diff --git a/adm/shop_admin/configformupdate.php b/adm/shop_admin/configformupdate.php
index adfb06ea8..adf10c60c 100644
--- a/adm/shop_admin/configformupdate.php
+++ b/adm/shop_admin/configformupdate.php
@@ -64,6 +64,8 @@ foreach($check_skin_keys as $key){
     if( isset($_POST[$key]) && preg_match('#\.+(\/|\\\)#', $_POST[$key]) ){
         alert('스킨설정에 유효하지 문자가 포함되어 있습니다.');
     }
+    
+    $$key = $_POST[$key] = sql_real_escape_string($_POST[$key]);
 }
 
 // 현금영수증 발급수단
diff --git a/shop/naverpay/naverpay_order.php b/shop/naverpay/naverpay_order.php
index 7d98b317a..840b493fb 100644
--- a/shop/naverpay/naverpay_order.php
+++ b/shop/naverpay/naverpay_order.php
@@ -3,6 +3,8 @@ include_once('./_common.php');
 include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php');
 include_once(G5_LIB_PATH.'/naverpay.lib.php');
 
+if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return;
+
 $pattern = '#[/\'\"%=*\#\(\)\|\+\&\!\$~\{\}\[\]`;:\?\^\,]#';
 $post_naverpay_form = isset($_POST['naverpay_form']) ? clean_xss_tags($_POST['naverpay_form']) : '';
 
@@ -98,7 +100,8 @@ for($i=0; $i<$count; $i++) {
     $opt_count = (isset($_POST['io_id'][$it_id]) && is_array($_POST['io_id'][$it_id])) ? count($_POST['io_id'][$it_id]) : 0;
     
     if( ! $it_id) continue;
-
+    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue;
+    
     if($opt_count && $_POST['io_type'][$it_id][0] != 0)
         return_error2json('상품의 선택옵션을 선택해 주십시오.');
 
diff --git a/shop/naverpay/naverpay_wish.php b/shop/naverpay/naverpay_wish.php
index 9e62bf486..6ccd3c34a 100644
--- a/shop/naverpay/naverpay_wish.php
+++ b/shop/naverpay/naverpay_wish.php
@@ -3,6 +3,8 @@ include_once('./_common.php');
 include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php');
 include_once(G5_LIB_PATH.'/naverpay.lib.php');
 
+if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return;
+
 $count = (isset($_POST['it_id']) && is_array($_POST['it_id'])) ? count($_POST['it_id']) : 0;
 
 if ($count < 1)
@@ -13,6 +15,8 @@ $item  = '';
 
 for($i=0; $i<$count; $i++) {
     $it_id = isset($_POST['it_id']) ? $_POST['it_id'][$i] : '';
+    
+    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue;
 
     // 상품정보
     $it = get_shop_item($it_id, true);
diff --git a/shop/settle_naverpay.inc.php b/shop/settle_naverpay.inc.php
index 93c4b501b..808d8e393 100644
--- a/shop/settle_naverpay.inc.php
+++ b/shop/settle_naverpay.inc.php
@@ -15,6 +15,8 @@ if(basename($_SERVER['SCRIPT_NAME']) == 'item.php') {
         return;
 }
 
+define('G5_SHOP_USE_NAVERPAY', 1);
+
 $naverpay_button_js = '';
 
 $is_mobile_order = is_mobile();