diff --git a/adm/admin.lib.php b/adm/admin.lib.php
index 53410238e..38a1183f4 100644
--- a/adm/admin.lib.php
+++ b/adm/admin.lib.php
@@ -191,7 +191,6 @@ function order_select($fld, $sel='')
 // 접근 권한 검사
 if (!$member['mb_id'])
 {
-    //alert('로그인 하십시오.', '$g5['bbs_path']/login.php?url=' . urlencode('$_SERVER['PHP_SELF']?w=$w&mb_id=$mb_id'));
     alert('로그인 하십시오.', G5_BBS_URL.'/login.php?url=' . urlencode(G5_ADMIN_URL));
 }
 else if ($is_admin != 'super')
diff --git a/adm/auth_list.php b/adm/auth_list.php
index fc11f400e..3dfad19f5 100644
--- a/adm/auth_list.php
+++ b/adm/auth_list.php
@@ -45,7 +45,7 @@ $sql = " select *
             limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $g5['title'] = "관리권한설정";
 include_once('./admin.head.php');
@@ -158,7 +158,7 @@ else
 </form>
 
 <?php
-$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page=');
+$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page=');
 echo $pagelist;
 ?>
 
diff --git a/adm/board_form.php b/adm/board_form.php
index 1bf23223c..d40bd5756 100644
--- a/adm/board_form.php
+++ b/adm/board_form.php
@@ -1099,12 +1099,12 @@ $frm_submit .= '</div>';
                     <option value="wr_good desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_good desc, wr_num, wr_reply"); ?>>wr_good desc : 추천수 높은것 부터</option>
                     <option value="wr_nogood asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_nogood asc, wr_num, wr_reply"); ?>>wr_nogood asc : 비추천수 낮은것 부터</option>
                     <option value="wr_nogood desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_nogood desc, wr_num, wr_reply"); ?>>wr_nogood desc : 비추천수 높은것 부터</option>
-                    <option value="wr_subject asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_subject asc, wr_num, wr_reply"); ?>>wr_subject asc : 제목 내림차순</option>
-                    <option value="wr_subject desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_subject desc, wr_num, wr_reply"); ?>>wr_subject desc : 제목 오름차순</option>
-                    <option value="wr_name asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_name asc, wr_num, wr_reply"); ?>>wr_name asc : 글쓴이 내림차순</option>
-                    <option value="wr_name desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_name desc, wr_num, wr_reply"); ?>>wr_name desc : 글쓴이 오름차순</option>
-                    <option value="ca_name asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "ca_name asc, wr_num, wr_reply"); ?>>ca_name asc : 분류명 내림차순</option>
-                    <option value="ca_name desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "ca_name desc, wr_num, wr_reply"); ?>>ca_name desc : 분류명 오름차순</option>
+                    <option value="wr_subject asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_subject asc, wr_num, wr_reply"); ?>>wr_subject asc : 제목 오름차순</option>
+                    <option value="wr_subject desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_subject desc, wr_num, wr_reply"); ?>>wr_subject desc : 제목 내림차순</option>
+                    <option value="wr_name asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_name asc, wr_num, wr_reply"); ?>>wr_name asc : 글쓴이 오름차순</option>
+                    <option value="wr_name desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "wr_name desc, wr_num, wr_reply"); ?>>wr_name desc : 글쓴이 내림차순</option>
+                    <option value="ca_name asc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "ca_name asc, wr_num, wr_reply"); ?>>ca_name asc : 분류명 오름차순</option>
+                    <option value="ca_name desc, wr_num, wr_reply" <?php echo get_selected($board['bo_sort_field'], "ca_name desc, wr_num, wr_reply"); ?>>ca_name desc : 분류명 내림차순</option>
                 </select>
             </td>
             <td class="td_grpset">
diff --git a/adm/board_list.php b/adm/board_list.php
index 1c51da1d2..ade37535c 100644
--- a/adm/board_list.php
+++ b/adm/board_list.php
@@ -46,7 +46,7 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $g5['title'] = '게시판관리';
 include_once('./admin.head.php');
@@ -208,7 +208,7 @@ $colspan = 15;
 
 </form>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page='); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
 
 <script>
 function fboardlist_submit(f)
diff --git a/adm/boardgroup_list.php b/adm/boardgroup_list.php
index 8d5e109d9..7fe391650 100644
--- a/adm/boardgroup_list.php
+++ b/adm/boardgroup_list.php
@@ -50,7 +50,7 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">처음</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">처음</a>';
 
 $g5['title'] = '게시판그룹설정';
 include_once('./admin.head.php');
@@ -190,7 +190,7 @@ $colspan = 10;
 </div>
 
 <?php
-$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page=');
+$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page=');
 echo $pagelist;
 ?>
 
diff --git a/adm/boardgroupmember_form.php b/adm/boardgroupmember_form.php
index 70d014c82..74737330e 100644
--- a/adm/boardgroupmember_form.php
+++ b/adm/boardgroupmember_form.php
@@ -76,7 +76,6 @@ $colspan = 4;
     $sql .= " order by a.gr_id desc ";
     $result = sql_query($sql);
     for ($i=0; $row=sql_fetch_array($result); $i++) {
-        $s_del = '<a href="javascript:post_delete(\'boardgroupmember_update.php\', \''.$row['gm_id'].'\');">삭제</a>';
     ?>
     <tr>
         <td class="td_chk">
diff --git a/adm/boardgroupmember_list.php b/adm/boardgroupmember_list.php
index e6eaf01fe..8827df7f1 100644
--- a/adm/boardgroupmember_list.php
+++ b/adm/boardgroupmember_list.php
@@ -104,8 +104,6 @@ $colspan = 7;
         if ($row2['cnt'])
             $group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
 
-        //$s_del = '<a href="javascript:post_delete(\'boardgroupmember_update.php\', \''.$row['gm_id'].'\');">삭제</a>';
-
         $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
 
         $bg = 'bg'.($i%2);
@@ -139,7 +137,7 @@ $colspan = 7;
 </div>
 </form>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;gr_id=$gr_id&page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page="); ?>
 
 <script>
 function fboardgroupmember_submit(f)
diff --git a/adm/config_form.php b/adm/config_form.php
index a7401dc2c..cb295b9f6 100644
--- a/adm/config_form.php
+++ b/adm/config_form.php
@@ -816,8 +816,8 @@ if ($config['cf_icode_id'] && $config['cf_icode_pw']) {
             <th scope="row" class="cf_cert_service"><label for="cf_cert_kcb_cd">코리아크레딧뷰로<br>KCB 회원사ID</label></th>
             <td class="cf_cert_service">
                 <?php echo help('KCB 회원사ID를 입력해 주십시오.<br>서비스에 가입되어 있지 않다면, KCB와 계약체결 후 회원사ID를 발급 받으실 수 있습니다.<br>이용하시려는 서비스에 대한 계약을 아이핀, 휴대폰 본인확인 각각 체결해주셔야 합니다.<br>아이핀 본인확인 테스트의 경우에는 KCB 회원사ID가 필요 없으나,<br>휴대폰 본인확인 테스트의 경우 KCB 에서 따로 발급 받으셔야 합니다.') ?>
-                <input type="text" name="cf_cert_kcb_cd" value="<?php echo $config['cf_cert_kcb_cd'] ?>" id="cf_cert_kcb_cd" class="frm_input" size="20"> <a href="http://sir.co.kr/main/provider/b_ipin.php" target="_blank" class="btn_frmline">KCB 아이핀 서비스 신청페이지</a>
-                <a href="http://sir.co.kr/main/provider/b_cert.php" target="_blank" class="btn_frmline">KCB 휴대폰 본인확인 서비스 신청페이지</a>
+                <input type="text" name="cf_cert_kcb_cd" value="<?php echo $config['cf_cert_kcb_cd'] ?>" id="cf_cert_kcb_cd" class="frm_input" size="20"> <a href="http://sir.co.kr/main/service/b_ipin.php" target="_blank" class="btn_frmline">KCB 아이핀 서비스 신청페이지</a>
+                <a href="http://sir.co.kr/main/service/b_cert.php" target="_blank" class="btn_frmline">KCB 휴대폰 본인확인 서비스 신청페이지</a>
             </td>
         </tr>
         <tr>
@@ -825,7 +825,7 @@ if ($config['cf_icode_id'] && $config['cf_icode_pw']) {
             <td class="cf_cert_service">
                 <?php echo help('SM으로 시작하는 5자리 사이트 코드중 뒤의 3자리만 입력해 주십시오.<br>서비스에 가입되어 있지 않다면, 본인확인 서비스 신청페이지에서 서비스 신청 후 사이트코드를 발급 받으실 수 있습니다.') ?>
                 <span class="sitecode">SM</span>
-                <input type="text" name="cf_cert_kcp_cd" value="<?php echo $config['cf_cert_kcp_cd'] ?>" id="cf_cert_kcp_cd" class="frm_input" size="3"> <a href="http://sir.co.kr/main/provider/p_cert.php" target="_blank" class="btn_frmline">KCP 휴대폰 본인확인 서비스 신청페이지</a>
+                <input type="text" name="cf_cert_kcp_cd" value="<?php echo $config['cf_cert_kcp_cd'] ?>" id="cf_cert_kcp_cd" class="frm_input" size="3"> <a href="http://sir.co.kr/main/service/p_cert.php" target="_blank" class="btn_frmline">KCP 휴대폰 본인확인 서비스 신청페이지</a>
             </td>
         </tr>
         <tr>
@@ -833,7 +833,7 @@ if ($config['cf_icode_id'] && $config['cf_icode_pw']) {
             <td class="cf_cert_service">
                 <?php echo help('LG유플러스 상점아이디 중 si_를 제외한 나머지 아이디만 입력해 주십시오.<br>서비스에 가입되어 있지 않다면, 본인확인 서비스 신청페이지에서 서비스 신청 후 상점아이디를 발급 받으실 수 있습니다.<br><strong>LG유플러스 휴대폰본인확인은 ActiveX 설치가 필요하므로 Internet Explorer 에서만 사용할 수 있습니다.</strong>') ?>
                 <span class="sitecode">si_</span>
-                <input type="text" name="cf_lg_mid" value="<?php echo $config['cf_lg_mid'] ?>" id="cf_lg_mid" class="frm_input" size="20"> <a href="http://sir.co.kr/main/provider/lg_cert.php" target="_blank" class="btn_frmline">LG유플러스 본인확인 서비스 신청페이지</a>
+                <input type="text" name="cf_lg_mid" value="<?php echo $config['cf_lg_mid'] ?>" id="cf_lg_mid" class="frm_input" size="20"> <a href="http://sir.co.kr/main/service/lg_cert.php" target="_blank" class="btn_frmline">LG유플러스 본인확인 서비스 신청페이지</a>
             </td>
         </tr>
         <tr>
diff --git a/adm/contentlist.php b/adm/contentlist.php
index 9f668507c..7f8ce87ca 100644
--- a/adm/contentlist.php
+++ b/adm/contentlist.php
@@ -50,7 +50,7 @@ $result = sql_query($sql);
 ?>
 
 <div class="local_ov01 local_ov">
-    <?php if ($page > 1) {?><a href="<?php echo $_SERVER['PHP_SELF']; ?>">처음으로</a><?php } ?>
+    <?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
     <span>전체 내용 <?php echo $total_count; ?>건</span>
 </div>
 
@@ -91,7 +91,7 @@ $result = sql_query($sql);
     </table>
 </div>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 
 <?php
 include_once (G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/css/admin.css b/adm/css/admin.css
index 10b7cf592..e77a3052a 100644
--- a/adm/css/admin.css
+++ b/adm/css/admin.css
@@ -690,11 +690,11 @@ strong.sodr_nonpay {display:block;padding:5px 0;text-align:right}
 
 /*부가서비스*/
 .lnb_svc{color:#ff3061;font-weight:bold}
-.service_wrap{min-width:960px; margin:0 20px 10px;overflow:hidden}
-.sevice_1{border:1px solid #ebe8e8;width:286px;float:left;border-radius:5px;text-align:center;margin-right:6px;}
+.service_wrap{width:960px; margin:0 20px 10px;overflow:hidden}
+.sevice_1{border:1px solid #ebe8e8;width:330px;float:left;border-radius:5px;text-align:center;margin-right:6px;}
 .sevice_1 .svc_img{padding:30px 0 0;}
 .sevice_1 h3{font-size:16px;margin:15px 0;color:#525252}
-.sevice_1 p{padding:20px;background:#f8f8f8;height:102px;font-size:12px;text-align:left;  color:#898989;line-height:18px}
+.sevice_1 p{padding:20px;background:#f8f8f8;height:90px;font-size:12px;text-align:left;  color:#898989;line-height:18px}
 .sevice_1 ul {width:100%;padding:0; margin:0;border-top:1px solid #ebe8e8;}
 .sevice_1 ul li{list-style:none;float:left;border-right:1px solid #ebe8e8;width:33%;}
 .sevice_1 ul li a{display:inline-block;height:76px;width:100%}
@@ -703,14 +703,14 @@ strong.sodr_nonpay {display:block;padding:5px 0;text-align:right}
 .sevice_1 h4{width:100%;padding:0; margin:0;border-top:1px solid #ebe8e8;}
 .sevice_1 h4 a{display:inline-block;height:66px;padding:10px 0 0;width:100%}
 
-.sevice_2{border:1px solid #ebe8e8;float:left;width:370px;}
-.sevice_2 .svc_a{float:left;width:203px;padding:33px 0 0 22px ;height:111px; }
-.sevice_2 .svc_a h3{font-size:14px;letter-spacing:-1px;color:#525252;margin-bottom:5px}
-.sevice_2 .svc_a p{color:#898989;line-height:18px;letter-spacing:-1px;}
-.sevice_2 .svc_btn{float:right;}
-.sevice_2 .svc_btn a{display:inline-block; background:#ff3061;width:121px;text-align:center;color:#fff;padding:10px 0;margin:53px 10px 0 0;}
+.sevice_2{border:1px solid #ebe8e8;float:left;width:282px;}
+.sevice_2 .svc_a{padding:33px 0 0;}
+.sevice_2 .svc_a h3{font-size:14px;letter-spacing:-1px;color:#525252;margin-bottom:5px;padding:0 20px 0}
+.sevice_2 .svc_a p{color:#898989;line-height:18px;letter-spacing:-1px;padding:5px 20px 0;}
+.sevice_2 .svc_btn{text-align:center;position:absolute;bottom:0;left:0;width:282px;}
+.sevice_2 .svc_btn a{display:inline-block; background:#ff3061;text-align:center;color:#fff;padding:10px 20px;}
 .sevice_2 .svc_btn a:hover{text-decoration:none;}
-.sevice_2 .svc_sms{overflow:hidden;border-bottom:1px solid #ebe8e8;}
-.sevice_2 .svc_sms .svc_btn a{display:inline-block; width:132px; background:#f8f8f8;height:145px;text-align:center;margin:0;padding:0}
-.sevice_2 .svc_sms .svc_btn a img{margin-top:50px;}
-.sevice_2 .svc_keyword{overflow:hidden;border-bottom:1px solid #ebe8e8;background:#e6f2f4}
+.sevice_2 .svc_sms{overflow:hidden; height:212px;position:relative}
+.sevice_2 .svc_sms .svc_btn a{display:inline-block; background:#f8f8f8;width:100%;text-align:center;margin:0;padding:10px 0 0 }
+.sevice_2 .svc_design{overflow:hidden;height:210px;position:relative}
+.sevice_2 .svc_design .svc_btn a{margin:0 0 20px}
diff --git a/adm/faqmasterlist.php b/adm/faqmasterlist.php
index bf6f24039..c21ea47e2 100644
--- a/adm/faqmasterlist.php
+++ b/adm/faqmasterlist.php
@@ -64,7 +64,7 @@ $result = sql_query($sql);
 ?>
 
 <div class="local_ov01 local_ov">
-    <?php if ($page > 1) {?><a href="<?php echo $_SERVER['PHP_SELF']; ?>">처음으로</a><?php } ?>
+    <?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
     <span>전체 FAQ <?php echo $total_count; ?>건</span>
 </div>
 
@@ -121,7 +121,7 @@ $result = sql_query($sql);
     </table>
 </div>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 
 <?php
 include_once (G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/index.php b/adm/index.php
index f5a1b2f79..a579ad851 100644
--- a/adm/index.php
+++ b/adm/index.php
@@ -84,7 +84,7 @@ $colspan = 12;
             else
             {
                 $s_mod = '<a href="./member_form.php?$qstr&amp;w=u&amp;mb_id='.$row['mb_id'].'">수정</a>';
-                $s_del = '<a href="javascript:del(\'./member_delete.php?'.$qstr.'&amp;w=d&amp;mb_id='.$row['mb_id'].'&amp;url='.$_SERVER['PHP_SELF'].'\');">삭제</a>';
+                $s_del = '<a href="javascript:del(\'./member_delete.php?'.$qstr.'&amp;w=d&amp;mb_id='.$row['mb_id'].'&amp;url='.$_SERVER['SCRIPT_NAME'].'\');">삭제</a>';
             }
             $s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">그룹</a>';
 
diff --git a/adm/mail_list.php b/adm/mail_list.php
index 727f4cf9c..6dfbd44ef 100644
--- a/adm/mail_list.php
+++ b/adm/mail_list.php
@@ -52,7 +52,6 @@ $colspan = 7;
     <tbody>
     <?php
     for ($i=0; $row=mysql_fetch_array($result); $i++) {
-        //$s_del = '<a href="javascript:post_delete(\'mail_update.php\', '.$row['ma_id'].');">삭제</a>';
         $s_vie = '<a href="./mail_preview.php?ma_id='.$row['ma_id'].'" target="_blank">미리보기</a>';
 
         $num = number_format($total_count - ($page - 1) * $config['cf_page_rows'] - $i);
diff --git a/adm/member_form_update.php b/adm/member_form_update.php
index 53174cd3b..333b18728 100644
--- a/adm/member_form_update.php
+++ b/adm/member_form_update.php
@@ -81,7 +81,7 @@ if ($w == '')
     if ($row['mb_id'])
         alert('이미 존재하는 이메일입니다.\\nＩＤ : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']);
 
-    sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '".sql_password($mb_password)."', mb_datetime = '".G5_TIME_YMDHIS."', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '".G5_TIME_YMDHIS."', {$sql_common} ");
+    sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '".get_encrypt_string($mb_password)."', mb_datetime = '".G5_TIME_YMDHIS."', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '".G5_TIME_YMDHIS."', {$sql_common} ");
 }
 else if ($w == 'u')
 {
@@ -139,7 +139,7 @@ else if ($w == 'u')
     }
 
     if ($mb_password)
-        $sql_password = " , mb_password = '".sql_password($mb_password)."' ";
+        $sql_password = " , mb_password = '".get_encrypt_string($mb_password)."' ";
     else
         $sql_password = "";
 
diff --git a/adm/member_list.php b/adm/member_list.php
index 5b94d03b5..ea3c6e4c6 100644
--- a/adm/member_list.php
+++ b/adm/member_list.php
@@ -56,7 +56,7 @@ $sql = " select count(*) as cnt {$sql_common} {$sql_search} and mb_intercept_dat
 $row = sql_fetch($sql);
 $intercept_count = $row['cnt'];
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $g5['title'] = '회원관리';
 include_once('./admin.head.php');
@@ -158,10 +158,8 @@ $colspan = 16;
 
         if ($is_admin == 'group') {
             $s_mod = '';
-            $s_del = '';
         } else {
             $s_mod = '<a href="./member_form.php?'.$qstr.'&amp;w=u&amp;mb_id='.$row['mb_id'].'">수정</a>';
-            //$s_del = '<a href="javascript:post_delete(\'member_delete.php\', \''.$row['mb_id'].'\');">삭제</a>';
         }
         $s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">그룹</a>';
 
@@ -224,7 +222,7 @@ $colspan = 16;
             <input type="radio" name="mb_certify[<?php echo $i; ?>]" value="hp" id="mb_certify_hp_<?php echo $i; ?>" <?php echo $row['mb_certify']=='hp'?'checked':''; ?>>
             <label for="mb_certify_hp_<?php echo $i; ?>">휴대폰</label>
         </td>
-        <td headers="mb_list_mobile" class="td_tel"><?php echo $row['mb_hp']; ?></td>
+        <td headers="mb_list_mobile" class="td_tel"><?php echo get_text($row['mb_hp']); ?></td>
         <td headers="mb_list_auth" class="td_mbstat">
             <?php
             if ($leave_msg || $intercept_msg) echo $leave_msg.' '.$intercept_msg;
@@ -261,7 +259,7 @@ $colspan = 16;
             <label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
             <?php } ?>
         </td>
-        <td headers="mb_list_tel" class="td_tel"><?php echo $row['mb_tel']; ?></td>
+        <td headers="mb_list_tel" class="td_tel"><?php echo get_text($row['mb_tel']); ?></td>
         <td headers="mb_list_point" class="td_num"><a href="point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
         <td headers="mb_list_join" class="td_date"><?php echo substr($row['mb_datetime'],2,8); ?></td>
     </tr>
diff --git a/adm/menu_list.php b/adm/menu_list.php
index bf6f75752..408a597f1 100644
--- a/adm/menu_list.php
+++ b/adm/menu_list.php
@@ -71,12 +71,16 @@ $colspan = 7;
             $sub_menu_info = '<span class="sound_only">'.$row['me_name'].'의 서브</span>';
             $sub_menu_ico = '<span class="sub_menu_ico"></span>';
         }
+
+        $search  = array('"', "'");
+        $replace = array('&#34;', '&#39;');
+        $me_name = str_replace($search, $replace, $row['me_name']);
     ?>
     <tr class="<?php echo $bg; ?> menu_list menu_group_<?php echo substr($row['me_code'], 0, 2); ?>">
         <td class="td_category<?php echo $sub_menu_class; ?>">
             <input type="hidden" name="code[]" value="<?php echo substr($row['me_code'], 0, 2) ?>">
             <label for="me_name_<?php echo $i; ?>" class="sound_only"><?php echo $sub_menu_info; ?> 메뉴<strong class="sound_only"> 필수</strong></label>
-            <input type="text" name="me_name[]" value="<?php echo $row['me_name'] ?>" id="me_name_<?php echo $i; ?>" required class="required frm_input full_input">
+            <input type="text" name="me_name[]" value="<?php echo $me_name; ?>" id="me_name_<?php echo $i; ?>" required class="required frm_input full_input">
         </td>
         <td>
             <label for="me_link_<?php echo $i; ?>" class="sound_only">링크<strong class="sound_only"> 필수</strong></label>
diff --git a/adm/newwinformupdate.php b/adm/newwinformupdate.php
index a7286ad2f..17ccac254 100644
--- a/adm/newwinformupdate.php
+++ b/adm/newwinformupdate.php
@@ -5,22 +5,22 @@ include_once('./_common.php');
 if ($w == "u" || $w == "d")
     check_demo();
 
-if ($W == 'd')
+if ($w == 'd')
     auth_check($auth[$sub_menu], "d");
 else
     auth_check($auth[$sub_menu], "w");
 
-$sql_common = " nw_device = '$nw_device',
-                nw_begin_time = '$nw_begin_time',
-                nw_end_time = '$nw_end_time',
-                nw_disable_hours = '$nw_disable_hours',
-                nw_left = '$nw_left',
-                nw_top = '$nw_top',
-                nw_height = '$nw_height',
-                nw_width = '$nw_width',
-                nw_subject = '$nw_subject',
-                nw_content = '$nw_content',
-                nw_content_html = '$nw_content_html' ";
+$sql_common = " nw_device = '{$_POST['nw_device']}',
+                nw_begin_time = '{$_POST['nw_begin_time']}',
+                nw_end_time = '{$_POST['nw_end_time']}',
+                nw_disable_hours = '{$_POST['nw_disable_hours']}',
+                nw_left = '{$_POST['nw_left']}',
+                nw_top = '{$_POST['nw_top']}',
+                nw_height = '{$_POST['nw_height']}',
+                nw_width = '{$_POST['nw_width']}',
+                nw_subject = '{$_POST['nw_subject']}',
+                nw_content = '{$_POST['nw_content']}',
+                nw_content_html = '{$_POST['nw_content_html']}' ";
 
 if($w == "")
 {
diff --git a/adm/point_clear.php b/adm/point_clear.php
deleted file mode 100644
index 22b5d25d7..000000000
--- a/adm/point_clear.php
+++ /dev/null
@@ -1,64 +0,0 @@
-<?php
-$sub_menu = "200200";
-include_once('./_common.php');
-
-check_demo();
-
-if (!$ok)
-    alert();
-
-if ($is_admin != 'super')
-    alert('포인트 정리는 최고관리자만 가능합니다.');
-
-$g5['title'] = '포인트 정리';
-include_once('./admin.head.php');
-echo '<span id="ct"></span>';
-include_once('./admin.tail.php');
-flush();
-
-echo '<script>document.getElementById(\'ct\').innerHTML += \'<p>포인트 정리중...</p>\';</script>'."\n";
-flush();
-
-$max_count = 50;
-
-// 테이블 락을 걸고
-$sql = " LOCK TABLES {$g5['member_table']} WRITE, {$g5['point_table']} WRITE ";
-sql_query($sql);
-
-$sql = " select mb_id, count(po_point) as cnt
-            from {$g5['point_table']}
-            group by mb_id
-            having cnt > {$max_count}+1
-            order by cnt ";
-$result = sql_query($sql);
-for ($i=0; $row=sql_fetch_array($result); $i++)
-{
-    $count = 0;
-    $total = 0;
-    $sql2 = " select po_id, po_point
-                  from {$g5['point_table']}
-                  where mb_id = '{$row['mb_id']}'
-                  order by po_id desc
-                  limit {$max_count}, {$row['cnt']} ";
-    $result2 = sql_query($sql2);
-    for ($k=0; $row2=sql_fetch_array($result2); $k++)
-    {
-        $count++;
-        $total += $row2['po_point'];
-
-        sql_query(" delete from {$g5['point_table']} where po_id = '{$row2['po_id']}' ");
-    }
-
-    insert_point($row['mb_id'], $total, '포인트 {$count}건 정리', '@clear', $row['mb_id'], G5_TIME_YMD."-".uniqid(""));
-
-    $str = $row['mb_id']."님 포인트 내역 ".number_format($count)."건 ".number_format($total)."점 정리<br>";
-    echo '<script>document.getElementById(\'ct\').innerHTML += \''.$str.'\';</script>'."\n";
-    flush();
-}
-
-// 테이블 락을 풀고
-$sql = " UNLOCK TABLES ";
-sql_query($sql);
-
-echo '<script>document.getElementById(\'ct\').innerHTML += \'<p>총 '.$i.'건의 회원포인트 내역이 정리 되었습니다.</p>\';</script>'."\n";
-?>
diff --git a/adm/point_list.php b/adm/point_list.php
index 08f44d5b1..eaed7aaff 100644
--- a/adm/point_list.php
+++ b/adm/point_list.php
@@ -48,7 +48,7 @@ $sql = " select *
             limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $mb = array();
 if ($sfl == 'mb_id' && $stx)
@@ -70,16 +70,6 @@ else
     $mb_id = "";
 ?>
 
-<script>
-function point_clear()
-{
-    if (confirm('포인트 정리를 하시면 최근 50건 이전의 포인트 부여 내역을 삭제하므로 포인트 부여 내역을 필요로 할때 찾지 못할 수도 있습니다. 그래도 진행하시겠습니까?'))
-    {
-        document.location.href = "./point_clear.php?ok=1";
-    }
-}
-</script>
-
 <div class="local_ov01 local_ov">
     <?php echo $listall ?>
     전체 <?php echo number_format($total_count) ?> 건
@@ -91,7 +81,6 @@ function point_clear()
         echo '&nbsp;(전체 합계 '.number_format($row2['sum_point']).'점)';
     }
     ?>
-    <?php if ($is_admin == 'super') { ?><!-- <a href="javascript:point_clear();">포인트정리</a> --><?php } ?>
 </div>
 
 <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
@@ -192,7 +181,7 @@ function point_clear()
 
 </form>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 
 <section id="point_mng">
     <h2 class="h2_frm">개별회원 포인트 증감 설정</h2>
diff --git a/adm/poll_form.php b/adm/poll_form.php
index 533596dcd..795719edf 100644
--- a/adm/poll_form.php
+++ b/adm/poll_form.php
@@ -86,8 +86,8 @@ include_once('./admin.head.php');
 
     <?php if ($w == 'u') { ?>
     <tr>
-        <th scope="row"><label for="po_date">투표시작일</label></th>
-        <td><input type="text" name="po_date" value="<?php echo $po['po_date'] ?>" id="po_date" class="frm_input" maxlength="10"></td>
+        <th scope="row">투표등록일</th>
+        <td><?php echo $po['po_date']; ?></td>
     </tr>
     <tr>
         <th scope="row"><label for="po_ips">투표참가 IP</label></th>
diff --git a/adm/poll_form_update.php b/adm/poll_form_update.php
index ef955f793..19a11b49d 100644
--- a/adm/poll_form_update.php
+++ b/adm/poll_form_update.php
@@ -14,7 +14,7 @@ if ($w == '')
 {
     $sql = " insert {$g5['poll_table']}
                     ( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date )
-             values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '".G5_TIME_YMDHIS."' ) ";
+             values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '".G5_TIME_YMD."' ) ";
     sql_query($sql);
 
     $po_id = mysql_insert_id();
@@ -43,8 +43,7 @@ else if ($w == 'u')
                      po_cnt9 = '{$_POST['po_cnt9']}',
                      po_etc = '{$_POST['po_etc']}',
                      po_level = '{$_POST['po_level']}',
-                     po_point = '{$_POST['po_point']}',
-                     po_date = '{$_POST['po_date']}'
+                     po_point = '{$_POST['po_point']}'
                 where po_id = '{$_POST['po_id']}' ";
     sql_query($sql);
 }
diff --git a/adm/poll_list.php b/adm/poll_list.php
index b07e39166..2de51e514 100644
--- a/adm/poll_list.php
+++ b/adm/poll_list.php
@@ -44,7 +44,7 @@ $sql = " select *
             limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $g5['title'] = '투표관리';
 include_once('./admin.head.php');
@@ -106,7 +106,6 @@ $colspan = 7;
         $po_etc = ($row['po_etc']) ? "사용" : "미사용";
 
         $s_mod = '<a href="./poll_form.php?'.$qstr.'&amp;w=u&amp;po_id='.$row['po_id'].'">수정</a>';
-        //$s_del = '<a href="javascript:post_delete(\'poll_form_update.php\', \''.$row['po_id'].'\');">삭제</a>';
 
         $bg = 'bg'.($i%2);
     ?>
@@ -139,7 +138,7 @@ $colspan = 7;
 </div>
 </form>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 
 <script>
 $(function() {
diff --git a/adm/popular_list.php b/adm/popular_list.php
index 725039337..8033a5692 100644
--- a/adm/popular_list.php
+++ b/adm/popular_list.php
@@ -57,7 +57,7 @@ $sql = " select *
             limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $g5['title'] = '인기검색어관리';
 include_once('./admin.head.php');
@@ -123,7 +123,7 @@ var list_delete_php = 'popular_list.php';
             <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label>
             <input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>">
         </td>
-        <td><a href="<?php echo $_SERVER['PHP_SELF'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td>
+        <td><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td>
         <td><?php echo $row['pp_date'] ?></td>
         <td><?php echo $row['pp_ip'] ?></td>
     </tr>
@@ -147,7 +147,7 @@ var list_delete_php = 'popular_list.php';
 
 </form>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
 
 <script>
 $(function() {
diff --git a/adm/popular_rank.php b/adm/popular_rank.php
index 4c47720c2..e2bdd737d 100644
--- a/adm/popular_rank.php
+++ b/adm/popular_rank.php
@@ -26,7 +26,7 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
 $sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} ";
 $result = sql_query($sql);
 
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class="ov_listall">전체목록</a>';
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
 
 $g5['title'] = '인기검색어순위';
 include_once('./admin.head.php');
@@ -104,7 +104,7 @@ $(function(){
 </form>
 
 <?php
-echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page=");
+echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page=");
 ?>
 
 <?php
diff --git a/adm/service.php b/adm/service.php
index 1e72e4732..0acfb3b2a 100644
--- a/adm/service.php
+++ b/adm/service.php
@@ -19,9 +19,9 @@ include_once('./admin.head.php');
         <p>정보통신망법 23조 2항(주민등록번호의 사용제한)에 따라 기존 주민등록번호 기반의 인증서비스 이용이 불가합니다. 주민등록번호 대체수단으로 최소한의 정보(생년월일, 휴대폰번호, 성별)를 입력받아 본인임을 확인하는 인증수단 입니다</p>
 
         <ul>
-            <li><a href="http://sir.co.kr/main/provider/p_cert.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_01.jpg" alt="KCP 휴대폰 본인확인 신청하기"></a></li>
-            <li><a href="http://sir.co.kr/main/provider/lg_cert.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_02.jpg" alt="LG유플러스 휴대폰대체인증 신청하기"></a></li>
-            <li class="last"><a href="http://sir.co.kr/main/provider/b_cert.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_03.jpg" alt="OKname 휴대폰 본인확인 신청하기"></a></li>
+            <li><a href="http://sir.co.kr/main/service/p_cert.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_01.jpg" alt="KCP 휴대폰 본인확인 신청하기"></a></li>
+            <li><a href="http://sir.co.kr/main/service/lg_cert.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_02.jpg" alt="LG유플러스 휴대폰대체인증 신청하기"></a></li>
+            <li class="last"><a href="http://sir.co.kr/main/service/b_cert.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_03.jpg" alt="OKname 휴대폰 본인확인 신청하기"></a></li>
         </ul>
     </div>
     <div class="sevice_1">
@@ -30,31 +30,17 @@ include_once('./admin.head.php');
         <p>정부가 주관하는 주민등록번호 대체 수단으로 본인의 개인정보를 아이핀 사이트에 한번만 발급해 놓고, 이후부터는 아이디와 패스워드 만으로
         본인임을 확인하는 인증수단 입니다.</p>
 
-       <h4><a href="http://sir.co.kr/main/provider/b_ipin.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_04.jpg" alt="OKname 아이핀 본인확인 신청하기"></a></h4>
+       <h4><a href="http://sir.co.kr/main/service/b_ipin.php" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_04.jpg" alt="OKname 아이핀 본인확인 신청하기"></a></h4>
     </div>
     <div class="sevice_2">
             <div class="svc_sms">
                 <div class="svc_a">
                     <h3>SMS 문자 서비스</h3>
-                    <p>사이트 관리자 또는 회원이 다른 회원의 휴대폰으로 단문메세지(최대 한글 40자, 영문 80자)를 발송할 수 있습니다.</p>
+                    <p>사이트 관리자 또는 회원이 다른 회원의 <br>휴대폰으로 단문메세지(최대 한글 40자, 영문 80자)를 발송할 수 있습니다.</p>
                 </div>
                 <div class="svc_btn"><a href="http://icodekorea.com/res/join_company_fix_a.php?sellid=sir2" target="_blank"><img src="<?php echo G5_ADMIN_URL ?>/img/svc_btn_05.jpg" alt="아이코드 SMS 서비스 신청하기"></a></div>
             </div>
-            <div class="svc_keyword">
-                <div class="svc_a">
-                    <h3>키워드 검색광고 (네이버, 다음)</h3>
-                    <p>키워드 광고 최소 70원 부터!<br> 키워드 광고의 전문가가 검색 결과의 <br>최상단에 노출시켜 드립니다</p>
-                </div>
-                <div class="svc_btn"><a href="http://sir.co.kr/main/ad/" target="_blank">서비스 신청하기</a></div>
-            </div>
-            <div class="svc_design">
-                <div class="svc_a">
-                    <h3>디자인 소스 (아사달)</h3>
-                    <p>이곳을 통하여 아사달 디자인 소스, 시안, 사진 등 구입하시면 10% 할인 쿠폰을 매일 선착순 15분께 드립니다.</p>
-                </div>
-                <div class="svc_btn"><a href="http://design.sir.co.kr/event/coupon.htm" target="_blank">디자인소스 구입하기</a></div>
-            </div>
-
+            
     </div>
 </div>
 
diff --git a/adm/sms_admin/_common.php b/adm/sms_admin/_common.php
index c2c148c40..e44e58e4d 100644
--- a/adm/sms_admin/_common.php
+++ b/adm/sms_admin/_common.php
@@ -3,7 +3,7 @@ define('G5_IS_ADMIN', true);
 include_once ('../../common.php');
 include_once(G5_ADMIN_PATH.'/admin.lib.php');
 
-if (!strstr($_SERVER['PHP_SELF'], 'install.php')) {
+if (!strstr($_SERVER['SCRIPT_NAME'], 'install.php')) {
     if(!mysql_num_rows(mysql_query(" show tables like '{$g5['sms5_config_table']}' ")))
         goto_url('install.php');
 
diff --git a/adm/sms_admin/ajax.sms_write_person.php b/adm/sms_admin/ajax.sms_write_person.php
index 98eba4a5a..97dedc14c 100644
--- a/adm/sms_admin/ajax.sms_write_person.php
+++ b/adm/sms_admin/ajax.sms_write_person.php
@@ -131,7 +131,7 @@ while ($res = sql_fetch_array($qry)) array_push($group, $res);
     <span class="pg" id="person_pg"></span>
 </nav>
 
-<form name="search_form" id="sms_person_form" method="get" action="<?php echo $_SERVER['PHP_SELF']?>">
+<form name="search_form" id="sms_person_form" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']?>">
 <input type="hidden" name="total_pg" value="<?php echo $total_page?>">
 <input type="hidden" name="page" value="<?php echo $page?>">
 
diff --git a/adm/sms_admin/form_list.php b/adm/sms_admin/form_list.php
index 008405441..6766b699d 100644
--- a/adm/sms_admin/form_list.php
+++ b/adm/sms_admin/form_list.php
@@ -109,7 +109,7 @@ function multi_update(sel)
 <div class="local_sch01 local_sch sms_preset_sch">
     <form>
     <label for="fg_no" class="sound_only">그룹명</label>
-    <select name="fg_no" onchange="location.href='<?php echo $_SERVER['PHP_SELF']?>?fg_no='+this.value;">
+    <select name="fg_no" onchange="location.href='<?php echo $_SERVER['SCRIPT_NAME']?>?fg_no='+this.value;">
         <option value="" <?php echo $fg_no?'':'selected'?>> 전체 </option>
         <option value="0" <?php echo $fg_no=='0'?'selected':''?>> 미분류 (<?php echo number_format($no_count)?>) </option>
         <?php for($i=0; $i<count($group); $i++) {?>
@@ -118,7 +118,7 @@ function multi_update(sel)
     </select>
     </form>
 
-    <form name="search_form" method="get" action="<?php echo $_SERVER['PHP_SELF']?>">
+    <form name="search_form" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']?>">
     <input type="hidden" name="fg_no" value="<?php echo $fg_no;?>">
     <label for="st" class="sound_only">검색대상</label>
     <select name="st" id="st">
@@ -231,7 +231,7 @@ function select_copy(sw, f) {
 }
 </script>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF']."?fg_no=$fg_no&amp;st=$st&amp;sv=$sv&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME']."?fg_no=$fg_no&amp;st=$st&amp;sv=$sv&amp;page="); ?>
 
 <?php
 include_once(G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/sms_admin/form_write.php b/adm/sms_admin/form_write.php
index 603bd2c03..a8a8816cd 100644
--- a/adm/sms_admin/form_write.php
+++ b/adm/sms_admin/form_write.php
@@ -145,7 +145,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
     </div>
     <div class="btn_confirm01 btn_confirm">
         <input type="submit" value="확인" class="btn_submit" accesskey="s">
-        <a href="./form_list.php?<?php echo $_SERVER['QUERY_STRING']?>">목록</a>
+        <a href="./form_list.php?<?php echo clean_query_string($_SERVER['QUERY_STRING']); ?>">목록</a>
     </div>
 </form>
 
diff --git a/adm/sms_admin/history_list.php b/adm/sms_admin/history_list.php
index 193937878..bf6d1afd0 100644
--- a/adm/sms_admin/history_list.php
+++ b/adm/sms_admin/history_list.php
@@ -27,7 +27,7 @@ $vnum = $total_count - (($page-1) * $page_size);
 include_once(G5_ADMIN_PATH.'/admin.head.php');
 ?>
 
-<form name="search_form" id="search_form" action=<?php echo $_SERVER['PHP_SELF'];?> class="local_sch01 local_sch" method="get">
+<form name="search_form" id="search_form" action=<?php echo $_SERVER['SCRIPT_NAME'];?> class="local_sch01 local_sch" method="get">
 
 <label for="st" class="sound_only">검색대상</label>
 <input type="hidden" name="st" id="st" value="wr_message" >
@@ -91,7 +91,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
     </table>
 </div>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF']."?st=$st&amp;sv=$sv&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME']."?st=$st&amp;sv=$sv&amp;page="); ?>
 
 <?php
 include_once(G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/sms_admin/history_member.php b/adm/sms_admin/history_member.php
index 21fe0c84e..1de0755ff 100644
--- a/adm/sms_admin/history_member.php
+++ b/adm/sms_admin/history_member.php
@@ -27,7 +27,7 @@ $vnum = $total_count - (($page-1) * $page_size);
 include_once(G5_ADMIN_PATH.'/admin.head.php');
 ?>
 
-<form name="search_form" method="get" action="<?php echo $_SEVER['PHP_SELF']?>" class="local_sch01 local_sch">
+<form name="search_form" method="get" action="<?php echo $_SEVER['SCRIPT_NAME']?>" class="local_sch01 local_sch">
 <label for="st" class="sound_only">검색대상</label>
 <select name="st" id="st">
     <option value="mb_id"<?php echo get_selected('mh_name', $st); ?>>아이디</option>
@@ -83,7 +83,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
     </table>
 </div>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF']."?st=$st&amp;sv=$sv&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME']."?st=$st&amp;sv=$sv&amp;page="); ?>
 
 <?php
 include_once(G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/sms_admin/history_num.php b/adm/sms_admin/history_num.php
index 04f6c7ed2..a2de1b2b3 100644
--- a/adm/sms_admin/history_num.php
+++ b/adm/sms_admin/history_num.php
@@ -27,7 +27,7 @@ $vnum = $total_count - (($page-1) * $page_size);
 include_once(G5_ADMIN_PATH.'/admin.head.php');
 ?>
 
-<form name="search_form" method="get" action="<?echo $_SERVER['PHP_SELF']?>" class="local_sch01 local_sch" >
+<form name="search_form" method="get" action="<?echo $_SERVER['SCRIPT_NAME']?>" class="local_sch01 local_sch" >
 <label for="st" class="sound_only">검색대상</label>
 <select name="st" id="st">
     <option value="hs_name"<?php echo get_selected('hs_name', $st); ?>>이름</option>
@@ -100,7 +100,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
     </table>
 </div>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF']."?st=$st&amp;sv=$sv&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME']."?st=$st&amp;sv=$sv&amp;page="); ?>
 
 <?php
 include_once(G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/sms_admin/history_send.php b/adm/sms_admin/history_send.php
index 5f6b468b7..a28d981fe 100644
--- a/adm/sms_admin/history_send.php
+++ b/adm/sms_admin/history_send.php
@@ -67,7 +67,7 @@ if ($result)
 
     if ($result) //SMS 서버에 접속했습니다.
     {
-        sql_query("insert into {$g5['sms5_write_table']} set wr_no='$wr_no', wr_renum='$new_wr_renum', wr_reply='{$write['wr_reply']}', wr_message='{$write['wr_message']}', wr_total='$wr_total', wr_datetime='".G5_TIME_YMDHIS."'");
+        sql_query("insert into {$g5['sms5_write_table']} set wr_no='$wr_no', wr_renum='$new_wr_renum', wr_reply='".addslashes($write['wr_reply'])."', wr_message='".addslashes($write['wr_message'])."', wr_total='$wr_total', wr_datetime='".G5_TIME_YMDHIS."'");
 
         $wr_success = 0;
         $wr_failure = 0;
diff --git a/adm/sms_admin/history_view.php b/adm/sms_admin/history_view.php
index 8acd6396b..fced00ba2 100644
--- a/adm/sms_admin/history_view.php
+++ b/adm/sms_admin/history_view.php
@@ -63,7 +63,7 @@ function all_send()
 }
 </script>
 
-<form name="search_form" method="get" action="<?php echo $_SERVER['PHP_SELF']?>" class="local_sch01 local_sch">
+<form name="search_form" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']?>" class="local_sch01 local_sch">
 <input type="hidden" name="wr_no" value="<?php echo $wr_no?>">
 <input type="hidden" name="wr_renum" value="<?php echo $wr_renum?>">
 <input type="hidden" name="page" value="<?php echo $page?>">
@@ -244,7 +244,7 @@ function all_send()
     </div>
 </div>
 
-<?php echo sms5_sub_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $spage, $total_spage, $_SERVER['PHP_SELF']."?wr_no=$wr_no&amp;wr_renum=$wr_renum&amp;page=$page&amp;st=$st&amp;sv=$sv&amp;sst=$sst&amp;ssv=$ssv", "", "spage"); ?>
+<?php echo sms5_sub_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $spage, $total_spage, $_SERVER['SCRIPT_NAME']."?wr_no=$wr_no&amp;wr_renum=$wr_renum&amp;page=$page&amp;st=$st&amp;sv=$sv&amp;sst=$sst&amp;ssv=$ssv", "", "spage"); ?>
 
 <?php
 include_once(G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/sms_admin/install.php b/adm/sms_admin/install.php
index 1d63070be..27e72da67 100644
--- a/adm/sms_admin/install.php
+++ b/adm/sms_admin/install.php
@@ -10,7 +10,7 @@ $setup = $_POST['setup'];
 
 include_once(G5_ADMIN_PATH.'/admin.head.php');
 ?>
-<form name="hidden_form" method="post" action="<?php echo $_SERVER['PHP_SELF']?>">
+<form name="hidden_form" method="post" action="<?php echo $_SERVER['SCRIPT_NAME']?>">
 <input type="hidden" name="setup">
 </form>
 <?php
diff --git a/adm/sms_admin/num_book.php b/adm/sms_admin/num_book.php
index 1e31e18b5..39c1182e8 100644
--- a/adm/sms_admin/num_book.php
+++ b/adm/sms_admin/num_book.php
@@ -107,7 +107,7 @@ function no_hp_click(val)
     <span class="ov_listall">거부 <?php echo number_format($reject_count)?>명</span>
 </div>
 
-<form name="search_form" method="get" action="<?php echo $_SERVER['PHP_SELF']?>" class="local_sch01 local_sch">
+<form name="search_form" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']?>" class="local_sch01 local_sch">
 <input type="hidden" name="bg_no" value="<?php echo $bg_no?>" >
 <label for="st" class="sound_only">검색대상</label>
 <select name="st" id="st">
@@ -122,7 +122,7 @@ function no_hp_click(val)
 
 <form name="search_form" class="local_sch01 local_sch">
 <label for="bg_no" class="sound_only">그룹명</label>
-<select name="bg_no" id="bg_no" onchange="location.href='<?php echo $_SERVER['PHP_SELF']?>?bg_no='+this.value;">
+<select name="bg_no" id="bg_no" onchange="location.href='<?php echo $_SERVER['SCRIPT_NAME']?>?bg_no='+this.value;">
     <option value=""<?php echo get_selected('', $bg_no); ?>> 전체 </option>
     <option value="<?php echo $no_group['bg_no']?>"<?php echo get_selected($bg_no, $no_group['bg_no']); ?>> <?php echo $no_group['bg_name']?> (<?php echo number_format($no_group['bg_count'])?> 명) </option>
     <?php for($i=0; $i<count($group); $i++) {?>
@@ -142,7 +142,7 @@ function no_hp_click(val)
 <input type="hidden" name="token" value="<?php echo $token; ?>">
 <input type="hidden" name="sw" value="">
 <input type="hidden" name="atype" value="del">
-<input type="hidden" name="str_query" value="<?php echo $_SERVER['QUERY_STRING']?>" >
+<input type="hidden" name="str_query" value="<?php echo clean_query_string($_SERVER['QUERY_STRING']); ?>" >
 
 <div class="tbl_head01 tbl_wrap">
     <table>
@@ -256,7 +256,7 @@ function select_copy(sw, f) {
 }
 </script>
 
-<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF']."?bg_no=$bg_no&amp;st=$st&amp;sv=$sv&amp;ap=$ap&amp;page="); ?>
+<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME']."?bg_no=$bg_no&amp;st=$st&amp;sv=$sv&amp;ap=$ap&amp;page="); ?>
 
 <?php
 include_once(G5_ADMIN_PATH.'/admin.tail.php');
diff --git a/adm/sms_admin/num_book_write.php b/adm/sms_admin/num_book_write.php
index 7bfe367c5..68bf45bbd 100644
--- a/adm/sms_admin/num_book_write.php
+++ b/adm/sms_admin/num_book_write.php
@@ -130,7 +130,7 @@ include_once(G5_ADMIN_PATH."/admin.head.php");
 
 <div class="btn_confirm01 btn_confirm">
     <input type="submit" value="확인" class="btn_submit" accesskey="s" onclick="return book_submit();">
-    <a href="./num_book.php?<?php echo $_SERVER['QUERY_STRING']?>">목록</a>
+    <a href="./num_book.php?<?php echo clean_query_string($_SERVER['QUERY_STRING']); ?>">목록</a>
 </div>
 
 </form>
diff --git a/adm/sms_admin/sms_write.php b/adm/sms_admin/sms_write.php
index ee98ee8b4..89ec40562 100644
--- a/adm/sms_admin/sms_write.php
+++ b/adm/sms_admin/sms_write.php
@@ -238,6 +238,8 @@ function sms5_chk_send(f)
         var hp_list = document.getElementById('hp_list');
         var wr_message = document.getElementById('wr_message');
         var hp_number = document.getElementById('hp_number');
+        var wr_reply = document.getElementById('wr_reply');
+        var wr_reply_regExp = /^[0-9\-]+$/;
         var list = '';
 
         if (!wr_message.value) {
@@ -246,7 +248,12 @@ function sms5_chk_send(f)
             is_sms5_submitted = false;
             return false;
         }
-
+        if( !wr_reply_regExp.test(wr_reply.value) ){
+            alert('회신번호 형식이 잘못 되었습니다.');
+            wr_reply.focus();
+            is_sms5_submitted = false;
+            return false;
+        }
         if (hp_list.length < 1) {
             alert('받는 사람을 입력해주세요.');
             hp_number.focus();
diff --git a/adm/sms_admin/sms_write_form.php b/adm/sms_admin/sms_write_form.php
index 23435005a..fdbf64c91 100644
--- a/adm/sms_admin/sms_write_form.php
+++ b/adm/sms_admin/sms_write_form.php
@@ -23,7 +23,7 @@ $no_count = $res['cnt'];
 <ul class="emo_list">
 </ul>
 
-<form name="emo_sch" id="emo_sch" method="get" action="<?php echo $_SERVER['PHP_SELF']?>">
+<form name="emo_sch" id="emo_sch" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']?>">
 <input type="hidden" name="fg_no" value="<?php echo $fg_no?>">
 <input type="hidden" name="page" id="hidden_page" >
 <input type="hidden" name="fg_no" id="hidden_fg_no" >
diff --git a/adm/sms_admin/sms_write_send.php b/adm/sms_admin/sms_write_send.php
index c59301258..45646ffec 100644
--- a/adm/sms_admin/sms_write_send.php
+++ b/adm/sms_admin/sms_write_send.php
@@ -6,10 +6,13 @@ auth_check($auth[$sub_menu], "w");
 
 $g5['title'] = "문자전송중";
 
-if (!trim($wr_reply))
-    win_close_alert('회신 번호를 입력해주세요.');
+$wr_reply   = preg_replace('#[^0-9\-]#', '', trim($wr_reply));
+$wr_message = clean_xss_tags(trim($wr_message));
 
-if (!trim($wr_message))
+if (!$wr_reply)
+    win_close_alert('회신 번호를 숫자, - 로 입력해주세요.');
+
+if (!$wr_message)
     win_close_alert('메세지를 입력해주세요.');
 
 if (!trim($send_list))
diff --git a/adm/visit_delete_update.php b/adm/visit_delete_update.php
index 1cbe920cf..716eec63f 100644
--- a/adm/visit_delete_update.php
+++ b/adm/visit_delete_update.php
@@ -19,7 +19,7 @@ if(!$pass)
 
 // 관리자 비밀번호 비교
 $admin = get_admin('super');
-if(sql_password($pass) != $admin['mb_password'])
+if(!check_password($pass, $admin['mb_password']))
     alert('관리자 비밀번호가 일치하지 않습니다.');
 
 if(!$year)
diff --git a/adm/visit_list.php b/adm/visit_list.php
index 3b9b9c070..afc950164 100644
--- a/adm/visit_list.php
+++ b/adm/visit_list.php
@@ -75,8 +75,8 @@ $result = sql_query($sql);
         else
             $ip = preg_replace("/([0-9]+).([0-9]+).([0-9]+).([0-9]+)/", G5_IP_DISPLAY, $row['vi_ip']);
 
-        if ($brow == '기타') { $brow = '<span title="'.$row['vi_agent'].'">'.$brow.'</span>'; }
-        if ($os == '기타') { $os = '<span title="'.$row['vi_agent'].'">'.$os.'</span>'; }
+        if ($brow == '기타') { $brow = '<span title="'.get_text($row['vi_agent']).'">'.$brow.'</span>'; }
+        if ($os == '기타') { $os = '<span title="'.get_text($row['vi_agent']).'">'.$os.'</span>'; }
 
         $bg = 'bg'.($i%2);
     ?>
@@ -102,7 +102,7 @@ if (isset($domain))
     $qstr .= "&amp;domain=$domain";
 $qstr .= "&amp;page=";
 
-$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr");
+$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr");
 echo $pagelist;
 
 include_once('./admin.tail.php');
diff --git a/adm/visit_search.php b/adm/visit_search.php
index 636304de2..23f1af471 100644
--- a/adm/visit_search.php
+++ b/adm/visit_search.php
@@ -10,7 +10,7 @@ include_once('./admin.head.php');
 include_once(G5_PLUGIN_PATH.'/jquery-ui/datepicker.php');
 
 $colspan = 5;
-$listall = '<a href="'.$_SERVER['PHP_SELF'].'">처음</a>'; //페이지 처음으로 (초기화용도)
+$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'">처음</a>'; //페이지 처음으로 (초기화용도)
 ?>
 
 <div class="local_sch local_sch01">
@@ -92,17 +92,17 @@ $listall = '<a href="'.$_SERVER['PHP_SELF'].'">처음</a>'; //페이지 처음
         else
             $ip = preg_replace("/([0-9]+).([0-9]+).([0-9]+).([0-9]+)/", G5_IP_DISPLAY, $row['vi_ip']);
 
-        if ($brow == '기타') $brow = '<span title="'.$row['vi_agent'].'">'.$brow.'</span>';
-        if ($os == '기타') $os = '<span title="'.$row['vi_agent'].'">'.$os.'</span>';
+        if ($brow == '기타') $brow = '<span title="'.get_text($row['vi_agent']).'">'.$brow.'</span>';
+        if ($os == '기타') $os = '<span title="'.get_text($row['vi_agent']).'">'.$os.'</span>';
 
         $bg = 'bg'.($i%2);
     ?>
     <tr class="<?php echo $bg; ?>">
-        <td class="td_id"><a href="<?php echo $_SERVER['PHP_SELF']; ?>?sfl=vi_ip&amp;stx=<?php echo $ip; ?>"><?php echo $ip; ?></a></td>
+        <td class="td_id"><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>?sfl=vi_ip&amp;stx=<?php echo $ip; ?>"><?php echo $ip; ?></a></td>
         <td><?php echo $link.$title; ?></a></td>
         <td class="td_idsmall"><?php echo $brow; ?></td>
         <td class="td_idsmall"><?php echo $os; ?></td>
-        <td class="td_datetime"><a href="<?php echo $_SERVER['PHP_SELF']; ?>?sfl=vi_date&amp;stx=<?php echo $row['vi_date']; ?>"><?php echo $row['vi_date']; ?></a> <?php echo $row['vi_time']; ?></td>
+        <td class="td_datetime"><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>?sfl=vi_date&amp;stx=<?php echo $row['vi_date']; ?>"><?php echo $row['vi_date']; ?></a> <?php echo $row['vi_time']; ?></td>
     </tr>
     <?php } ?>
     <?php if ($i == 0) echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; ?>
@@ -111,7 +111,7 @@ $listall = '<a href="'.$_SERVER['PHP_SELF'].'">처음</a>'; //페이지 처음
 </div>
 
 <?php
-$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;domain='.$domain.'&amp;page=');
+$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;domain='.$domain.'&amp;page=');
 if ($pagelist) {
     echo $pagelist;
 }
diff --git a/bbs/alert.php b/bbs/alert.php
index c56f8d735..d64b6f2fd 100644
--- a/bbs/alert.php
+++ b/bbs/alert.php
@@ -32,6 +32,9 @@ $msg2 = str_replace("\\n", "<br>", $msg);
 
 if (!$url) $url = $_SERVER['HTTP_REFERER'];
 
+// url 체크
+check_url_host($url);
+
 if($error) {
     $header2 = "다음 항목에 오류가 있습니다.";
 } else {
diff --git a/bbs/confirm.php b/bbs/confirm.php
index cba013226..76e9c7652 100644
--- a/bbs/confirm.php
+++ b/bbs/confirm.php
@@ -1,6 +1,11 @@
 <?php
 include_once('./_common.php');
 include_once(G5_PATH.'/head.sub.php');
+
+// url 체크
+check_url_host($url1);
+check_url_host($url2);
+check_url_host($url3);
 ?>
 
 <script>
diff --git a/bbs/current_connect.php b/bbs/current_connect.php
index 686522564..5ad0e2a4e 100644
--- a/bbs/current_connect.php
+++ b/bbs/current_connect.php
@@ -12,6 +12,7 @@ $sql = " select a.mb_id, b.mb_nick, b.mb_name, b.mb_email, b.mb_homepage, b.mb_o
             order by a.lo_datetime desc ";
 $result = sql_query($sql);
 for ($i=0; $row=sql_fetch_array($result); $i++) {
+    $row['lo_url'] = get_text($row['lo_url']);
     $list[$i] = $row;
 
     if ($row['mb_id']) {
diff --git a/bbs/delete.php b/bbs/delete.php
index 570c12b19..3e75649cb 100644
--- a/bbs/delete.php
+++ b/bbs/delete.php
@@ -31,7 +31,7 @@ else if ($is_admin == 'group') { // 그룹관리자
 } else {
     if ($write['mb_id'])
         alert('로그인 후 삭제하세요.', './login.php?url='.urlencode('./board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id));
-    else if (sql_password($wr_password) != $write['wr_password'])
+    else if (!check_password($wr_password, $write['wr_password']))
         alert('비밀번호가 틀리므로 삭제할 수 없습니다.');
 }
 
diff --git a/bbs/delete_all.php b/bbs/delete_all.php
index 023d034fa..1d0ca652e 100644
--- a/bbs/delete_all.php
+++ b/bbs/delete_all.php
@@ -53,7 +53,7 @@ for ($i=count($tmp_array)-1; $i>=0; $i--)
     {
         ;
     }
-    else if ($wr_password && !$write['mb_id'] && sql_password($wr_password) == $write['wr_password']) // 비밀번호가 같다면
+    else if ($wr_password && !$write['mb_id'] && check_password($wr_password, $write['wr_password'])) // 비밀번호가 같다면
     {
         ;
     }
diff --git a/bbs/delete_comment.php b/bbs/delete_comment.php
index 7055c0955..812c6f516 100644
--- a/bbs/delete_comment.php
+++ b/bbs/delete_comment.php
@@ -40,7 +40,7 @@ else if ($is_admin == 'group') { // 그룹관리자
     if ($member['mb_id'] != $write['mb_id'])
         alert('자신의 글이 아니므로 삭제할 수 없습니다.');
 } else {
-    if (sql_password($wr_password) != $write['wr_password'])
+    if (!check_password($wr_password, $write['wr_password']))
         alert('비밀번호가 틀립니다.');
 }
 
diff --git a/bbs/download.php b/bbs/download.php
index e83a21e69..c94923db0 100644
--- a/bbs/download.php
+++ b/bbs/download.php
@@ -25,8 +25,8 @@ if (!$file['bf_file'])
 // JavaScript 불가일 때
 if($js != 'on' && $board['bo_download_point'] < 0) {
     $msg = $file['bf_source'].' 파일을 다운로드 하시면 포인트가 차감('.number_format($board['bo_download_point']).'점)됩니다.\\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\\n그래도 다운로드 하시겠습니까?';
-    $url1 = G5_BBS_URL.'/download.php?'.$_SERVER['QUERY_STRING'].'&amp;js=on';
-    $url2 = $_SERVER['HTTP_REFERER'];
+    $url1 = G5_BBS_URL.'/download.php?'.clean_query_string($_SERVER['QUERY_STRING']).'&amp;js=on';
+    $url2 = clean_xss_tags($_SERVER['HTTP_REFERER']);
 
     //$url1 = 확인link, $url2=취소link
     // 특정주소로 이동시키려면 $url3 이용
diff --git a/bbs/login.php b/bbs/login.php
index 738ee1156..a9e343239 100644
--- a/bbs/login.php
+++ b/bbs/login.php
@@ -6,12 +6,8 @@ include_once('./_head.sub.php');
 
 $url = $_GET['url'];
 
-$p = parse_url($url);
-if ((isset($p['scheme']) && $p['scheme']) || (isset($p['host']) && $p['host'])) {
-    //print_r2($p);
-    if ($p['host'].(isset($p['port']) ? ':'.$p['port'] : '') != $_SERVER['HTTP_HOST'])
-        alert('url에 타 도메인을 지정할 수 없습니다.');
-}
+// url 체크
+check_url_host($url);
 
 // 이미 로그인 중이라면
 if ($is_member) {
diff --git a/bbs/login_check.php b/bbs/login_check.php
index d5c1b0086..fd83a67bb 100644
--- a/bbs/login_check.php
+++ b/bbs/login_check.php
@@ -14,7 +14,7 @@ $mb = get_member($mb_id);
 // 가입된 회원이 아니다. 비밀번호가 틀리다. 라는 메세지를 따로 보여주지 않는 이유는
 // 회원아이디를 입력해 보고 맞으면 또 비밀번호를 입력해보는 경우를 방지하기 위해서입니다.
 // 불법사용자의 경우 회원아이디가 틀린지, 비밀번호가 틀린지를 알기까지는 많은 시간이 소요되기 때문입니다.
-if (!$mb['mb_id'] || (sql_password($mb_password) != $mb['mb_password'])) {
+if (!$mb['mb_id'] || !check_password($mb_password, $mb['mb_password'])) {
     alert('가입된 회원아이디가 아니거나 비밀번호가 틀립니다.\\n비밀번호는 대소문자를 구분합니다.');
 }
 
@@ -65,6 +65,9 @@ if ($auto_login) {
 }
 
 if ($url) {
+    // url 체크
+    check_url_host($url);
+
     $link = urldecode($url);
     // 2003-06-14 추가 (다른 변수들을 넘겨주기 위함)
     if (preg_match("/\?/", $link))
diff --git a/bbs/member_confirm.php b/bbs/member_confirm.php
index d55c6d14a..9f214f289 100644
--- a/bbs/member_confirm.php
+++ b/bbs/member_confirm.php
@@ -14,14 +14,10 @@ else
 $g5['title'] = '회원 비밀번호 확인';
 include_once('./_head.sub.php');
 
-$url = $_GET['url'];
+$url = clean_xss_tags($_GET['url']);
 
-$p = parse_url($url);
-if ((isset($p['scheme']) && $p['scheme']) || (isset($p['host']) && $p['host'])) {
-    //print_r2($p);
-    if ($p['host'].(isset($p['port']) ? ':'.$p['port'] : '') != $_SERVER['HTTP_HOST'])
-        alert('url에 타 도메인을 지정할 수 없습니다.');
-}
+// url 체크
+check_url_host($url);
 
 include_once($member_skin_path.'/member_confirm.skin.php');
 
diff --git a/bbs/member_leave.php b/bbs/member_leave.php
index c880d0284..c58910b84 100644
--- a/bbs/member_leave.php
+++ b/bbs/member_leave.php
@@ -7,7 +7,7 @@ if (!$member['mb_id'])
 if ($is_admin == 'super')
     alert('최고 관리자는 탈퇴할 수 없습니다');
 
-if (!($_POST['mb_password'] && $member['mb_password'] == sql_password($_POST['mb_password'])))
+if (!($_POST['mb_password'] && check_password($_POST['mb_password'], $member['mb_password'])))
     alert('비밀번호가 틀립니다.');
 
 // 회원탈퇴일을 저장
diff --git a/bbs/password_check.php b/bbs/password_check.php
index 4f2f63e9b..086508911 100644
--- a/bbs/password_check.php
+++ b/bbs/password_check.php
@@ -6,7 +6,7 @@ if ($w == 's') {
 
     $wr = get_write($write_table, $wr_id);
 
-    if (sql_password($wr_password) != $wr['wr_password'])
+    if (!check_password($wr_password, $wr['wr_password']))
         alert('비밀번호가 틀립니다.');
 
     // 세션에 아래 정보를 저장. 하위번호는 비밀번호없이 보아야 하기 때문임.
@@ -20,7 +20,7 @@ if ($w == 's') {
 
     $wr = get_write($write_table, $wr_id);
 
-    if (sql_password($wr_password) != $wr['wr_password'])
+    if (!check_password($wr_password, $wr['wr_password']))
         alert('비밀번호가 틀립니다.');
 
     // 세션에 아래 정보를 저장. 하위번호는 비밀번호없이 보아야 하기 때문임.
diff --git a/bbs/password_lost2.php b/bbs/password_lost2.php
index 2b7a43a80..6c20c0a03 100644
--- a/bbs/password_lost2.php
+++ b/bbs/password_lost2.php
@@ -30,7 +30,7 @@ else if (is_admin($mb['mb_id']))
 
 // 임시비밀번호 발급
 $change_password = rand(100000, 999999);
-$mb_lost_certify = sql_password($change_password);
+$mb_lost_certify = get_encrypt_string($change_password);
 
 // 어떠한 회원정보도 포함되지 않은 일회용 난수를 생성하여 인증에 사용
 $mb_nonce = md5(pack('V*', rand(), rand(), rand(), rand()));
diff --git a/bbs/poll_etc_update.php b/bbs/poll_etc_update.php
index 35df2dbd4..14bf55553 100644
--- a/bbs/poll_etc_update.php
+++ b/bbs/poll_etc_update.php
@@ -4,8 +4,12 @@ include_once(G5_LIB_PATH.'/mailer.lib.php');
 
 if ($w == '')
 {
+    $po_id   = $_POST['po_id'];
+    $pc_name = $_POST['pc_name'];
+    $pc_idea = $_POST['pc_idea'];
+
     $po = sql_fetch(" select * from {$g5['poll_table']} where po_id = '{$po_id}' ");
-    if (!$po[po_id])
+    if (!$po['po_id'])
         alert('po_id 값이 제대로 넘어오지 않았습니다.');
 
     $tmp_row = sql_fetch(" select max(pc_id) as max_pc_id from {$g5['poll_etc_table']} ");
diff --git a/bbs/qatail.php b/bbs/qatail.php
index b8b667307..4ab23b30d 100644
--- a/bbs/qatail.php
+++ b/bbs/qatail.php
@@ -6,7 +6,7 @@ if (G5_IS_MOBILE) {
     // 모바일의 경우 설정을 따르지 않는다.
     include_once('./_tail.php');
 } else {
-    echo conv_content($qaconfig['qa_mobile_content_tail'], 1);
+    echo conv_content($qaconfig['qa_content_tail'], 1);
     if($qaconfig['qa_include_tail'])
         @include ($qaconfig['qa_include_tail']);
     else
diff --git a/bbs/register_form.php b/bbs/register_form.php
index 809bcb6ed..cb6fd2517 100644
--- a/bbs/register_form.php
+++ b/bbs/register_form.php
@@ -69,7 +69,7 @@ if ($w == "") {
         if ($_POST['is_update'])
             $tmp_password = $_POST['mb_password'];
         else
-            $tmp_password = sql_password($_POST['mb_password']);
+            $tmp_password = get_encrypt_string($_POST['mb_password']);
 
         if ($member['mb_password'] != $tmp_password)
             alert('비밀번호가 틀립니다.');
diff --git a/bbs/register_form_update.php b/bbs/register_form_update.php
index b61081c4e..05e90788c 100644
--- a/bbs/register_form_update.php
+++ b/bbs/register_form_update.php
@@ -181,7 +181,7 @@ if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) {
 if ($w == '') {
     $sql = " insert into {$g5['member_table']}
                 set mb_id = '{$mb_id}',
-                     mb_password = '".sql_password($mb_password)."',
+                     mb_password = '".get_encrypt_string($mb_password)."',
                      mb_name = '{$mb_name}',
                      mb_nick = '{$mb_nick}',
                      mb_nick_date = '".G5_TIME_YMD."',
@@ -276,7 +276,7 @@ if ($w == '') {
 
     $sql_password = "";
     if ($mb_password)
-        $sql_password = " , mb_password = '".sql_password($mb_password)."' ";
+        $sql_password = " , mb_password = '".get_encrypt_string($mb_password)."' ";
 
     $sql_nick_date = "";
     if ($mb_nick_default != $mb_nick)
@@ -419,7 +419,7 @@ if ($w == '') {
         <meta charset="utf-8">
         <title>회원정보수정</title>
         <body>
-        <form name="fregisterupdate" method="post" action="'.G5_HTTPS_BBS_URL.'/register_form.php">
+        <form name="fregisterupdate" method="post" action="'.G5_HTTP_BBS_URL.'/register_form.php">
         <input type="hidden" name="w" value="u">
         <input type="hidden" name="mb_id" value="'.$mb_id.'">
         <input type="hidden" name="mb_password" value="'.$tmp_password.'">
diff --git a/bbs/scrap_popin_update.php b/bbs/scrap_popin_update.php
index ffb6e8137..0a5ff7394 100644
--- a/bbs/scrap_popin_update.php
+++ b/bbs/scrap_popin_update.php
@@ -6,7 +6,7 @@ include_once(G5_PATH.'/head.sub.php');
 if (!$is_member)
 {
     $href = './login.php?'.$qstr.'&amp;url='.urlencode('./board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id);
-    echo '<script> alert(\'회원만 접근 가능합니다.\'); top.location.href = \''.$href.'\'; </script>';
+    echo '<script> alert(\'회원만 접근 가능합니다.\'); top.location.href = \''.str_replace('&amp;', '&', $href).'\'; </script>';
     exit;
 }
 
@@ -32,6 +32,8 @@ if ($row['cnt'])
     exit;
 }
 
+$wr_content = trim($_POST['wr_content']);
+
 // 덧글이 넘어오고 코멘트를 쓸 권한이 있다면
 if ($wr_content && ($member['mb_level'] >= $board['bo_comment_level']))
 {
diff --git a/bbs/search.php b/bbs/search.php
index ed0058d54..9548bfae7 100644
--- a/bbs/search.php
+++ b/bbs/search.php
@@ -135,7 +135,7 @@ if ($stx) {
             $sch_all = "";
             if ($onetable == $g5_search['tables'][$i]) $sch_class = "class=sch_on";
             else $sch_all = "class=sch_on";
-            $str_board_list .= '<li><a href="'.$_SERVER['PHP_SELF'].'?'.$search_query.'&amp;gr_id='.$gr_id.'&amp;onetable='.$g5_search['tables'][$i].'" '.$sch_class.'><strong>'.$row2['bo_subject'].'</strong><span class="cnt_cmt">'.$row['cnt'].'</span></a></li>';
+            $str_board_list .= '<li><a href="'.$_SERVER['SCRIPT_NAME'].'?'.$search_query.'&amp;gr_id='.$gr_id.'&amp;onetable='.$g5_search['tables'][$i].'" '.$sch_class.'><strong>'.$row2['bo_subject'].'</strong><span class="cnt_cmt">'.$row['cnt'].'</span></a></li>';
         }
     }
 
@@ -217,7 +217,7 @@ if ($stx) {
         $from_record = 0;
     }
 
-    $write_pages = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$search_query.'&amp;gr_id='.$gr_id.'&amp;srows='.$srows.'&amp;onetable='.$onetable.'&amp;page=');
+    $write_pages = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$search_query.'&amp;gr_id='.$gr_id.'&amp;srows='.$srows.'&amp;onetable='.$onetable.'&amp;page=');
 }
 
 $group_select = '<label for="gr_id" class="sound_only">게시판 그룹선택</label><select name="gr_id" id="gr_id" class="select"><option value="">전체 분류';
diff --git a/bbs/visit_insert.inc.php b/bbs/visit_insert.inc.php
index a0ba612ef..538201b53 100644
--- a/bbs/visit_insert.inc.php
+++ b/bbs/visit_insert.inc.php
@@ -14,7 +14,7 @@ if (get_cookie('ck_visit_ip') != $_SERVER['REMOTE_ADDR'])
     $referer = "";
     if (isset($_SERVER['HTTP_REFERER']))
         $referer = escape_trim(clean_xss_tags($_SERVER['HTTP_REFERER']));
-    $user_agent  = escape_trim($_SERVER['HTTP_USER_AGENT']);
+    $user_agent  = escape_trim(clean_xss_tags($_SERVER['HTTP_USER_AGENT']));
     $sql = " insert {$g5['visit_table']} ( vi_id, vi_ip, vi_date, vi_time, vi_referer, vi_agent ) values ( '{$vi_id}', '{$remote_addr}', '".G5_TIME_YMD."', '".G5_TIME_HIS."', '{$referer}', '{$user_agent}' ) ";
 
     $result = sql_query($sql, FALSE);
diff --git a/bbs/write.php b/bbs/write.php
index 03f8b3aae..3f026298a 100644
--- a/bbs/write.php
+++ b/bbs/write.php
@@ -40,7 +40,7 @@ if ($w == '') {
         if ($member['mb_id']) {
             alert('글을 쓸 권한이 없습니다.');
         } else {
-            alert("글을 쓸 권한이 없습니다.\\n회원이시라면 로그인 후 이용해 보십시오.", './login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['PHP_SELF'].'?bo_table='.$bo_table));
+            alert("글을 쓸 권한이 없습니다.\\n회원이시라면 로그인 후 이용해 보십시오.", './login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['SCRIPT_NAME'].'?bo_table='.$bo_table));
         }
     }
 
@@ -62,7 +62,7 @@ if ($w == '') {
         if ($member['mb_id']) {
             alert('글을 수정할 권한이 없습니다.');
         } else {
-            alert('글을 수정할 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['PHP_SELF'].'?bo_table='.$bo_table));
+            alert('글을 수정할 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['SCRIPT_NAME'].'?bo_table='.$bo_table));
         }
     }
 
@@ -95,7 +95,7 @@ if ($w == '') {
         if ($member['mb_id'])
             alert('글을 답변할 권한이 없습니다.');
         else
-            alert('답변글을 작성할 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['PHP_SELF'].'?bo_table='.$bo_table));
+            alert('답변글을 작성할 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['SCRIPT_NAME'].'?bo_table='.$bo_table));
     }
 
     $tmp_point = isset($member['mb_point']) ? $member['mb_point'] : 0;
@@ -165,7 +165,7 @@ if ($w == '') {
 // 그룹접근 가능
 if (!empty($group['gr_use_access'])) {
     if ($is_guest) {
-        alert("접근 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.", 'login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['PHP_SELF'].'?bo_table='.$bo_table));
+        alert("접근 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.", 'login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['SCRIPT_NAME'].'?bo_table='.$bo_table));
     }
 
     if ($is_admin == 'super' || $group['gr_admin'] == $member['mb_id'] || $board['bo_admin'] == $member['mb_id']) {
@@ -183,7 +183,7 @@ if (!empty($group['gr_use_access'])) {
 if ($config['cf_cert_use'] && !$is_admin) {
     // 인증된 회원만 가능
     if ($board['bo_use_cert'] != '' && $is_guest) {
-        alert('이 게시판은 본인확인 하신 회원님만 글쓰기가 가능합니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', 'login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['PHP_SELF'].'?bo_table='.$bo_table));
+        alert('이 게시판은 본인확인 하신 회원님만 글쓰기가 가능합니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', 'login.php?'.$qstr.'&amp;url='.urlencode($_SERVER['SCRIPT_NAME'].'?bo_table='.$bo_table));
     }
 
     if ($board['bo_use_cert'] == 'cert' && !$member['mb_certify']) {
@@ -309,7 +309,7 @@ if ($w == '') {
 
     if (!$is_admin) {
         if (!($is_member && $member['mb_id'] == $write['mb_id'])) {
-            if (sql_password($wr_password) != $write['wr_password']) {
+            if (!check_password($wr_password, $write['wr_password'])) {
                 alert('비밀번호가 틀립니다.');
             }
         }
diff --git a/bbs/write_comment_update.php b/bbs/write_comment_update.php
index ceb54a5ee..c2fdb67e7 100644
--- a/bbs/write_comment_update.php
+++ b/bbs/write_comment_update.php
@@ -60,7 +60,7 @@ if ($is_member)
 else
 {
     $mb_id = '';
-    $wr_password = sql_password($wr_password);
+    $wr_password = get_encrypt_string($wr_password);
 }
 
 if ($w == 'c') // 댓글 입력
diff --git a/bbs/write_update.php b/bbs/write_update.php
index fcc33c999..e70f57e6c 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -191,7 +191,7 @@ if ($w == '' || $w == 'r') {
         $wr_name = clean_xss_tags(trim($_POST['wr_name']));
         if (!$wr_name)
             alert('이름은 필히 입력하셔야 합니다.');
-        $wr_password = sql_password($wr_password);
+        $wr_password = get_encrypt_string($wr_password);
         $wr_email = get_email_address(trim($_POST['wr_email']));
         $wr_homepage = clean_xss_tags($wr_homepage);
     }
@@ -327,7 +327,7 @@ if ($w == '' || $w == 'r') {
         $wr_email = get_email_address(trim($_POST['wr_email']));
     }
 
-    $sql_password = $wr_password ? " , wr_password = '".sql_password($wr_password)."' " : "";
+    $sql_password = $wr_password ? " , wr_password = '".get_encrypt_string($wr_password)."' " : "";
 
     $sql_ip = '';
     if (!$is_admin)
diff --git a/common.php b/common.php
index 8a69c4539..f4fd07275 100644
--- a/common.php
+++ b/common.php
@@ -287,7 +287,7 @@ if (isset($_REQUEST['sca']))  {
 
 if (isset($_REQUEST['sfl']))  {
     $sfl = trim($_REQUEST['sfl']);
-    $sfl = preg_replace("/[\<\>\'\"\%\=\(\)\s]/", "", $sfl);
+    $sfl = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sfl);
     if ($sfl)
         $qstr .= '&amp;sfl=' . urlencode($sfl); // search field (검색 필드)
 } else {
@@ -305,7 +305,7 @@ if (isset($_REQUEST['stx']))  { // search text (검색어)
 
 if (isset($_REQUEST['sst']))  {
     $sst = trim($_REQUEST['sst']);
-    $sst = preg_replace("/[\<\>\'\"\%\=\(\)\s]/", "", $sst);
+    $sst = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sst);
     if ($sst)
         $qstr .= '&amp;sst=' . urlencode($sst); // search sort (검색 정렬 필드)
 } else {
diff --git a/config.php b/config.php
index 6c2dfc6a1..1ae615755 100644
--- a/config.php
+++ b/config.php
@@ -5,6 +5,7 @@
 ********************/
 
 define('G5_VERSION', '그누보드5');
+define('G5_GNUBOARD_VER', '5.0.38');
 
 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
 define('_GNUBOARD_', true);
@@ -164,9 +165,13 @@ define('G5_SMTP', '127.0.0.1');
     기타 상수
 ********************/
 
+// 암호화 함수 지정
+// 사이트 운영 중 설정을 변경하면 로그인이 안되는 등의 문제가 발생합니다.
+define('G5_STRING_ENCRYPT_FUNCTION', 'sql_password');
+
 // SQL 에러를 표시할 것인지 지정
-// 에러를 표시하지 않으려면 FALSE 로 변경
-define('G5_DISPLAY_SQL_ERROR', TRUE);
+// 에러를 표시하려면 TRUE 로 변경
+define('G5_DISPLAY_SQL_ERROR', FALSE);
 
 // escape string 처리 함수 지정
 // addslashes 로 변경 가능
@@ -195,8 +200,8 @@ define('G5_THUMB_PNG_COMPRESS', 5);
 define('G5_IP_DISPLAY', '\\1.♡.\\3.\\4');
 
 if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') {   //https 통신일때 daum 주소 js
-    define('G5_POSTCODE_JS', '<script src="https://spi.maps.daum.net/imap/map_js_init/postcode.js"></script>');
+    define('G5_POSTCODE_JS', '<script src="https://spi.maps.daum.net/imap/map_js_init/postcode.v2.js"></script>');
 } else {  //http 통신일때 daum 주소 js
-    define('G5_POSTCODE_JS', '<script src="http://dmaps.daum.net/map_js_init/postcode.js"></script>');
+    define('G5_POSTCODE_JS', '<script src="http://dmaps.daum.net/map_js_init/postcode.v2.js"></script>');
 }
 ?>
\ No newline at end of file
diff --git a/head.php b/head.php
index c27416c4e..cccc0f2db 100644
--- a/head.php
+++ b/head.php
@@ -1,6 +1,12 @@
 <?php
 if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 
+// 상단 파일 경로 지정 : 이 코드는 가능한 삭제하지 마십시오.
+if ($config['cf_include_head'] && is_file(G5_PATH.'/'.$config['cf_include_head'])) {
+    include_once(G5_PATH.'/'.$config['cf_include_head']);
+    return; // 이 코드의 아래는 실행을 하지 않습니다.
+}
+
 include_once(G5_PATH.'/head.sub.php');
 include_once(G5_LIB_PATH.'/latest.lib.php');
 include_once(G5_LIB_PATH.'/outlogin.lib.php');
@@ -9,12 +15,6 @@ include_once(G5_LIB_PATH.'/visit.lib.php');
 include_once(G5_LIB_PATH.'/connect.lib.php');
 include_once(G5_LIB_PATH.'/popular.lib.php');
 
-// 상단 파일 경로 지정 : 이 코드는 가능한 삭제하지 마십시오.
-if ($config['cf_include_head'] && is_file(G5_PATH.'/'.$config['cf_include_head'])) {
-    include_once(G5_PATH.'/'.$config['cf_include_head']);
-    return; // 이 코드의 아래는 실행을 하지 않습니다.
-}
-
 if (G5_IS_MOBILE) {
     include_once(G5_MOBILE_PATH.'/head.php');
     return;
diff --git a/head.sub.php b/head.sub.php
index bcfb4b9c2..96a8d8d27 100644
--- a/head.sub.php
+++ b/head.sub.php
@@ -23,8 +23,8 @@ else {
 // 게시판 제목에 ' 포함되면 오류 발생
 $g5['lo_location'] = addslashes($g5['title']);
 if (!$g5['lo_location'])
-    $g5['lo_location'] = addslashes($_SERVER['REQUEST_URI']);
-$g5['lo_url'] = addslashes($_SERVER['REQUEST_URI']);
+    $g5['lo_location'] = addslashes(clean_xss_tags($_SERVER['REQUEST_URI']));
+$g5['lo_url'] = addslashes(clean_xss_tags($_SERVER['REQUEST_URI']));
 if (strstr($g5['lo_url'], '/'.G5_ADMIN_DIR.'/') || $is_admin == 'super') $g5['lo_url'] = '';
 
 /*
diff --git a/js/autosave.js b/js/autosave.js
index 201e0d5ce..c03fe0188 100644
--- a/js/autosave.js
+++ b/js/autosave.js
@@ -11,7 +11,7 @@ function autosave() {
             this.wr_content.value = CKEDITOR.instances.wr_content.getData();
         } else if (g5_editor.indexOf("cheditor5") != -1 && typeof(ed_wr_content)!="undefined") {
             this.wr_content.value = ed_wr_content.outputBodyHTML();
-        } else if (g5_editor.indexOf("smarteditor2") != -1 && typeof(oEditors.getById['wr_content'])!="undefined" ) {
+        } else if (g5_editor.indexOf("smarteditor2") != -1 && typeof(oEditors)!="undefined" && typeof(oEditors.getById['wr_content'])!="undefined" ) {
             this.wr_content.value = oEditors.getById['wr_content'].getIR();
         }
         // 변수에 저장해 놓은 값과 다를 경우에만 임시 저장함
@@ -82,7 +82,7 @@ $(function(){
                 CKEDITOR.instances.wr_content.setData(content);
             } else if (g5_editor.indexOf("cheditor5") != -1 && typeof(ed_wr_content)!="undefined") {
                 ed_wr_content.putContents(content);
-            } else if (g5_editor.indexOf("smarteditor2") != -1 && typeof(oEditors.getById['wr_content'])!="undefined" ) {
+            } else if (g5_editor.indexOf("smarteditor2") != -1 && typeof(oEditors)!="undefined" && typeof(oEditors.getById['wr_content'])!="undefined" ) {
                 oEditors.getById["wr_content"].exec("SET_CONTENTS", [""]);
                 //oEditors.getById["wr_content"].exec("SET_IR", [""]);
                 oEditors.getById["wr_content"].exec("PASTE_HTML", [content]);
diff --git a/js/common.js b/js/common.js
index 1707d757a..8802f1c09 100644
--- a/js/common.js
+++ b/js/common.js
@@ -378,31 +378,130 @@ var win_homepage = function(href) {
  **/
 var win_zip = function(frm_name, frm_zip1, frm_zip2, frm_addr1, frm_addr2, frm_addr3, frm_jibeon) {
     if(typeof daum === 'undefined'){
-        alert("다음 juso.js 파일이 로드되지 않았습니다.");
+        alert("다음 우편번호 postcode.v2.js 파일이 로드되지 않았습니다.");
         return false;
     }
 
-    new daum.Postcode({
-        oncomplete: function(data) {
-            // 팝업에서 검색결과 항목을 클릭했을때 실행할 코드를 작성하는 부분.
-            // 우편번호와 주소 정보를 해당 필드에 넣고, 커서를 상세주소 필드로 이동한다.
-            var of = document[frm_name];
-            of[frm_zip1].value = data.postcode1;
-            of[frm_zip2].value = data.postcode2;
-            of[frm_addr1].value = data.address1;
-            of[frm_addr2].value = "";
-            of[frm_addr3].value = "";
+    var zip_case = 1;   //0이면 레이어, 1이면 페이지에 끼워 넣기, 2이면 새창
 
-            if( data.addressType == "R" ){  //도로명이면
-                of[frm_addr3].value = data.address2;
-            }
-            if(of[frm_jibeon] !== undefined){
-                of[frm_jibeon].value = data.addressType;
-            }
+    var complete_fn = function(data){
+        // 팝업에서 검색결과 항목을 클릭했을때 실행할 코드를 작성하는 부분.
+        
+        // 각 주소의 노출 규칙에 따라 주소를 조합한다.
+        // 내려오는 변수가 값이 없는 경우엔 공백('')값을 가지므로, 이를 참고하여 분기 한다.
+        var fullAddr = ''; // 최종 주소 변수
+        var extraAddr = ''; // 조합형 주소 변수
 
-            of[frm_addr2].focus();
+        // 사용자가 선택한 주소 타입에 따라 해당 주소 값을 가져온다.
+        if (data.userSelectedType === 'R') { // 사용자가 도로명 주소를 선택했을 경우
+            fullAddr = data.roadAddress;
+
+        } else { // 사용자가 지번 주소를 선택했을 경우(J)
+            fullAddr = data.jibunAddress;
         }
-    }).open();
+
+        // 사용자가 선택한 주소가 도로명 타입일때 조합한다.
+        if(data.userSelectedType === 'R'){
+            //법정동명이 있을 경우 추가한다.
+            if(data.bname !== ''){
+                extraAddr += data.bname;
+            }
+            // 건물명이 있을 경우 추가한다.
+            if(data.buildingName !== ''){
+                extraAddr += (extraAddr !== '' ? ', ' + data.buildingName : data.buildingName);
+            }
+            // 조합형주소의 유무에 따라 양쪽에 괄호를 추가하여 최종 주소를 만든다.
+            extraAddr = (extraAddr !== '' ? ' ('+ extraAddr +')' : '');
+        }
+
+        // 우편번호와 주소 정보를 해당 필드에 넣고, 커서를 상세주소 필드로 이동한다.
+        var of = document[frm_name];
+
+        of[frm_zip1].value = data.postcode1;
+        of[frm_zip2].value = data.postcode2;
+
+        of[frm_addr1].value = fullAddr;
+        of[frm_addr3].value = extraAddr;
+
+        if(of[frm_jibeon] !== undefined){
+            of[frm_jibeon].value = data.userSelectedType;
+        }
+
+        of[frm_addr2].focus();
+    };
+
+    switch(zip_case) {
+        case 1 :    //iframe을 이용하여 페이지에 끼워 넣기
+            var daum_pape_id = 'daum_juso_page'+frm_zip1,
+                element_wrap = document.getElementById(daum_pape_id),
+                currentScroll = Math.max(document.body.scrollTop, document.documentElement.scrollTop);
+            if (element_wrap == null) {
+                element_wrap = document.createElement("div");
+                element_wrap.setAttribute("id", daum_pape_id);
+                element_wrap.style.cssText = 'display:none;border:1px solid;left:0;width:100%;height:300px;margin:5px 0;position:relative;-webkit-overflow-scrolling:touch;';
+                element_wrap.innerHTML = '<img src="//i1.daumcdn.net/localimg/localimages/07/postcode/320/close.png" id="btnFoldWrap" style="cursor:pointer;position:absolute;right:0px;top:-21px;z-index:1" class="close_daum_juso" alt="접기 버튼">';
+                jQuery('form[name="'+frm_name+'"]').find('input[name="'+frm_addr1+'"]').before(element_wrap);
+                jQuery("#"+daum_pape_id).off("click", ".close_daum_juso").on("click", ".close_daum_juso", function(e){
+                    e.preventDefault();
+                    jQuery(this).parent().hide();
+                });
+            }
+
+            new daum.Postcode({
+                oncomplete: function(data) {
+                    complete_fn(data);
+                    // iframe을 넣은 element를 안보이게 한다.
+                    element_wrap.style.display = 'none';
+                    // 우편번호 찾기 화면이 보이기 이전으로 scroll 위치를 되돌린다.
+                    document.body.scrollTop = currentScroll;
+                },
+                // 우편번호 찾기 화면 크기가 조정되었을때 실행할 코드를 작성하는 부분.
+                // iframe을 넣은 element의 높이값을 조정한다.
+                onresize : function(size) {
+                    element_wrap.style.height = size.height + "px";
+                },
+                width : '100%',
+                height : '100%'
+            }).embed(element_wrap);
+
+            // iframe을 넣은 element를 보이게 한다.
+            element_wrap.style.display = 'block';
+            break;
+        case 2 :    //새창으로 띄우기
+            new daum.Postcode({
+                oncomplete: function(data) {
+                    complete_fn(data);
+                }
+            }).open();
+            break;
+        default :   //iframe을 이용하여 레이어 띄우기
+            var rayer_id = 'daum_juso_rayer'+frm_zip1,
+                element_layer = document.getElementById(rayer_id);
+            if (element_layer == null) {
+                element_layer = document.createElement("div");
+                element_layer.setAttribute("id", rayer_id);
+                element_layer.style.cssText = 'display:none;border:5px solid;position:fixed;width:300px;height:460px;left:50%;margin-left:-155px;top:50%;margin-top:-235px;overflow:hidden;-webkit-overflow-scrolling:touch;z-index:10000';
+                element_layer.innerHTML = '<img src="//i1.daumcdn.net/localimg/localimages/07/postcode/320/close.png" id="btnCloseLayer" style="cursor:pointer;position:absolute;right:-3px;top:-3px;z-index:1" class="close_daum_juso" alt="닫기 버튼">';
+                document.body.appendChild(element_layer);
+                jQuery("#"+rayer_id).off("click", ".close_daum_juso").on("click", ".close_daum_juso", function(e){
+                    e.preventDefault();
+                    jQuery(this).parent().hide();
+                });
+            }
+
+            new daum.Postcode({
+                oncomplete: function(data) {
+                    complete_fn(data);
+                    // iframe을 넣은 element를 안보이게 한다.
+                    element_layer.style.display = 'none';
+                },
+                width : '100%',
+                height : '100%'
+            }).embed(element_layer);
+
+            // iframe을 넣은 element를 보이게 한다.
+            element_layer.style.display = 'block';
+    }
 }
 
 /**
@@ -577,8 +676,8 @@ $(function(){
     });
 
     $("textarea#wr_content[maxlength]").live("keyup change", function() {
-        var str = $(this).val()
-        var mx = parseInt($(this).attr("maxlength"))
+        var str = $(this).val();
+        var mx = parseInt($(this).attr("maxlength"));
         if (str.length > mx) {
             $(this).val(str.substr(0, mx));
             return false;
diff --git a/lib/common.lib.php b/lib/common.lib.php
index 8b8b0a7a1..2d82d02d0 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -745,7 +745,7 @@ function subject_sort_link($col, $query_string='', $flag='asc')
     $arr_query[] = 'page='.$page;
     $qstr = implode("&amp;", $arr_query);
 
-    return "<a href=\"{$_SERVER['PHP_SELF']}?{$qstr}\">";
+    return "<a href=\"{$_SERVER['SCRIPT_NAME']}?{$qstr}\">";
 }
 
 
@@ -1448,12 +1448,13 @@ function sql_query($sql, $error=G5_DISPLAY_SQL_ERROR)
     // Blind SQL Injection 취약점 해결
     $sql = trim($sql);
     // union의 사용을 허락하지 않습니다.
-    $sql = preg_replace("#^select.*from.*union.*#i", "select 1", $sql);
+    //$sql = preg_replace("#^select.*from.*union.*#i", "select 1", $sql);
+    $sql = preg_replace("#^select.*from.*[\s\(]+union[\s\)]+.*#i ", "select 1", $sql);
     // `information_schema` DB로의 접근을 허락하지 않습니다.
     $sql = preg_replace("#^select.*from.*where.*`?information_schema`?.*#i", "select 1", $sql);
 
     if ($error)
-        $result = @mysql_query($sql, $g5['connect_db']) or die("<p>$sql<p>" . mysql_errno() . " : " .  mysql_error() . "<p>error file : {$_SERVER['PHP_SELF']}");
+        $result = @mysql_query($sql, $g5['connect_db']) or die("<p>$sql<p>" . mysql_errno() . " : " .  mysql_error() . "<p>error file : {$_SERVER['SCRIPT_NAME']}");
     else
         $result = @mysql_query($sql, $g5['connect_db']);
 
@@ -1465,7 +1466,7 @@ function sql_query($sql, $error=G5_DISPLAY_SQL_ERROR)
 function sql_fetch($sql, $error=G5_DISPLAY_SQL_ERROR)
 {
     $result = sql_query($sql, $error);
-    //$row = @sql_fetch_array($result) or die("<p>$sql<p>" . mysql_errno() . " : " .  mysql_error() . "<p>error file : $_SERVER['PHP_SELF']");
+    //$row = @sql_fetch_array($result) or die("<p>$sql<p>" . mysql_errno() . " : " .  mysql_error() . "<p>error file : $_SERVER['SCRIPT_NAME']");
     $row = sql_fetch_array($result);
     return $row;
 }
@@ -2429,12 +2430,12 @@ function googl_short_url($longUrl)
     // URL Shortener API ON
     $apiKey = $config['cf_googl_shorturl_apikey'];
 
-    $postData = array('longUrl' => $longUrl, 'key' => $apiKey);
+    $postData = array('longUrl' => $longUrl);
     $jsonData = json_encode($postData);
 
     $curlObj = curl_init();
 
-    curl_setopt($curlObj, CURLOPT_URL, 'https://www.googleapis.com/urlshortener/v1/url');
+    curl_setopt($curlObj, CURLOPT_URL, 'https://www.googleapis.com/urlshortener/v1/url?key='.$apiKey);
     curl_setopt($curlObj, CURLOPT_RETURNTRANSFER, 1);
     curl_setopt($curlObj, CURLOPT_SSL_VERIFYPEER, 0);
     curl_setopt($curlObj, CURLOPT_HEADER, 0);
@@ -2823,4 +2824,167 @@ function insert_popular($field, $str)
         sql_query($sql, FALSE);
     }
 }
+
+// 문자열 암호화
+function get_encrypt_string($str)
+{
+    if(defined('G5_STRING_ENCRYPT_FUNCTION') && G5_STRING_ENCRYPT_FUNCTION) {
+        $encrypt = call_user_func(G5_STRING_ENCRYPT_FUNCTION, $str);
+    } else {
+        $encrypt = sql_password($str);
+    }
+
+    return $encrypt;
+}
+
+// 비밀번호 비교
+function check_password($pass, $hash)
+{
+    $password = get_encrypt_string($pass);
+
+    return ($password === $hash);
+}
+
+// 동일한 host url 인지
+function check_url_host($url, $msg='', $return_url=G5_URL)
+{
+    if(!$msg)
+        $msg = 'url에 타 도메인을 지정할 수 없습니다.';
+
+    $p = parse_url($url);
+    $host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
+
+    if ((isset($p['scheme']) && $p['scheme']) || (isset($p['host']) && $p['host'])) {
+        //if ($p['host'].(isset($p['port']) ? ':'.$p['port'] : '') != $_SERVER['HTTP_HOST']) {
+        if ($p['host'] != $host) {
+            echo '<script>'.PHP_EOL;
+            echo 'alert("url에 타 도메인을 지정할 수 없습니다.");'.PHP_EOL;
+            echo 'document.location.href = "'.$return_url.'";'.PHP_EOL;
+            echo '</script>'.PHP_EOL;
+            echo '<noscript>'.PHP_EOL;
+            echo '<p>'.$msg.'</p>'.PHP_EOL;
+            echo '<p><a href="'.$return_url.'">돌아가기</a></p>'.PHP_EOL;
+            echo '</noscript>'.PHP_EOL;
+            exit;
+        }
+    }
+}
+
+// QUERY STRING 에 포함된 XSS 태그 제거
+function clean_query_string($query, $amp=true)
+{
+    $qstr = trim($query);
+
+    parse_str($qstr, $out);
+
+    if(is_array($out)) {
+        $q = array();
+
+        foreach($out as $key=>$val) {
+            $key = strip_tags(trim($key));
+            $val = trim($val);
+
+            switch($key) {
+                case 'wr_id':
+                    $val = (int)preg_replace('/[^0-9]/', '', $val);
+                    $q[$key] = $val;
+                    break;
+                case 'sca':
+                    $val = clean_xss_tags($val);
+                    $q[$key] = $val;
+                    break;
+                case 'sfl':
+                    $val = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $val);
+                    $q[$key] = $val;
+                    break;
+                case 'stx':
+                    $val = get_search_string($val);
+                    $q[$key] = $val;
+                    break;
+                case 'sst':
+                    $val = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $val);
+                    $q[$key] = $val;
+                    break;
+                case 'sod':
+                    $val = preg_match("/^(asc|desc)$/i", $val) ? $val : '';
+                    $q[$key] = $val;
+                    break;
+                case 'sop':
+                    $val = preg_match("/^(or|and)$/i", $val) ? $val : '';
+                    $q[$key] = $val;
+                    break;
+                case 'spt':
+                    $val = (int)preg_replace('/[^0-9]/', '', $val);
+                    $q[$key] = $val;
+                    break;
+                case 'page':
+                    $val = (int)preg_replace('/[^0-9]/', '', $val);
+                    $q[$key] = $val;
+                    break;
+                case 'w':
+                    $val = substr($val, 0, 2);
+                    $q[$key] = $val;
+                    break;
+                case 'bo_table':
+                    $val = preg_replace('/[^a-z0-9_]/i', '', $val);
+                    $val = substr($val, 0, 20);
+                    $q[$key] = $val;
+                    break;
+                case 'gr_id':
+                    $val = preg_replace('/[^a-z0-9_]/i', '', $val);
+                    $q[$key] = $val;
+                    break;
+                default:
+                    $val = clean_xss_tags($val);
+                    $q[$key] = $val;
+                    break;
+            }
+        }
+
+        if($amp)
+            $sep = '&amp;';
+        else
+            $sep ='&';
+
+        $str = http_build_query($q, '', $sep);
+    } else {
+        $str = clean_xss_tags($qstr);
+    }
+
+    return $str;
+}
+
+function get_device_change_url()
+{
+    $p = parse_url(G5_URL);
+    $href = $p['scheme'].'://'.$p['host'];
+    if(isset($p['port']) && $p['port'])
+        $href .= ':'.$p['port'];
+    $href .= $_SERVER['SCRIPT_NAME'];
+
+    $q = array();
+    $device = 'device='.(G5_IS_MOBILE ? 'pc' : 'mobile');
+
+    if($_SERVER['QUERY_STRING']) {
+        foreach($_GET as $key=>$val) {
+            if($key == 'device')
+                continue;
+
+            $key = strip_tags($key);
+            $val = strip_tags($val);
+
+            if($key && $val)
+                $q[$key] = $val;
+        }
+    }
+
+    if(!empty($q)) {
+        $query = http_build_query($q, '', '&amp;');
+        $href .= '?'.$query.'&amp;'.$device;
+    } else {
+        $href .= '?'.$device;
+    }
+
+    return $href;
+}
 ?>
\ No newline at end of file
diff --git a/lib/mailer.lib.php b/lib/mailer.lib.php
index a149931b7..42593a3c3 100644
--- a/lib/mailer.lib.php
+++ b/lib/mailer.lib.php
@@ -5,16 +5,16 @@ include_once(G5_PHPMAILER_PATH.'/class.phpmailer.php');
 
 // 메일 보내기 (파일 여러개 첨부 가능)
 // type : text=0, html=1, text+html=2
-function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc="", $bcc="") 
-{ 
-    global $config; 
-    global $g5; 
+function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc="", $bcc="")
+{
+    global $config;
+    global $g5;
 
-    // 메일발송 사용을 하지 않는다면 
-    if (!$config['cf_email_use']) return; 
+    // 메일발송 사용을 하지 않는다면
+    if (!$config['cf_email_use']) return;
 
-    if ($type != 1) 
-        $content = nl2br($content); 
+    if ($type != 1)
+        $content = nl2br($content);
 
     $mail = new PHPMailer(); // defaults to using php "mail()"
     if (defined('G5_SMTP') && G5_SMTP) {
@@ -27,13 +27,13 @@ function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc=
     $mail->AltBody = ""; // optional, comment out and test
     $mail->MsgHTML($content);
     $mail->AddAddress($to);
-    if ($cc) 
+    if ($cc)
         $mail->AddCC($cc);
-    if ($bcc) 
+    if ($bcc)
         $mail->AddBCC($bcc);
     //print_r2($file); exit;
-    if ($file != "") { 
-        foreach ($file as $f) { 
+    if ($file != "") {
+        foreach ($file as $f) {
             $mail->AddAttachment($f['path'], $f['name']);
         }
     }
@@ -61,27 +61,27 @@ function attach_file($filename, $tmp_name)
 /*
 // 메일 보내기 (파일 여러개 첨부 가능)
 // type : text=0, html=1, text+html=2
-function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc="", $bcc="") 
-{ 
-    global $config; 
-    global $g5; 
+function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc="", $bcc="")
+{
+    global $config;
+    global $g5;
 
-    // 메일발송 사용을 하지 않는다면 
-    if (!$config['cf_email_use']) return; 
+    // 메일발송 사용을 하지 않는다면
+    if (!$config['cf_email_use']) return;
 
-    $boundary = uniqid(time()); 
+    $boundary = uniqid(time());
 
     $header = "Message-ID: <".generate_mail_id(preg_replace("/@.+$/i","",$to)).">\r\n".
               "From:=?utf-8?B?".base64_encode($fname)."?=<$fmail>\r\n";
-    if ($cc)  $header .= "Cc: $cc\n"; 
-    if ($bcc) $header .= "Bcc: $bcc\n"; 
-    $header .= "MIME-Version: 1.0\n"; 
-    $header .= "X-Mailer: SIR Mailer 0.94 : {$_SERVER['SERVER_ADDR']} : {$_SERVER['REMOTE_ADDR']} : ".G5_URL." : {$_SERVER['PHP_SELF']} : {$_SERVER['HTTP_REFERER']} \n"; 
+    if ($cc)  $header .= "Cc: $cc\n";
+    if ($bcc) $header .= "Bcc: $bcc\n";
+    $header .= "MIME-Version: 1.0\n";
+    $header .= "X-Mailer: SIR Mailer 0.94 : {$_SERVER['SERVER_ADDR']} : {$_SERVER['REMOTE_ADDR']} : ".G5_URL." : {$_SERVER['SCRIPT_NAME']} : {$_SERVER['HTTP_REFERER']} \n";
     $header .= "Date: ".date ("D, j M Y H:i:s T",time())."\r\n".
                "To: $to\r\n".
                "Subject: =?utf-8?B?".base64_encode($subject)."?=\r\n";
 
-    if ($file == "") { 
+    if ($file == "") {
         $header .= "Content-Type: MULTIPART/ALTERNATIVE;\n".
                    "              BOUNDARY=\"$boundary\"\n\n";
     } else {
@@ -89,39 +89,39 @@ function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc=
                    "              BOUNDARY=\"$boundary\"\n\n";
     }
 
-    if ($type == 2) 
-        $content = nl2br($content); 
+    if ($type == 2)
+        $content = nl2br($content);
 
     $strip_content  = stripslashes(trim($content));
     $encode_content = chunk_split(base64_encode($strip_content));
 
     $body = "";
     $body .= "\n--$boundary\n";
-    $body .= "Content-Type: TEXT/PLAIN; charset=utf-8\n"; 
-    $body .= "Content-Transfer-Encoding: BASE64\n\n"; 
-    $body .= $encode_content; 
+    $body .= "Content-Type: TEXT/PLAIN; charset=utf-8\n";
+    $body .= "Content-Transfer-Encoding: BASE64\n\n";
+    $body .= $encode_content;
     $body .= "\n--$boundary\n";
 
-    if ($type) { 
-        $body .= "Content-Type: TEXT/HTML; charset=utf-8\n"; 
-        $body .= "Content-Transfer-Encoding: BASE64\n\n"; 
-        $body .= $encode_content; 
+    if ($type) {
+        $body .= "Content-Type: TEXT/HTML; charset=utf-8\n";
+        $body .= "Content-Transfer-Encoding: BASE64\n\n";
+        $body .= $encode_content;
         $body .= "\n--$boundary\n";
     }
 
-    if ($file != "") { 
-        foreach ($file as $f) { 
-            $body .= "n--$boundary\n"; 
-            $body .= "Content-Type: APPLICATION/OCTET-STREAM; name=$fname\n"; 
-            $body .= "Content-Transfer-Encoding: BASE64\n"; 
-            $body .= "Content-Disposition: inline; filename=$fname\n"; 
+    if ($file != "") {
+        foreach ($file as $f) {
+            $body .= "n--$boundary\n";
+            $body .= "Content-Type: APPLICATION/OCTET-STREAM; name=$fname\n";
+            $body .= "Content-Transfer-Encoding: BASE64\n";
+            $body .= "Content-Disposition: inline; filename=$fname\n";
 
-            $body .= "\n"; 
-            $body .= chunk_split(base64_encode($f['data'])); 
-            $body .= "\n"; 
-        } 
-        $body .= "--$boundary--\n"; 
-    } 
+            $body .= "\n";
+            $body .= chunk_split(base64_encode($f['data']));
+            $body .= "\n";
+        }
+        $body .= "--$boundary--\n";
+    }
 
     $mails['to'] = $to;
     $mails['from'] = $fmail;
@@ -129,7 +129,7 @@ function mailer($fname, $fmail, $to, $subject, $content, $type=0, $file="", $cc=
 
     if (defined(G5_SMTP)) {
         ini_set('SMTP', G5_SMTP);
-        @mail($to, $subject, $body, $header, "-f $fmail"); 
+        @mail($to, $subject, $body, $header, "-f $fmail");
     } else {
         new maildaemon($mails);
     }
@@ -306,7 +306,7 @@ class maildaemon {
   #  $t -> 1 (debug of socket open,close)
   #        0 (regular smtp message)
   #  $p -> 1 (print detail debug)
-  # 
+  #
   # return 1 -> success
   # return 0 -> failed
   #
@@ -381,7 +381,7 @@ function generate_mail_id($uid) {
 function mail_header($to,$from,$title,$mta=0) {
   global $langs,$boundary;
 
-  # mail header 를 작성 
+  # mail header 를 작성
   $boundary = get_boundary_msg();
   $header = "Message-ID: <".generate_mail_id(preg_replace("/@.+$/i","",$to)).">\r\n".
             "From:=?utf-8?B?".base64_encode('보내는사람')."?=<$from>\r\n".
diff --git a/lib/thumbnail.lib.php b/lib/thumbnail.lib.php
index b9a5c4abf..15ad429fc 100644
--- a/lib/thumbnail.lib.php
+++ b/lib/thumbnail.lib.php
@@ -333,11 +333,14 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h
         if($size[2] == 3) {
             imagealphablending($dst, false);
             imagesavealpha($dst, true);
-        } else if($size[2] == 1 && $src_transparency != -1) {
-            $transparent_color   = imagecolorsforindex($src, $src_transparency);
-            $current_transparent = imagecolorallocate($dst, $transparent_color['red'], $transparent_color['green'], $transparent_color['blue']);
-            imagefill($dst, 0, 0, $current_transparent);
-            imagecolortransparent($dst, $current_transparent);
+        } else if($size[2] == 1) {
+            $palletsize = imagecolorstotal($src);
+            if($src_transparency >= 0 && $src_transparency < $palletsize) {
+                $transparent_color   = imagecolorsforindex($src, $src_transparency);
+                $current_transparent = imagecolorallocate($dst, $transparent_color['red'], $transparent_color['green'], $transparent_color['blue']);
+                imagefill($dst, 0, 0, $current_transparent);
+                imagecolortransparent($dst, $current_transparent);
+            }
         }
     } else {
         $dst = imagecreatetruecolor($dst_w, $dst_h);
@@ -367,7 +370,8 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h
             imagealphablending($dst, false);
             imagesavealpha($dst, true);
         } else if($size[2] == 1) {
-            if($src_transparency != -1) {
+            $palletsize = imagecolorstotal($src);
+            if($src_transparency >= 0 && $src_transparency < $palletsize) {
                 $transparent_color   = imagecolorsforindex($src, $src_transparency);
                 $current_transparent = imagecolorallocate($dst, $transparent_color['red'], $transparent_color['green'], $transparent_color['blue']);
                 imagefill($dst, 0, 0, $current_transparent);
diff --git a/mobile/skin/board/basic/view_comment.skin.php b/mobile/skin/board/basic/view_comment.skin.php
index d3aa7fe05..c6984f652 100644
--- a/mobile/skin/board/basic/view_comment.skin.php
+++ b/mobile/skin/board/basic/view_comment.skin.php
@@ -50,7 +50,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 
         <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
-            $query_string = str_replace("&", "&amp;", $_SERVER['QUERY_STRING']);
+            $query_string = clean_query_string($_SERVER['QUERY_STRING']);
 
             if($w == 'cu') {
                 $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
diff --git a/mobile/skin/board/gallery/view_comment.skin.php b/mobile/skin/board/gallery/view_comment.skin.php
index d3aa7fe05..c6984f652 100644
--- a/mobile/skin/board/gallery/view_comment.skin.php
+++ b/mobile/skin/board/gallery/view_comment.skin.php
@@ -50,7 +50,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 
         <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
-            $query_string = str_replace("&", "&amp;", $_SERVER['QUERY_STRING']);
+            $query_string = clean_query_string($_SERVER['QUERY_STRING']);
 
             if($w == 'cu') {
                 $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
diff --git a/mobile/skin/connect/basic/connect.skin.php b/mobile/skin/connect/basic/connect.skin.php
index 55849443c..96d2da394 100644
--- a/mobile/skin/connect/basic/connect.skin.php
+++ b/mobile/skin/connect/basic/connect.skin.php
@@ -5,5 +5,4 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 // add_stylesheet('css 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
 add_stylesheet('<link rel="stylesheet" href="'.$connect_skin_url.'/style.css">', 0);
 ?>
-
 <?php echo $row['total_cnt'] ?>
diff --git a/mobile/skin/faq/basic/list.skin.php b/mobile/skin/faq/basic/list.skin.php
index d64a533a1..f625ff36a 100644
--- a/mobile/skin/faq/basic/list.skin.php
+++ b/mobile/skin/faq/basic/list.skin.php
@@ -73,7 +73,7 @@ if( count($faq_master_list) ){
     ?>
 </div>
 
-<?php echo get_paging($page_rows, $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page='); ?>
+<?php echo get_paging($page_rows, $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
 
 <?php
 // 하단 HTML
diff --git a/mobile/skin/member/basic/member_confirm.skin.php b/mobile/skin/member/basic/member_confirm.skin.php
index 467b801e0..76978b193 100644
--- a/mobile/skin/member/basic/member_confirm.skin.php
+++ b/mobile/skin/member/basic/member_confirm.skin.php
@@ -10,7 +10,11 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 
     <p>
         <strong>비밀번호를 한번 더 입력해주세요.</strong>
+        <?php if ($url == 'member_leave.php') { ?>
+        비밀번호를 입력하시면 회원탈퇴가 완료됩니다.
+        <?php }else{ ?>
         회원님의 정보를 안전하게 보호하기 위해 비밀번호를 한번 더 확인합니다.
+        <?php }  ?>
     </p>
 
     <form name="fmemberconfirm" action="<?php echo $url ?>" onsubmit="return fmemberconfirm_submit(this);" method="post">
diff --git a/mobile/skin/member/basic/point.skin.php b/mobile/skin/member/basic/point.skin.php
index 93ce40a91..bc0ff54b7 100644
--- a/mobile/skin/member/basic/point.skin.php
+++ b/mobile/skin/member/basic/point.skin.php
@@ -75,7 +75,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
         </div>
     </div>
 
-    <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page='); ?>
+    <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
 
     <div class="win_btn"><button type="button" onclick="javascript:window.close();">창닫기</button></div>
 </div>
\ No newline at end of file
diff --git a/mobile/tail.php b/mobile/tail.php
index 6ada54bbd..44d88ff22 100644
--- a/mobile/tail.php
+++ b/mobile/tail.php
@@ -25,27 +25,8 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 </div>
 
 <?php
-if(G5_DEVICE_BUTTON_DISPLAY && G5_IS_MOBILE) {
-    $seq = 0;
-    $p = parse_url(G5_URL);
-    $href = $p['scheme'].'://'.$p['host'].$_SERVER['PHP_SELF'];
-    if($_SERVER['QUERY_STRING']) {
-        $sep = '?';
-        foreach($_GET as $key=>$val) {
-            if($key == 'device')
-                continue;
-
-            $href .= $sep.$key.'='.$val;
-            $sep = '&amp;';
-            $seq++;
-        }
-    }
-    if($seq)
-        $href .= '&amp;device=pc';
-    else
-        $href .= '?device=pc';
-?>
-<a href="<?php echo $href; ?>" id="device_change">PC 버전으로 보기</a>
+if(G5_DEVICE_BUTTON_DISPLAY && G5_IS_MOBILE) { ?>
+<a href="<?php echo get_device_change_url(); ?>" id="device_change">PC 버전으로 보기</a>
 <?php
 }
 
diff --git a/plugin/sms5/write_update.php b/plugin/sms5/write_update.php
index a25e50b7b..6db482697 100644
--- a/plugin/sms5/write_update.php
+++ b/plugin/sms5/write_update.php
@@ -15,10 +15,13 @@ if (!$is_member)
 if ($member['mb_level'] < $sms5['cf_level'])
     alert("회원 {$sms5['cf_level']}레벨 이상만 문자전송이 가능합니다.");
 
-if (!trim($mh_reply))
+$mh_reply   = preg_replace('#[^0-9\-]#', '', trim($mh_reply));
+$mh_message = clean_xss_tags(trim($mh_message));
+
+if (!$mh_reply)
     alert('보내는 번호를 입력해주세요.');
 
-if (!trim($mh_message))
+if (!$mh_message)
     alert('메세지를 입력해주세요.');
 
 if ($is_admin != 'super')
diff --git a/skin/board/basic/style.css b/skin/board/basic/style.css
index 29a31a5f4..8d63d833f 100644
--- a/skin/board/basic/style.css
+++ b/skin/board/basic/style.css
@@ -107,7 +107,7 @@
 #bo_list .txt_expired {color:#ccc}
 
 #bo_cate h2 {position:absolute;font-size:0;line-height:0;overflow:hidden}
-#bo_cate ul {margin-bottom:10px;padding-left:1px;width:728px;zoom:1}
+#bo_cate ul {margin-bottom:10px;padding-left:1px;zoom:1}
 #bo_cate ul:after {display:block;visibility:hidden;clear:both;content:""}
 #bo_cate li {float:left;margin-bottom:-1px}
 #bo_cate a {display:block;position:relative;margin-left:-1px;padding:6px 0 5px;width:90px;border:1px solid #ddd;background:#f7f7f7;color:#888;text-align:center;letter-spacing:-0.1em;line-height:1.2em;cursor:pointer}
diff --git a/skin/board/basic/view_comment.skin.php b/skin/board/basic/view_comment.skin.php
index 1d4514dd2..cea2d1c63 100644
--- a/skin/board/basic/view_comment.skin.php
+++ b/skin/board/basic/view_comment.skin.php
@@ -56,7 +56,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 
         <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
-            $query_string = str_replace("&", "&amp;", $_SERVER['QUERY_STRING']);
+            $query_string = clean_query_string($_SERVER['QUERY_STRING']);
 
             if($w == 'cu') {
                 $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
diff --git a/skin/board/gallery/style.css b/skin/board/gallery/style.css
index 43bea9758..5701375da 100644
--- a/skin/board/gallery/style.css
+++ b/skin/board/gallery/style.css
@@ -79,7 +79,7 @@
 
 /* 게시판 목록 */
 #bo_cate h2 {width:1px;height:1px;font-size:0;line-height:0;overflow:hidden}
-#bo_cate ul {margin-bottom:10px;padding-left:1px;width:728px;zoom:1}
+#bo_cate ul {margin-bottom:10px;padding-left:1px;zoom:1}
 #bo_cate ul:after {display:block;visibility:hidden;clear:both;content:""}
 #bo_cate li {float:left;margin-bottom:-1px}
 #bo_cate a {display:block;position:relative;margin-left:-1px;padding:6px 0 5px;width:90px;border:1px solid #ddd;background:#f7f7f7;color:#888;text-align:center;letter-spacing:-0.1em;line-height:1.2em;cursor:pointer}
diff --git a/skin/board/gallery/view_comment.skin.php b/skin/board/gallery/view_comment.skin.php
index a74a0fa76..c701f0112 100644
--- a/skin/board/gallery/view_comment.skin.php
+++ b/skin/board/gallery/view_comment.skin.php
@@ -56,7 +56,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
         <textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
 
         <?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
-            $query_string = str_replace("&", "&amp;", $_SERVER['QUERY_STRING']);
+            $query_string = clean_query_string($_SERVER['QUERY_STRING']);
 
             if($w == 'cu') {
                 $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
diff --git a/skin/faq/basic/list.skin.php b/skin/faq/basic/list.skin.php
index 5149fd1fe..86def35fd 100644
--- a/skin/faq/basic/list.skin.php
+++ b/skin/faq/basic/list.skin.php
@@ -79,7 +79,7 @@ if( count($faq_master_list) ){
     ?>
 </div>
 
-<?php echo get_paging($page_rows, $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page='); ?>
+<?php echo get_paging($page_rows, $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
 
 <?php
 // 하단 HTML
diff --git a/skin/faq/basic/style.css b/skin/faq/basic/style.css
index d2c7a16f5..35168de92 100644
--- a/skin/faq/basic/style.css
+++ b/skin/faq/basic/style.css
@@ -1,7 +1,7 @@
 @charset "utf-8";
 
 #bo_cate h2 {position:absolute;font-size:0;line-height:0;overflow:hidden}
-#bo_cate ul {margin-bottom:10px;padding-left:1px;width:728px;zoom:1}
+#bo_cate ul {margin-bottom:10px;padding-left:1px;zoom:1}
 #bo_cate ul:after {display:block;visibility:hidden;clear:both;content:""}
 #bo_cate li {float:left;margin-bottom:-1px}
 #bo_cate a {display:block;position:relative;margin-left:-1px;padding:6px 0 5px;width:90px;border:1px solid #ddd;background:#f7f7f7;color:#888;text-align:center;letter-spacing:-0.1em;line-height:1.2em;cursor:pointer}
diff --git a/skin/member/basic/point.skin.php b/skin/member/basic/point.skin.php
index 4e108db80..d0e754fba 100644
--- a/skin/member/basic/point.skin.php
+++ b/skin/member/basic/point.skin.php
@@ -82,7 +82,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
         </table>
     </div>
 
-    <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page='); ?>
+    <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
 
     <div class="win_btn"><button type="button" onclick="javascript:window.close();">창닫기</button></div>
 </div>
\ No newline at end of file
diff --git a/skin/member/basic/style.css b/skin/member/basic/style.css
index 87861cf15..481d30037 100644
--- a/skin/member/basic/style.css
+++ b/skin/member/basic/style.css
@@ -50,7 +50,7 @@
 .mbskin .frm_file {}
 
 .mbskin .tbl_frm01 {}
-.mbskin .tbl_frm01 th {}
+.mbskin .tbl_frm01 th {width:85px;}
 .mbskin .tbl_frm01 td {}
 .mbskin .tbl_frm01 textarea, .mb_skin tbl_frm01 .frm_input {}
 .mbskin .tbl_frm01 textarea {}
diff --git a/skin/qa/basic/style.css b/skin/qa/basic/style.css
index 1d383415f..8f7022428 100644
--- a/skin/qa/basic/style.css
+++ b/skin/qa/basic/style.css
@@ -107,7 +107,7 @@
 #bo_list .txt_expired {color:#ccc}
 
 #bo_cate h2 {position:absolute;font-size:0;line-height:0;overflow:hidden}
-#bo_cate ul {margin-bottom:10px;padding-left:1px;width:728px;zoom:1}
+#bo_cate ul {margin-bottom:10px;padding-left:1px;zoom:1}
 #bo_cate ul:after {display:block;visibility:hidden;clear:both;content:""}
 #bo_cate li {float:left;margin-bottom:-1px}
 #bo_cate a {display:block;position:relative;margin-left:-1px;padding:6px 0 5px;width:90px;border:1px solid #ddd;background:#f7f7f7;color:#888;text-align:center;letter-spacing:-0.1em;line-height:1.2em;cursor:pointer}
diff --git a/skin/search/basic/style.css b/skin/search/basic/style.css
index 10de1ac5c..8adf23a45 100644
--- a/skin/search/basic/style.css
+++ b/skin/search/basic/style.css
@@ -12,10 +12,10 @@
 #sch_res_ov dd {float:left;margin:0 10px 0 5px}
 #sch_res_ov p {float:right;margin:0;padding:0;line-height:1em}
 
-#sch_res_board {margin:0 0 10px;padding-left:1px;width:728px;list-style:none;zoom:1}
+#sch_res_board {margin:0 0 10px;padding-left:1px;list-style:none;zoom:1}
 #sch_res_board:after {display:block;visibility:hidden;clear:both;content:""}
 #sch_res_board li {float:left;margin-bottom:-1px}
-#sch_res_board a {display:block;position:relative;margin-left:-1px;padding:6px 0 5px;width:181px;border:1px solid #ddd;text-align:center;letter-spacing:-0.1em;line-height:1.2em;cursor:pointer}
+#sch_res_board a {display:block;position:relative;margin-left:-1px;padding:6px 0 5px;width:180px;border:1px solid #ddd;text-align:center;letter-spacing:-0.1em;line-height:1.2em;cursor:pointer}
 #sch_res_board a:focus, #sch_res_board a:hover, #sch_res_board a:active {text-decoration:none}
 #sch_res_board .cnt_cmt {font-weight:normal !important}
 
diff --git a/tail.php b/tail.php
index f4b57a4c9..48c1e7103 100644
--- a/tail.php
+++ b/tail.php
@@ -38,27 +38,8 @@ if (G5_IS_MOBILE) {
 </div>
 
 <?php
-if(G5_DEVICE_BUTTON_DISPLAY && !G5_IS_MOBILE) {
-    $seq = 0;
-    $p = parse_url(G5_URL);
-    $href = $p['scheme'].'://'.$p['host'].$_SERVER['PHP_SELF'];
-    if($_SERVER['QUERY_STRING']) {
-        $sep = '?';
-        foreach($_GET as $key=>$val) {
-            if($key == 'device')
-                continue;
-
-            $href .= $sep.$key.'='.strip_tags($val);
-            $sep = '&amp;';
-            $seq++;
-        }
-    }
-    if($seq)
-        $href .= '&amp;device=mobile';
-    else
-        $href .= '?device=mobile';
-?>
-<a href="<?php echo $href; ?>" id="device_change">모바일 버전으로 보기</a>
+if(G5_DEVICE_BUTTON_DISPLAY && !G5_IS_MOBILE) { ?>
+<a href="<?php echo get_device_change_url(); ?>" id="device_change">모바일 버전으로 보기</a>
 <?php
 }
 
