diff --git a/adm/shop_admin/bannerform.php b/adm/shop_admin/bannerform.php index 845214552..4b7b1fe42 100644 --- a/adm/shop_admin/bannerform.php +++ b/adm/shop_admin/bannerform.php @@ -74,7 +74,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php'); - + diff --git a/adm/shop_admin/bannerformupdate.php b/adm/shop_admin/bannerformupdate.php index 83b2767bb..7cf40561f 100644 --- a/adm/shop_admin/bannerformupdate.php +++ b/adm/shop_admin/bannerformupdate.php @@ -35,6 +35,7 @@ if( $bn_bimg || $bn_bimg_name ){ } $bn_url = clean_xss_tags($bn_url); +$bn_alt = function_exists('clean_xss_attributes') ? clean_xss_attributes(strip_tags($bn_alt)) : strip_tags($bn_alt); if ($w=="") { diff --git a/adm/shop_admin/bannerlist.php b/adm/shop_admin/bannerlist.php index 1319e964a..0e14cd169 100644 --- a/adm/shop_admin/bannerlist.php +++ b/adm/shop_admin/bannerlist.php @@ -68,7 +68,7 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함 $bn_img = ""; - $bn_img .= ''.$row['bn_alt'].''; + $bn_img .= ''.get_text($row['bn_alt']).''; } switch($row['bn_device']) { diff --git a/mobile/skin/shop/basic/boxbanner.skin.php b/mobile/skin/shop/basic/boxbanner.skin.php index 6bd9d6546..08b5409b1 100644 --- a/mobile/skin/shop/basic/boxbanner.skin.php +++ b/mobile/skin/shop/basic/boxbanner.skin.php @@ -27,7 +27,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/mobile/skin/shop/basic/mainbanner.10.skin.php b/mobile/skin/shop/basic/mainbanner.10.skin.php index 3acb35984..f600f14a8 100644 --- a/mobile/skin/shop/basic/mainbanner.10.skin.php +++ b/mobile/skin/shop/basic/mainbanner.10.skin.php @@ -42,7 +42,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/skin/shop/basic/boxbanner.skin.php b/skin/shop/basic/boxbanner.skin.php index 9f12831f6..4b5a54222 100644 --- a/skin/shop/basic/boxbanner.skin.php +++ b/skin/shop/basic/boxbanner.skin.php @@ -28,7 +28,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/skin/shop/basic/mainbanner.10.skin.php b/skin/shop/basic/mainbanner.10.skin.php index 1a7d60553..90dde2af0 100644 --- a/skin/shop/basic/mainbanner.10.skin.php +++ b/skin/shop/basic/mainbanner.10.skin.php @@ -46,7 +46,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/theme/basic/mobile/skin/shop/basic/boxbanner.skin.php b/theme/basic/mobile/skin/shop/basic/boxbanner.skin.php index 6bd9d6546..08b5409b1 100644 --- a/theme/basic/mobile/skin/shop/basic/boxbanner.skin.php +++ b/theme/basic/mobile/skin/shop/basic/boxbanner.skin.php @@ -27,7 +27,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/theme/basic/mobile/skin/shop/basic/mainbanner.10.skin.php b/theme/basic/mobile/skin/shop/basic/mainbanner.10.skin.php index 3acb35984..f600f14a8 100644 --- a/theme/basic/mobile/skin/shop/basic/mainbanner.10.skin.php +++ b/theme/basic/mobile/skin/shop/basic/mainbanner.10.skin.php @@ -42,7 +42,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/theme/basic/skin/shop/basic/boxbanner.skin.php b/theme/basic/skin/shop/basic/boxbanner.skin.php index 975547ea9..95c2cbef4 100644 --- a/theme/basic/skin/shop/basic/boxbanner.skin.php +++ b/theme/basic/skin/shop/basic/boxbanner.skin.php @@ -28,7 +28,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL; diff --git a/theme/basic/skin/shop/basic/mainbanner.10.skin.php b/theme/basic/skin/shop/basic/mainbanner.10.skin.php index 1a7d60553..90dde2af0 100644 --- a/theme/basic/skin/shop/basic/mainbanner.10.skin.php +++ b/theme/basic/skin/shop/basic/mainbanner.10.skin.php @@ -46,7 +46,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; } - echo $banner.''.$row['bn_alt'].''; + echo $banner.''.get_text($row['bn_alt']).''; if($banner) echo ''.PHP_EOL; echo ''.PHP_EOL;