From feb06c3fde21d581fda8111442bbf8d1070343ea Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Mon, 23 Feb 2015 11:09:19 +0900
Subject: [PATCH] =?UTF-8?q?=EC=BF=BC=EB=A6=AC=EB=AC=B8=EC=97=90=EC=84=9C?=
 =?UTF-8?q?=20=EB=94=B0=EC=98=B4=ED=91=9C=20=EC=A0=9C=EB=8C=80=EB=A1=9C=20?=
 =?UTF-8?q?=EC=A0=9C=EA=B1=B0=EB=90=98=EC=A7=80=20=EC=95=8A=EB=8A=94=20?=
 =?UTF-8?q?=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/shop/listtype.php | 2 +-
 shop/_common.php         | 2 +-
 shop/listtype.php        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/mobile/shop/listtype.php b/mobile/shop/listtype.php
index 093353ecc..9012546af 100644
--- a/mobile/shop/listtype.php
+++ b/mobile/shop/listtype.php
@@ -1,7 +1,7 @@
 <?php
 include_once('./_common.php');
 
-$type = $_REQUEST['type'];
+$type = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $_REQUEST['type']);
 if ($type == 1)      $g5['title'] = '히트상품';
 else if ($type == 2) $g5['title'] = '추천상품';
 else if ($type == 3) $g5['title'] = '최신상품';
diff --git a/shop/_common.php b/shop/_common.php
index 5cdeec8c4..33919b91c 100644
--- a/shop/_common.php
+++ b/shop/_common.php
@@ -3,7 +3,7 @@ include_once('../common.php');
 
 if (isset($_REQUEST['sort']))  {
     $sort = trim($_REQUEST['sort']);
-    $sort = preg_replace("/[\<\>\'\"\%\=\(\)\s]/", "", $sort);
+    $sort = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sort);
 } else {
     $sort = '';
 }
diff --git a/shop/listtype.php b/shop/listtype.php
index a6a6d8346..4691f398f 100644
--- a/shop/listtype.php
+++ b/shop/listtype.php
@@ -6,7 +6,7 @@ if (G5_IS_MOBILE) {
     return;
 }
 
-$type = $_REQUEST['type'];
+$type = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $_REQUEST['type']);
 if ($type == 1)      $g5['title'] = '히트상품';
 else if ($type == 2) $g5['title'] = '추천상품';
 else if ($type == 3) $g5['title'] = '최신상품';