Merge branch 'develop' into bin2107

src/main/java/com/style24/persistence/mybatis/shop/TsfGoods.xml

@@ -548,7 +548,8 @@
 		           , A.LINK_URL 
 		           , A.NOTE 
 		           , B.CARD_PRMT_CDT_SQ 
-		           , (B.MIN_PAY_AMT / 10000) AS MIN_PAY_AMT  -- 만원단위 
+		           --  , (B.MIN_PAY_AMT / 10000) AS MIN_PAY_AMT  -- 만원단위
+		           , B.MIN_PAY_AMT 
 		           , B.MAX_DC_AMT
 		           , B.MAX_NO_ITRT 
 		           , B.MIN_NO_ITRT 

src/main/java/com/style24/persistence/mybatis/shop/TsfReview.xml

@@ -171,7 +171,7 @@
 		                        )
 		                    )
 		        </if>
-		        ) AS PREV_REVIEW_SQ
+		        ) AS NEXT_REVIEW_SQ       -- DESC순 
 		     , (SELECT MIN(RN.REVIEW_SQ) 
 		        FROM TB_REVIEW RN
 		        WHERE RN.REVIEW_SQ > #{reviewSq}
@@ -191,7 +191,7 @@
 		                        )
 		                    )
 		        </if>
-		        ) AS NEXT_REVIEW_SQ
+		        ) AS PREV_REVIEW_SQ       -- DESC순
 		     , RANK() OVER(ORDER BY R.REVIEW_SQ DESC) AS RNUM
 		FROM TB_REVIEW R 
 		INNER JOIN TB_GOODS G ON R.GOODS_CD = G.GOODS_CD

src/main/webapp/WEB-INF/views/mob/callcenter/GoodsQnaFormMob.html

@@ -101,7 +101,7 @@
 				tag += '						<span class="fold_state ' + (item.ansStat == "G060_10" ? "doing" : "done") + '"">' + item.ansStatNm + '</span>\n'; //답변완료 : done / 처리중 : doing
 				tag += '						<span class="prod">' + item.goodsNm + ' ' + item.relGoodsCd + '</span>\n';
 				tag += '					</div>\n';
-				tag += '					<div class="lap2"><span>' + item.questContent + '</span></div>\n';
+				tag += '					<div class="lap2"><span>' + item.questContent.escapeHtml() + '</span></div>\n';
 				tag += '				</div>\n';
 				tag += '				<span class="data">' + item.questDt + '</span>\n';
 				tag += '			</div>\n';
@@ -110,7 +110,7 @@
 				tag += '	<div class="fold_cont">\n';
 				tag += '		<div class="fold_detail">\n';
 				tag += '			<div>\n';
-				tag += '				<p>' + item.questContent + '</p>\n';
+				tag += '				<p>' + item.questContent.escapeHtml() + '</p>\n';
 				tag += '			</div>\n';
 				tag += '		</div>\n';
 				

src/main/webapp/WEB-INF/views/mob/callcenter/NoticeFormMob.html

@@ -95,7 +95,7 @@
 				tag += '	</div>\n';
 				tag += '	<div class="fold_cont">\n';
 				tag += '		<div class="fold_answer">\n';
-				tag += '			<div class="answer_body">' + item.noticeContent + '</div>\n';
+				tag += '			<div class="answer_body">' + item.noticeContent.escapeHtml() + '</div>\n';
 				tag += '		</div>\n';
 				tag += '	</div>\n';
 				tag += '</li>\n';

src/main/webapp/WEB-INF/views/mob/callcenter/OneToOneQnaFormMob.html

@@ -321,7 +321,7 @@
 				tag += '	</div>\n';
 				tag += '	<div class="fold_cont">\n';
 				tag += '		<div class="fold_detail">\n';
-				tag += '			<div><p>' + item.questContent + '</p></div>\n';
+				tag += '			<div><p>' + item.questContent.escapeHtml() + '</p></div>\n';
 				
 				if (!gagajf.isNull(item.sysFileNm1) || !gagajf.isNull(item.sysFileNm2)) {
 					tag += '		<p class="img_group">\n';

src/main/webapp/WEB-INF/views/mob/goods/CardPrmtFormMob.html

@@ -41,7 +41,7 @@
 											</th:block>
 											<th:block th:unless="${cardInfo.dcGb == '3'}">
 											<p th:text="${#numbers.formatInteger(cardInfo.dcVal, 0,'COMMA')+ cardInfo.dcWayNm + ' ' + cardInfo.prmtGbNm}">5% 즉시할인</p>
-											<p th:text="${cardInfo.minPayAmt + '만원 이상 구매 시 최대 ' + #numbers.formatInteger(cardInfo.maxDcAmt, 0,'COMMA') + '원 할인 '}">7만원 이상 구매 시 최대 5만원 할인</p>
+											<p th:text="${#numbers.formatInteger(cardInfo.minPayAmt, 0,'COMMA')  + '원 이상 구매 시 최대 ' + #numbers.formatInteger(cardInfo.maxDcAmt, 0,'COMMA') + '원 할인 '}">7만원 이상 구매 시 최대 5만원 할인</p>
 											</th:block>
 											<th:block th:if="${not #strings.isEmpty(cardInfo.linkUrl)}"><a th:href="${cardInfo.linkUrl}" target="_blank" class="link" >자세히보기</a></th:block>
 										</div>

src/main/webapp/WEB-INF/views/mob/goods/GoodsDetailQnaFormMob.html

@@ -102,7 +102,7 @@
 			}
 			tag += '						</span>\n';
 			tag += '					</div>\n';
-			tag += '					<div class="lap2"><span>' + item.questContent + '</span></div>\n';
+			tag += '					<div class="lap2"><span>' + item.questContent.escapeHtml() + '</span></div>\n';
 			tag += '					<span class="id">'+ item.maskingCustId+'</span><span class="data">' + item.questDt + '</span>\n';
 			tag += '				</div>\n';
 			tag += '			</div>\n';
@@ -111,7 +111,7 @@
 			tag += '	<div class="fold_cont">\n';
 			tag += '		<div class="fold_detail">\n'; //문의 내용
 			tag += '			<div>\n';
-			tag += '				<p>' + item.questContent.replaceAll("\n", "</br>") + '</p>\n';
+			tag += '				<p>' + item.questContent.replaceAll("\n", "</br>").escapeHtml() + '</p>\n';
 			tag += '			</div>\n';
 			tag += '		</div>\n';
 			

src/main/webapp/WEB-INF/views/web/callcenter/GoodsQnaFormWeb.html

@@ -120,7 +120,7 @@
 				tag += '				<span class="fold_state ' + (item.ansStat == "G060_10" ? "doing" : "done") + '">' + item.ansStatNm + '</span>\n'; //답변완료 : done / 처리중 : doing
 				tag += '				<div class="fold_tit">\n';
 				tag += '					<span class="prod">' + item.goodsNm + ' ' + item.relGoodsCd + '</span>\n';
-				tag += '					<span>' + item.questContent + '</span>\n';
+				tag += '					<span>' + item.questContent.escapeHtml() + '</span>\n';
 				tag += '				</div>\n';
 				tag += '				<span class="data">' + item.questDt + '</span>\n';
 				tag += '			</div>\n';
@@ -129,7 +129,7 @@
 				tag += '	<div class="fold_cont" style="display: none;">\n';
 				tag += '		<div class="fold_detail">\n'; //문의 내용
 				tag += '			<div>\n';
-				tag += '				<p>' + item.questContent + '</p>\n';
+				tag += '				<p>' + item.questContent.escapeHtml() + '</p>\n';
 				tag += '			</div>\n';
 				
 				if (item.ansStat == 'G060_20') { // 답변완료일 때

src/main/webapp/WEB-INF/views/web/callcenter/NoticeFormWeb.html

@@ -120,7 +120,7 @@
 				tag += '	</div>\n';
 				tag += '	<div class="fold_cont" style="display: none;">\n';
 				tag += '		<div class="fold_detail">\n';
-				tag += '			<div>' + item.noticeContent + '</div>\n';
+				tag += '			<div>' + item.noticeContent.escapeHtml() + '</div>\n';
 				tag += '		</div>\n';
 				tag += '	</div>\n';
 				tag += '</li>\n';

src/main/webapp/WEB-INF/views/web/callcenter/OneToOneQnaFormWeb.html

@@ -192,7 +192,7 @@
 				tag += '	<div class="fold_cont" style="display: none;">\n';
 				tag += '		<div class="fold_detail">\n'; //문의 내용
 				tag += '			<div>\n';
-				tag += '				<p>' + item.questContent + '</p>\n';
+				tag += '				<p>' + item.questContent.escapeHtml() + '</p>\n';
 				
 				if (!gagajf.isNull(item.sysFileNm1) || !gagajf.isNull(item.sysFileNm2)) {
 					tag += '				<p class="img_group">\n';

src/main/webapp/WEB-INF/views/web/goods/CardPrmtFormWeb.html

@@ -43,7 +43,7 @@
 											</th:block>
 											<th:block th:unless="${cardInfo.dcGb == '3'}">
 											<p th:text="${#numbers.formatInteger(cardInfo.dcVal, 0,'COMMA')+ cardInfo.dcWayNm + ' ' + cardInfo.prmtGbNm}">5% 즉시할인</p>
-											<p th:text="${cardInfo.minPayAmt + '만원 이상 구매 시 최대 ' + #numbers.formatInteger(cardInfo.maxDcAmt, 0,'COMMA') + '원 할인 '}">7만원 이상 구매 시 최대 5만원 할인</p>
+											<p th:text="${#numbers.formatInteger(cardInfo.minPayAmt, 0,'COMMA') + '원 이상 구매 시 최대 ' + #numbers.formatInteger(cardInfo.maxDcAmt, 0,'COMMA') + '원 할인 '}">7만원 이상 구매 시 최대 5만원 할인</p>
 											</th:block>
 											
 										</div>

src/main/webapp/WEB-INF/views/web/goods/GoodsDetailQnaFormWeb.html

@@ -102,7 +102,7 @@
 				tag += '			<div>\n';
 				tag += '				<span class="fold_state ' + (item.ansStat == "G060_10" ? "doing" : "done") + '">' + item.ansStatNm + '</span>\n'; //답변완료 : done / 처리중 : doing
 				tag += '				<div class="fold_tit">\n';
-				tag += '					<span>' + item.questContent + '</span>\n';
+				tag += '					<span>' + item.questContent.escapeHtml() + '</span>\n';
 				if (item.selfGb == 1){
 				tag += '					<i class="ico ico_myqna"></i>\n';	//내가 쓴 글에 추가되는 아이콘
 				}
@@ -120,7 +120,7 @@
 				tag += '	<div class="fold_cont" style="display: none;">\n';
 				tag += '		<div class="fold_detail">\n'; //문의 내용
 				tag += '			<div>\n';
-				tag += '				<p>' + item.questContent.replaceAll("\n", "</br>") + '</p>\n';
+				tag += '				<p>' + item.questContent.replaceAll("\n", "</br>").escapeHtml() + '</p>\n';
 				tag += '			</div>\n';
 				tag += '		</div>\n';
 				

src/main/webapp/WEB-INF/views/web/planning/PlanningDetailFormWeb.html

@@ -826,7 +826,7 @@ var fnSearchCallback = function (result) {
 				 }
 				
 				 html += '			</div>';
-				 html += '			<p>'+escapeHtml(item.entryVal1)+'</p>';
+				 html += '			<p>'+item.entryVal1.escapeHtml()+'</p>';
 				 if (item.entryCustNo == result.custNo) {
 					 html += '			<button class="btn btn_default btn_del" value="'+item.planEntrySq+'" onclick="fnDelReply(this.value)"><span>삭제</span></button>';
 				 }
@@ -851,18 +851,6 @@ var fnSearchCallback = function (result) {
 	gagaPaging.createPagination(result.paging.pageable);
 }
 
-function escapeHtml(str) {
-	var map = {
-		'&': '&amp;',
-		'<': '&lt;',
-		'>': '&gt;',
-		'"': '&quot;',
-		"'": '&#039;'
-	};
-	return str.replace(/[&<>"']/g, function(m) { return map[m]; });
-}
-
-
 // 댓글 삭제
 var fnDelReply = function(obj) {
 	

src/main/webapp/ux/plugins/gaga/gaga.common.js

@@ -377,3 +377,24 @@ String.prototype.addComma = function(decimalPosition) {
 String.prototype.removeComma = function() {
 	return this.replace(/,/gi,"");
 }
+
+/**
+ * @type   : prototype_function
+ * @access : public
+ * @desc   : 자바스크립트의 내장 객체인 String 객체에 &,<,>,",' 브라우져 출력용 변환한다.
+ * <pre>
+ *     "<문자열>".escapeHtml();
+ * </pre>
+ * @return : 콤마(,)가 제거된 스트링
+ * @author : gagamel
+ */
+String.prototype.escapeHtml = function() {
+	var map = {
+		'&': '&amp;',
+		'<': '&lt;',
+		'>': '&gt;',
+		'"': '&quot;',
+		"'": '&#039;'
+	};
+	return this.replace(/[&<>"']/g, function(m) { return map[m]; });
+}