_cert_use']) {
 $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : '';
 $_POST['cf_title'] = strip_tags($_POST['cf_title']);
 $sql = " update {$g5['config_table']}
            set cf_title = '{$_POST['cf_title']}',
                cf_admin = '{$_POST['cf_admin']}',
--- a/adm/contentform.php
+++ b/adm/contentform.php
@ -109,8 +109,8 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
        <td>
            <?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?>
            <select name="co_tag_filter_use" id="co_tag_filter_use">
-                <option value="1"<?php echo get_selected(1, $co['co_tag_filter_use']); ?>>사용함</option>
+                <option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option>
-                <option value="0"<?php echo get_selected(0, $co['co_tag_filter_use']); ?>>사용안함</option>
+                <option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option>
            </select>
        </td>
    </tr>
--- a/adm/menu_list.php
+++ b/adm/menu_list.php
@ -196,6 +196,20 @@ function base_convert(number, frombase, tobase) {
 function fmenulist_submit(f)
 {
    var me_links = document.getElementsByName('me_link[]');
    var reg = /^javascript/; 
 	for (i=0; i<me_links.length; i++){
 	    if( reg.test(me_links[i].value) ){ 
            alert('링크에 자바스크립트문을 입력할수 없습니다.');
            me_links[i].focus();
            return false;
        }
    }
    return true;
 }
 </script>
--- a/adm/menu_list_update.php
+++ b/adm/menu_list_update.php
@ -23,8 +23,8 @@ for ($i=0; $i<$count; $i++)
    $code    = $_POST['code'][$i];
    $me_name = $_POST['me_name'][$i];
-    $me_link = $_POST['me_link'][$i];
+    $me_link = preg_match('/^javascript/i', $_POST['me_link'][$i]) ? G5_URL : strip_tags($_POST['me_link'][$i]);
-
+    
    if(!$code || !$me_name || !$me_link)
        continue;
--- a/bbs/board_head.php
+++ b/bbs/board_head.php
@ -5,13 +5,13 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 if (G5_IS_MOBILE) {
    // 모바일의 경우 설정을 따르지 않는다.
    include_once(G5_BBS_PATH.'/_head.php');
-    echo stripslashes($board['bo_mobile_content_head']);
+    echo html_purifier(stripslashes($board['bo_mobile_content_head']));
 } else {
    if(is_include_path_check($board['bo_include_head'])) {  //파일경로 체크
        @include ($board['bo_include_head']);
    } else {    //파일경로가 올바르지 않으면 기본파일을 가져옴
        include_once(G5_BBS_PATH.'/_head.php');
    }
-    echo stripslashes($board['bo_content_head']);
+    echo html_purifier(stripslashes($board['bo_content_head']));
 }
 ?>
--- a/bbs/board_tail.php
+++ b/bbs/board_tail.php
@ -3,11 +3,11 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 // 게시판 관리의 하단 파일 경로
 if (G5_IS_MOBILE) {
-    echo stripslashes($board['bo_mobile_content_tail']);
+    echo html_purifier(stripslashes($board['bo_mobile_content_tail']));
    // 모바일의 경우 설정을 따르지 않는다.
    include_once(G5_BBS_PATH.'/_tail.php');
 } else {
-    echo stripslashes($board['bo_content_tail']);
+    echo html_purifier(stripslashes($board['bo_content_tail']));
    if(is_include_path_check($board['bo_include_tail'])) {  //파일경로 체크
        @include ($board['bo_include_tail']);
    } else {    //파일경로가 올바르지 않으면 기본파일을 가져옴
--- a/bbs/confirm.php
+++ b/bbs/confirm.php
@ -2,9 +2,9 @@
 include_once('./_common.php');
 include_once(G5_PATH.'/head.sub.php');
-$url1 = clean_xss_tags($url1);
+$url1 = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", clean_xss_tags($url1));
-$url2 = clean_xss_tags($url2);
+$url2 = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", clean_xss_tags($url2));
-$url3 = clean_xss_tags($url3);
+$url3 = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", clean_xss_tags($url3));
 // url 체크
 check_url_host($url1);
--- a/bbs/member_confirm.php
+++ b/bbs/member_confirm.php
@ -11,23 +11,28 @@ else
    $urlencode = urlencode($_SERVER[REQUEST_URI]);
 */
 $url = clean_xss_tags($_GET['url']);
 //소셜 로그인 한 경우
-if( function_exists('social_member_comfirm_redirect') ){    
+if( function_exists('social_member_comfirm_redirect') && (! $url || $url === 'register_form.php') ){    
    social_member_comfirm_redirect();
 }
 $g5['title'] = '회원 비밀번호 확인';
 include_once('./_head.sub.php');
 $url = clean_xss_tags($_GET['url']);
 // url 체크
 check_url_host($url, '', G5_URL, true);
-if( preg_match('#^/{3,}#', $url) ){
+if($url){
-    $url = preg_replace('#^/{3,}#', '/', $url);
+    $url = preg_replace('#^/\\\{1,}#', '/', $url);
    if( preg_match('#^/{3,}#', $url) ){
        $url = preg_replace('#^/{3,}#', '/', $url);
    }
 }
 $url = get_text($url);
 include_once($member_skin_path.'/member_confirm.skin.php');
--- a/bbs/new_delete.php
+++ b/bbs/new_delete.php
@ -128,7 +128,7 @@ for($i=0;$i<count($_POST['chk_bn_id']);$i++)
        $row = sql_fetch($sql);
        // 원글의 코멘트 숫자를 감소
-        sql_query(" update $write_table set wr_comment = wr_comment - 1, wr_last = '$row[wr_last]' where wr_id = '{$write['wr_parent']}' ");
+        sql_query(" update $write_table set wr_comment = wr_comment - 1, wr_last = '{$row['wr_last']}' where wr_id = '{$write['wr_parent']}' ");
        // 코멘트 숫자 감소
        sql_query(" update {$g5['board_table']} set bo_count_comment = bo_count_comment - 1 where bo_table = '$bo_table' ");
--- a/bbs/password.php
+++ b/bbs/password.php
@ -43,8 +43,8 @@ switch ($w) {
 include_once(G5_PATH.'/head.sub.php');
-//if ($board['bo_include_head']) { @include ($board['bo_include_head']); }
+//if ($board['bo_include_head'] && is_include_path_check($board['bo_content_head'])) { @include ($board['bo_include_head']); }
-//if ($board['bo_content_head']) { echo stripslashes($board['bo_content_head']); }
+//if ($board['bo_content_head']) { echo html_purifier(stripslashes($board['bo_content_head'])); }
 /* 비밀글의 제목을 가져옴 지운아빠 2013-01-29 */
 $sql = " select wr_subject from {$write_table}
@ -57,8 +57,8 @@ $g5['title'] = get_text($row['wr_subject']);
 include_once($member_skin_path.'/password.skin.php');
-//if ($board['bo_content_tail']) { echo stripslashes($board['bo_content_tail']); }
+//if ($board['bo_content_tail']) { echo html_purifier(stripslashes($board['bo_content_tail'])); }
-//if ($board['bo_include_tail']) { @include ($board['bo_include_tail']); }
+//if ($board['bo_include_tail'] && is_include_path_check($board['bo_content_tail'])) { @include ($board['bo_include_tail']); }
 include_once(G5_PATH.'/tail.sub.php');
 ?>
--- a/bbs/view_image.php
+++ b/bbs/view_image.php
@ -4,12 +4,12 @@ include_once('./_common.php');
 $g5['title'] = '이미지 크게보기';
 include_once(G5_PATH.'/head.sub.php');
-$filename = preg_replace('/[^A-Za-z0-9 _ .-\/]/', '', $_GET['fn']);
+$filename = preg_replace('/[^A-Za-z0-9 _ .\-\/]/', '', $_GET['fn']);
 $extension = pathinfo($filename, PATHINFO_EXTENSION);
 if ( ! preg_match('/(jpg|jpeg|png|gif|bmp)$/i', $extension) ){
-    alert_close('확장자가 이미지인것만 요청할수 있습니다.');
+    alert_close('이미지 확장자가 아닙니다.');
 }
 if(strpos($filename, 'data/editor')) {
--- a/config.php
+++ b/config.php
@ -5,7 +5,7 @@
 ********************/
 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.3.1.9');
+define('G5_GNUBOARD_VER', '5.3.2.0');
 define('G5_YOUNGCART_VER', '5.3.1.9');
 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
--- a/js/certify.js
+++ b/js/certify.js
@ -1,6 +1,11 @@
 // 본인확인 인증창 호출
-function certify_win_open(type, url)
+function certify_win_open(type, url, event)
 {
    if (typeof event == "undefined") {
        event = window.event;
    }
    if(type == 'kcb-ipin')
    {
        var popupWindow = window.open( url, "kcbPop", "left=200, top=100, status=0, width=450, height=550" );
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -2900,6 +2900,8 @@ function clean_xss_tags($str)
 {
    $str = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $str);
    $str = str_replace(array('<script>','</script>','<noscript>','</noscript>'), '', $str);
    return $str;
 }
@ -3438,10 +3440,13 @@ function is_use_email_certify(){
 function get_real_client_ip(){
-    if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
+    $real_ip = $_SERVER['REMOTE_ADDR'];
        return $_SERVER['HTTP_X_FORWARDED_FOR'];
-    return $_SERVER['REMOTE_ADDR'];
+    if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_SERVER['HTTP_X_FORWARDED_FOR']) ){
        $real_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    return preg_replace('/[^0-9.]/', '', $real_ip);
 }
 function get_call_func_cache($func, $args=array()){
--- a/mobile/skin/member/basic/register_form.skin.php
+++ b/mobile/skin/member/basic/register_form.skin.php
@ -52,7 +52,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
            if($config['cf_cert_use']) {
                if($config['cf_cert_ipin'])
                    echo '<button type="button" id="win_ipin_cert" class="btn_frmline btn">아이핀 본인확인</button>'.PHP_EOL;
-                if($config['cf_cert_hp'] && $config['cf_cert_hp'] != 'lg')
+                if($config['cf_cert_hp'])
                    echo '<button type="button" id="win_hp_cert" class="btn_frmline btn">휴대폰 본인확인</button>'.PHP_EOL;
                echo '<noscript>본인확인을 위해서는 자바스크립트 사용이 가능해야합니다.</noscript>'.PHP_EOL;
@ -106,7 +106,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
        <?php if ($config['cf_use_homepage']) { ?>
        <li>
            <label for="reg_mb_homepage" class="sound_only">홈페이지<?php if ($config['cf_req_homepage']){ ?><strong>필수</strong><?php } ?></label>
-            <input type="url" name="mb_homepage" value="<?php echo get_text($member['mb_homepage']) ?>" id="reg_mb_homepage" class="frm_input full_input <?php echo $config['cf_req_homepage']?"required":""; ?>" maxlength="255" <?php echo $config['cf_req_homepage']?"required":""; ?> placeholder="홈페이지">
+            <input type="text" name="mb_homepage" value="<?php echo get_text($member['mb_homepage']) ?>" id="reg_mb_homepage" class="frm_input full_input <?php echo $config['cf_req_homepage']?"required":""; ?>" maxlength="255" <?php echo $config['cf_req_homepage']?"required":""; ?> placeholder="홈페이지">
        </li>
        <?php } ?>
@ -272,19 +272,19 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
        <?php if($config['cf_cert_use'] && $config['cf_cert_ipin']) { ?>
        // 아이핀인증
-        $("#win_ipin_cert").click(function() {
+        $("#win_ipin_cert").click(function(e) {
            if(!cert_confirm())
                return false;
            var url = "<?php echo G5_OKNAME_URL; ?>/ipin1.php";
-            certify_win_open('kcb-ipin', url);
+            certify_win_open('kcb-ipin', url, e);
            return;
        });
        <?php } ?>
        <?php if($config['cf_cert_use'] && $config['cf_cert_hp']) { ?>
        // 휴대폰인증
-        $("#win_hp_cert").click(function() {
+        $("#win_hp_cert").click(function(e) {
            if(!cert_confirm())
                return false;
@ -298,6 +298,10 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
                    $cert_url = G5_KCPCERT_URL.'/kcpcert_form.php';
                    $cert_type = 'kcp-hp';
                    break;
                case 'lg':
                    $cert_url = G5_LGXPAY_URL.'/AuthOnlyReq.php';
                    $cert_type = 'lg-hp';
                    break;
                default:
                    echo 'alert("기본환경설정에서 휴대폰 본인확인 설정을 해주십시오");';
                    echo 'return false;';
@ -305,7 +309,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
            }
            ?>
-            certify_win_open("<?php echo $cert_type; ?>", "<?php echo $cert_url; ?>");
+            certify_win_open("<?php echo $cert_type; ?>", "<?php echo $cert_url; ?>", e);
            return;
        });
        <?php } ?>
--- a/plugin/lgxpay/AuthOnlyReq.php
+++ b/plugin/lgxpay/AuthOnlyReq.php
@ -165,6 +165,8 @@ $_SESSION['lgd_certify'] = $payReqMap;
 <input type="hidden" name="LGD_ENCODING" value="UTF-8"/>
 <?php
 foreach ($payReqMap as $key => $value) {
    $key = htmlspecialchars(strip_tags($key));
    $value = htmlspecialchars(strip_tags($value));
    echo "<input type='hidden' name='$key' id='$key' value='$value'/>".PHP_EOL;
 }
 ?>
--- a/plugin/lgxpay/returnurl.php
+++ b/plugin/lgxpay/returnurl.php
@ -57,6 +57,8 @@ $payReqMap = $_SESSION['lgd_certify'];//결제 요청시, Session에 저장했
 <form method="post" name="LGD_RETURNINFO" id="LGD_RETURNINFO">
 <?php
 	  foreach ($payReqMap as $key => $value) {
        $key = htmlspecialchars(strip_tags($key));
        $value = htmlspecialchars(strip_tags($value));
      echo "<input type='hidden' name='$key' id='$key' value='$value'>";
    }
 ?>
--- a/skin/board/basic/style.css
+++ b/skin/board/basic/style.css
@ -65,7 +65,7 @@
 #bo_w .tbl_frm01 {}
 #bo_w .tbl_frm01 th {}
 #bo_w .tbl_frm01 td {}
-#bo_w .tbl_frm01 textarea, #bo_w tbl_frm01 .frm_input {}
+#bo_w .tbl_frm01 textarea, #bo_w .tbl_frm01 .frm_input {}
 #bo_w .tbl_frm01 textarea {}
 /*
 #bo_w .tbl_frm01 #captcha {}
--- a/skin/board/gallery/style.css
+++ b/skin/board/gallery/style.css
@ -55,7 +55,7 @@
 #bo_w .tbl_frm01 {}
 #bo_w .tbl_frm01 th {}
 #bo_w .tbl_frm01 td {}
-#bo_w .tbl_frm01 textarea, #bo_w tbl_frm01 .frm_input {}
+#bo_w .tbl_frm01 textarea, #bo_w .tbl_frm01 .frm_input {}
 #bo_w .tbl_frm01 textarea {}
 /*
 #bo_w .tbl_frm01 #captcha {}
--- a/theme/basic/mobile/skin/member/basic/register_form.skin.php
+++ b/theme/basic/mobile/skin/member/basic/register_form.skin.php
@ -52,7 +52,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
            if($config['cf_cert_use']) {
                if($config['cf_cert_ipin'])
                    echo '<button type="button" id="win_ipin_cert" class="btn_frmline btn">아이핀 본인확인</button>'.PHP_EOL;
-                if($config['cf_cert_hp'] && $config['cf_cert_hp'] != 'lg')
+                if($config['cf_cert_hp'])
                    echo '<button type="button" id="win_hp_cert" class="btn_frmline btn">휴대폰 본인확인</button>'.PHP_EOL;
                echo '<noscript>본인확인을 위해서는 자바스크립트 사용이 가능해야합니다.</noscript>'.PHP_EOL;
@ -106,7 +106,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
        <?php if ($config['cf_use_homepage']) { ?>
        <li>
            <label for="reg_mb_homepage" class="sound_only">홈페이지<?php if ($config['cf_req_homepage']){ ?><strong>필수</strong><?php } ?></label>
-            <input type="url" name="mb_homepage" value="<?php echo get_text($member['mb_homepage']) ?>" id="reg_mb_homepage" class="frm_input full_input <?php echo $config['cf_req_homepage']?"required":""; ?>" maxlength="255" <?php echo $config['cf_req_homepage']?"required":""; ?> placeholder="홈페이지">
+            <input type="text" name="mb_homepage" value="<?php echo get_text($member['mb_homepage']) ?>" id="reg_mb_homepage" class="frm_input full_input <?php echo $config['cf_req_homepage']?"required":""; ?>" maxlength="255" <?php echo $config['cf_req_homepage']?"required":""; ?> placeholder="홈페이지">
        </li>
        <?php } ?>
@ -272,19 +272,19 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
        <?php if($config['cf_cert_use'] && $config['cf_cert_ipin']) { ?>
        // 아이핀인증
-        $("#win_ipin_cert").click(function() {
+        $("#win_ipin_cert").click(function(e) {
            if(!cert_confirm())
                return false;
            var url = "<?php echo G5_OKNAME_URL; ?>/ipin1.php";
-            certify_win_open('kcb-ipin', url);
+            certify_win_open('kcb-ipin', url, e);
            return;
        });
        <?php } ?>
        <?php if($config['cf_cert_use'] && $config['cf_cert_hp']) { ?>
        // 휴대폰인증
-        $("#win_hp_cert").click(function() {
+        $("#win_hp_cert").click(function(e) {
            if(!cert_confirm())
                return false;
@ -298,6 +298,10 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
                    $cert_url = G5_KCPCERT_URL.'/kcpcert_form.php';
                    $cert_type = 'kcp-hp';
                    break;
                case 'lg':
                    $cert_url = G5_LGXPAY_URL.'/AuthOnlyReq.php';
                    $cert_type = 'lg-hp';
                    break;
                default:
                    echo 'alert("기본환경설정에서 휴대폰 본인확인 설정을 해주십시오");';
                    echo 'return false;';
@ -305,7 +309,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
            }
            ?>
-            certify_win_open("<?php echo $cert_type; ?>", "<?php echo $cert_url; ?>");
+            certify_win_open("<?php echo $cert_type; ?>", "<?php echo $cert_url; ?>", e);
            return;
        });
        <?php } ?>
--- a/theme/basic/skin/board/basic/style.css
+++ b/theme/basic/skin/board/basic/style.css
@ -65,7 +65,7 @@
 #bo_w .tbl_frm01 {}
 #bo_w .tbl_frm01 th {}
 #bo_w .tbl_frm01 td {}
-#bo_w .tbl_frm01 textarea, #bo_w tbl_frm01 .frm_input {}
+#bo_w .tbl_frm01 textarea, #bo_w .tbl_frm01 .frm_input {}
 #bo_w .tbl_frm01 textarea {}
 /*
 #bo_w .tbl_frm01 #captcha {}
--- a/theme/basic/skin/board/gallery/style.css
+++ b/theme/basic/skin/board/gallery/style.css
@ -55,7 +55,7 @@
 #bo_w .tbl_frm01 {}
 #bo_w .tbl_frm01 th {}
 #bo_w .tbl_frm01 td {}
-#bo_w .tbl_frm01 textarea, #bo_w tbl_frm01 .frm_input {}
+#bo_w .tbl_frm01 textarea, #bo_w .tbl_frm01 .frm_input {}
 #bo_w .tbl_frm01 textarea {}
 /*
 #bo_w .tbl_frm01 #captcha {}