From cfc85a327b70b201028312be6caeebb7fa7ad4c2 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 19 Mar 2018 09:40:21 +0900
Subject: [PATCH] =?UTF-8?q?=EB=B6=84=EB=A5=98=EB=AA=85=20=ED=8C=A8?=
 =?UTF-8?q?=EC=B9=98=20f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58=20?=
 =?UTF-8?q?=EC=97=90=20=EB=94=B0=EB=A5=B8=20=EC=B6=94=EA=B0=80=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/board_form.php        | 2 +-
 adm/board_form_update.php | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/adm/board_form.php b/adm/board_form.php
index 6855e3cb6..651d686db 100644
--- a/adm/board_form.php
+++ b/adm/board_form.php
@@ -233,7 +233,7 @@ $frm_submit .= '</div>';
         <tr>
             <th scope="row"><label for="bo_category_list">분류</label></th>
             <td>
-                <?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
+                <?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])'."\n".'분류명에 일부 특수문자 ()/ 는 사용할수 없습니다.'); ?>
                 <input type="text" name="bo_category_list" value="<?php echo get_text($board['bo_category_list']) ?>" id="bo_category_list" class="frm_input" size="70">
                 <input type="checkbox" name="bo_use_category" value="1" id="bo_use_category" <?php echo $board['bo_use_category']?'checked':''; ?>>
                 <label for="bo_use_category">사용</label>
diff --git a/adm/board_form_update.php b/adm/board_form_update.php
index dd49120ba..dccf74db3 100644
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@@ -60,6 +60,8 @@ $f = @fopen($file, 'w');
 $src_char = array('&', '=');
 $dst_char = array('＆', '〓');
 $bo_category_list = str_replace($src_char, $dst_char, $bo_category_list);
+//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
+$str_bo_category_list = isset($_POST['bo_category_list']) ? preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $_POST['bo_category_list']) : '';
 
 $sql_common = " gr_id               = '{$_POST['gr_id']}',
                 bo_subject          = '{$_POST['bo_subject']}',
@@ -82,7 +84,7 @@ $sql_common = " gr_id               = '{$_POST['gr_id']}',
                 bo_comment_point    = '{$_POST['bo_comment_point']}',
                 bo_download_point   = '{$_POST['bo_download_point']}',
                 bo_use_category     = '{$_POST['bo_use_category']}',
-                bo_category_list    = '{$_POST['bo_category_list']}',
+                bo_category_list    = '{$str_bo_category_list}',
                 bo_use_sideview     = '{$_POST['bo_use_sideview']}',
                 bo_use_file_content = '{$_POST['bo_use_file_content']}',
                 bo_use_secret       = '{$_POST['bo_use_secret']}',