Merge remote-tracking branch '112.172.147.34/style' into ST24PRJ-198(다다익선등록오류)

src/main/java/com/style24/front/biz/service/TsfCartService.java

@@ -9,7 +9,6 @@ import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 
-import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Service;
@@ -659,6 +658,15 @@ public class TsfCartService {
 			}
 		} else {
 			// 다다익선 진행중이 아니면 장바구니 조회한 금액으로 설정
+			// 다다익선 할인 정보 및 상품 정보 장바구니에 등록
+			for (Order cart : cartGoodsList) {
+				cart.setTmtbDcAmt(cart.getCurrPrice());
+				if (cart.getPntRate() > 0) {
+					cart.setSavePntAmt((int)(cart.getTmtbDcAmt() * cart.getPntRate() / 100.0));
+				} else {
+					cart.setSavePntAmt(0);
+				}
+			}
 		}
 
 		// 자사 / 입점업체 리스트 분리

src/main/java/com/style24/front/biz/service/TsfCounselService.java

@@ -220,6 +220,7 @@ public class TsfCounselService {
 	 */
 	@Transactional("shopTxnManager")
 	public void createGoodsQna(Counsel counsel) {
+		counsel.setQuestContent(counsel.getQuestContent().replaceAll("(?i)script", ""));
 		counsel.setSiteCd(TscConstants.Site.STYLE24.value());
 		counsel.setCustNo(TsfSession.getInfo().getCustNo());
 		counsel.setCellPhnno(TsfSession.getInfo().getCellPhnno());

src/main/java/com/style24/front/biz/service/TsfDisplayService.java

@@ -301,6 +301,7 @@ public class TsfDisplayService {
 					cate1.setCate1No(cate4srch1.getCate1No());
 					cate1.setCate1Nm(cate4srch1.getCate1Nm());
 					cate1.setFormalGb(cate4srch1.getFormalGb());
+					cate1.setDispOrd(cate4srch1.getDispOrd());
 
 					Collection<Cate2> cate2List = new ArrayList<Cate2>();
 					for (Cate4Srch cate4srch2 : cateList) {
@@ -314,6 +315,7 @@ public class TsfDisplayService {
 								cate2.setCate2Nm(cate4srch2.getCate2Nm());
 								cate2.setCate1No(cate4srch2.getCate1No());
 								cate2.setFormalGb(cate4srch2.getFormalGb());
+								cate2.setDispOrd(cate4srch2.getDispOrd());
 
 								Collection<Cate3> cate3List = new ArrayList<Cate3>();
 								for (Cate4Srch cate4srch3 : cateList) {
@@ -328,6 +330,7 @@ public class TsfDisplayService {
 											cate3.setCate1No(cate4srch3.getCate1No());
 											cate3.setCate2No(cate4srch3.getCate2No());
 											cate3.setFormalGb(cate4srch3.getFormalGb());
+											cate3.setDispOrd(cate4srch3.getDispOrd());
 
 											Collection<Cate4> cate4List = new ArrayList<Cate4>();
 											for (Cate4Srch cate4srch4 : cateList) {
@@ -343,6 +346,7 @@ public class TsfDisplayService {
 														cate4.setCate2No(cate4srch4.getCate2No());
 														cate4.setCate3No(cate4srch4.getCate3No());
 														cate4.setFormalGb(cate4srch4.getFormalGb());
+														cate4.setDispOrd(cate4srch4.getDispOrd());
 
 														Collection<Cate5> cate5List = new ArrayList<Cate5>();
 														for (Cate4Srch cate4srch5 : cateList) {
@@ -359,6 +363,7 @@ public class TsfDisplayService {
 																	cate5.setCate3No(cate4srch5.getCate3No());
 																	cate5.setCate4No(cate4srch5.getCate4No());
 																	cate5.setFormalGb(cate4srch5.getFormalGb());
+																	cate5.setDispOrd(cate4srch5.getDispOrd());
 																	cate5.setLeafYn("Y");
 																	cate5List.add(cate5);
 																}

src/main/java/com/style24/front/biz/service/TsfPlanningService.java

@@ -601,6 +601,7 @@ public class TsfPlanningService {
 	public void saveEntryReply(Plan plan) {
 		int custNo = TsfSession.getInfo().getCustNo();
 		plan.setCustNo(custNo);
+		plan.setEntryVal1(plan.getEntryVal1().replaceAll("(?i)script", ""));
 		planningDao.saveEntryReply(plan);
 
 		//이미지등록

src/main/java/com/style24/front/biz/service/TsfReviewService.java

@@ -176,6 +176,8 @@ public class TsfReviewService {
 		
 		String resultStr = "SUCESS";
 		
+		review.setReviewContent(review.getReviewContent().replaceAll("(?i)script",""));
+		
 		review.setDispYn("Y");
 		review.setDelYn("N");
 		review.setConfirmYn("Y");
@@ -333,6 +335,7 @@ public class TsfReviewService {
 		review.setRegNo(TsfSession.getInfo().getCustNo());
 		review.setUpdNo(TsfSession.getInfo().getCustNo());		
 		//review.setConfirmYn("Y");
+		review.setReviewContent(review.getReviewContent().replaceAll("(?i)script",""));
 		review.setReviewGb("R");
 		reviewDao.updateMypageReview(review);
 		reviewDao.reviewAttachDelete(review);

src/main/java/com/style24/front/biz/web/TsfDisplayController.java

@@ -22,6 +22,8 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.type.TypeFactory;
 import com.gagaframework.web.parameter.GagaMap;
 import com.gagaframework.web.util.GagaCookieUtil;
 import com.style24.core.biz.service.TscEnvsetService;
@@ -41,7 +43,11 @@ import com.style24.front.support.security.session.TsfSession;
 import com.style24.persistence.TscPageRequest;
 import com.style24.persistence.domain.BrandGroup;
 import com.style24.persistence.domain.Cate1;
+import com.style24.persistence.domain.Cate2;
+import com.style24.persistence.domain.Cate3;
+import com.style24.persistence.domain.Cate4;
 import com.style24.persistence.domain.Cate4Srch;
+import com.style24.persistence.domain.Cate5;
 import com.style24.persistence.domain.Contents;
 import com.style24.persistence.domain.GnbTab;
 import com.style24.persistence.domain.Goods;
@@ -836,7 +842,9 @@ public class TsfDisplayController extends TsfBaseController {
 		cate1.setSiteCd(TscConstants.Site.STYLE24.value());
 		cate1.setCateGb("G032_101");
 		cate1.setCate1No(params.getCate1No());
-		mav.addObject("cateList", diquest.getCategoryList(cate1));
+		Collection<Cate1> diquestCateList = getSortCategoryList(cate1);
+		mav.addObject("cateList", diquestCateList);
+		
 		if (params.getBrandGroupNo() != null && params.getBrandGroupNo() > 0) {
 			cate1.setCate1No(null);
 			mav.addObject("brandCateList", diquest.getCategoryList(cate1));
@@ -1566,7 +1574,9 @@ public class TsfDisplayController extends TsfBaseController {
 		cate1.setCateGb("G032_101");
 //		cate1.setCate1No(params.getCate1No());
 
-		return diquest.getCategoryList(cate1);
+		Collection<Cate1> diquestCateList = getSortCategoryList(cate1);
+		//return diquest.getCategoryList(cate1);
+		return diquestCateList;
 	}
 
 	/**
@@ -1620,4 +1630,104 @@ public class TsfDisplayController extends TsfBaseController {
 
 		return mav;
 	}
+	
+	/**
+	 * 검색어 연관 상품 추천 목록
+	 * @return
+	 * @author jmh
+	 * @since 2021. 12. 16
+	 */
+	public Collection<Cate1> getSortCategoryList(SearchEngine cate1) {
+		
+		Collection<Cate1> diquestCateList = diquest.getCategoryList(cate1);
+		Collection<Cate1> dbCateList = displayService.getAllCategoryList(TsfConstants.CateGb.BYITEM.value());// envsetInfo.getAllCateList();
+		
+		// 21.12.16 메뉴 노출 순서 정렬요청 (검색엔진에 order by로 정렬해서 내려달라고 했으나, 추가 개발건이라고 유지보수로 해줄 수 없다고 함.) 
+		ObjectMapper mapper = new ObjectMapper();
+		Collection<Cate1> dbList =  mapper.convertValue(dbCateList, TypeFactory.defaultInstance().constructCollectionType(Collection.class, Cate1.class));
+		Collection<Cate1> sortCate1List = new ArrayList<Cate1>();
+		Collection<Cate2> sortCate2List = new ArrayList<Cate2>();
+		Collection<Cate3> sortCate3List = new ArrayList<Cate3>();
+		Collection<Cate4> sortCate4List = new ArrayList<Cate4>();
+		Collection<Cate5> sortCate5List = new ArrayList<Cate5>();
+		
+		for(Cate1 dbCate1 : dbList) {
+			for( Cate1 diqCate1 : diquestCateList ) {
+				if(dbCate1.getCate1No().equals(diqCate1.getCate1No())) {
+					
+					// Cate2 정렬 시작
+					sortCate2List = new ArrayList<Cate2>();
+					if( null != dbCate1.getCate2List() && null != diqCate1.getCate2List()) {
+						for( Cate2 dbCate2 : dbCate1.getCate2List()) {
+							for( Cate2 diqCate2 : diqCate1.getCate2List()) {
+								if( dbCate2.getCate2No().equals(diqCate2.getCate2No())) {
+									
+									// Cate3 정렬 시작
+									sortCate3List = new ArrayList<Cate3>();
+									if( null != dbCate2.getCate3List() && null != diqCate2.getCate3List()) {
+										for( Cate3 dbCate3 : dbCate2.getCate3List()) {
+											for( Cate3 diqCate3 : diqCate2.getCate3List()) {
+												if( dbCate3.getCate3No().equals(diqCate3.getCate3No())) {
+													
+													
+													// Cate4 정렬 시작
+													sortCate4List = new ArrayList<Cate4>();
+													if( null != dbCate3.getCate4List() && null != diqCate3.getCate4List()) {
+														for( Cate4 dbCate4 : dbCate3.getCate4List()) {
+															for( Cate4 diqCate4 : diqCate3.getCate4List()) {
+																if( dbCate4.getCate4No().equals(diqCate4.getCate4No())) {
+																	
+																	// Cate5 정렬 시작
+																	sortCate5List = new ArrayList<Cate5>();
+																	if( null != dbCate4.getCate5List() && null != diqCate4.getCate5List()) {
+																		for( Cate5 dbCate5 : dbCate4.getCate5List()) {
+																			for( Cate5 diqCate5 : diqCate4.getCate5List()) {
+																				if( dbCate5.getCate4No().equals(diqCate5.getCate4No())) {
+																					sortCate5List.add(diqCate5);
+																					break;
+																				}
+																			}
+																		}
+																	}
+																	
+																	// Cate3 정렬
+																	diqCate4.setCate5List(sortCate5List);
+																	
+																	sortCate4List.add(diqCate4);
+																	break;
+																}
+															}
+														}
+													}
+													
+													// Cate3 정렬
+													diqCate3.setCate4List(sortCate4List);
+													
+													sortCate3List.add(diqCate3);
+													break;
+												}
+											}
+										}
+									}
+									// Cate3 정렬
+									diqCate2.setCate3List(sortCate3List);
+									
+									sortCate2List.add(diqCate2);
+									break;
+								}
+							}
+						}
+					}
+					// Cate2 정렬
+					diqCate1.setCate2List(sortCate2List);
+					
+					// Cate1 정렬
+					sortCate1List.add(diqCate1);
+					break;
+				}
+			}
+		}
+		
+		return sortCate1List;
+	}
 }

src/main/webapp/WEB-INF/views/mob/callcenter/FaqFormMob.html

@@ -115,6 +115,10 @@
 		$('#btnFaqMore').trigger('click');
 	}
 	
+	String.prototype.unescapeHtml = function(){	//XSS변환
+		  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+	};
+	
 	// FAQ 목록 콜백함수
 	var fnGetListCallback = function(result) {
 		if (result.dataList != null && result.dataList.length > 0) {
@@ -134,7 +138,7 @@
 				tag += '	</div>\n';
 				tag += '	<div class="fold_cont">\n';
 				tag += '		<div class="fold_answer">\n';
-				tag += '			<div class="answer_body">' + item.answer.escapeHtml().replace(/\n/g,'<br/>') + '</div>\n';
+				tag += '			<div class="answer_body">' + item.answer.unescapeHtml().replace(/\n/g,'<br/>') + '</div>\n';
 				tag += '		</div>\n';
 				tag += '	</div>\n';
 				tag += '</li>\n';

src/main/webapp/WEB-INF/views/mob/callcenter/NoticeFormMob.html

@@ -87,7 +87,7 @@
 				
 // 				tag += '						<span class="prod">공지</span>\n';
 				tag += '					</div>\n';
-				tag += '					<div class="lap2"><span>' + item.noticeTitle.escapeHtml() + '</span></div>\n';
+				tag += '					<div class="lap2"><span>' + item.noticeTitle.replaceAll('&lt;','<').replaceAll('&gt;', '>').replaceAll('&quot;', '"').replaceAll('&amp;nbsp;', ' ') + '</span></div>\n';
 				tag += '				</div>\n';
 				tag += '				<span class="data">' + item.regDt.toDate("YYYYMMDD").format("YYYY.MM.DD") + '</span>\n';
 				tag += '			</div>\n';

src/main/webapp/WEB-INF/views/mob/goods/GoodsDetailQnaFormMob.html

@@ -71,6 +71,10 @@
 		//$('#layer_goods_qna_reg').find('.close-modal').trigger("click");
 		gagajf.ajaxFormSubmit($('#goodsQnaForm').prop('action'), '#goodsQnaForm', fnGetListCallback);
 	}
+	
+	String.prototype.unescapeHtml = function(){
+		  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+	};
 
 	var fnGetListCallback = function(result) {
 
@@ -104,7 +108,7 @@
 				}
 				tag += '						</span>\n';
 				tag += '					</div>\n';
-				tag += '					<div class="lap2"><span>' + item.questContent.escapeHtml() + '</span></div>\n';
+				tag += '					<div class="lap2"><span>' + item.questContent.unescapeHtml() + '</span></div>\n';
 				tag += '					<span class="id">'+ item.maskingCustId+'</span><span class="data">' + item.questDt + '</span>\n';
 				tag += '				</div>\n';
 				tag += '			</div>\n';
@@ -113,7 +117,7 @@
 				tag += '	<div class="fold_cont">\n';
 				tag += '		<div class="fold_detail">\n'; //문의 내용
 				tag += '			<div>\n';
-				tag += '				<p>' + item.questContent.escapeHtml() + '</p>\n';
+				tag += '				<p>' + item.questContent.unescapeHtml() + '</p>\n';
 				tag += '			</div>\n';
 				tag += '		</div>\n';
 				

src/main/webapp/WEB-INF/views/mob/mypage/MypageReviewCreateFormMob.html

@@ -524,7 +524,7 @@ $(function(){
 		 rating(reviewScore-1);
 		$("#reviewForm input[name=height]").val(reviewList.height);
 		$("#reviewForm input[name=weight]").val(reviewList.weight);
-		$("#reviewForm textarea[name=reviewContent]").val(reviewList.reviewContent.escapeHtml());
+		$("#reviewForm textarea[name=reviewContent]").val(reviewList.reviewContent.unescapeHtml());
 		if(reviewList.scoreSize == "1"){
 			$('#reviewForm input:radio[name=scoreSize]:radio[value="1"]').prop('checked', true);
 		}else if(reviewList.scoreSize == "2"){
@@ -707,6 +707,10 @@ function handleOnInput(el, maxlength) {
 			el.value = el.value.substr(0, maxlength);
 		}
 	}
+	
+String.prototype.unescapeHtml = function(){	//XSS변환
+	  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+};
 </script>
 <script>
 	//210524_ 추가 : textarea focus시 outline 색상 넣는 스크립트

src/main/webapp/WEB-INF/views/mob/planning/PlanningDetailFormMob.html

@@ -21,10 +21,10 @@
 <th:block layout:fragment="content">
 
 <!-- 이벤트를 위한 임시 script 및 style 추가 시작 (21.10.22 by junghwan)  -->
-<link rel="stylesheet" th:href="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.css'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56">
+<link rel="stylesheet" th:href="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.css'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56 or ${planInfo.planSq}==63">
 <!-- <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43"></script> -->
-<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.min.js'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56"></script>
-<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/mo/js/all.min.js'" th:if="${planInfo.planSq}==49"></script>
+<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.min.js'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56 or ${planInfo.planSq}==63"></script>
+<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/mo/js/all.min.js'" th:if="${planInfo.planSq}==49 or ${planInfo.planSq}==63"></script>
 
 <!-- 스타일데이 -->
 <script src="https://mattstow.com/experiment/responsive-image-maps/jquery.rwdImageMaps.min.js" th:if="${planInfo.planSq}==38"></script>
@@ -271,6 +271,55 @@ background-color: #fff;text-align: center;}
     .linkBox_right2 img{max-width:300px; width:100%;}
     .gift-modal-info{position:absolute; top:60px;}
 </style>
+<!-- 유아동브랜드 Holiday 사은품이벤트 -->
+<script th:if="${planInfo.planSq}==63">
+    let slider = $('.gift_slider').bxSlider(
+        {
+            wrapperClass: 'giftwrap', 
+            auto: true, 
+            speed: 300, 
+            controls: false,
+        }
+    );
+    $(document).on('click','.bx-next, .bx-prev',function() {
+    	slider.stopAuto();
+    	slider.startAuto();
+    });
+    $(document).ready(function () {
+        $("#modal-gift").click(function () {
+            $("#giftPop").css('display', 'block');
+            $("body").addClass('ohidden');
+        });
+        $("#close-modal").click(function () {
+            $("#giftPop").css('display', 'none');
+            $("body").removeClass('ohidden');
+            location.reload(true);
+        });
+    });
+</script>
+<style type="text/css" th:if="${planInfo.planSq}==63">
+    .pm_gift_box1{padding:5rem 0; background:#333231; text-align:center;}
+    .pm_gift_box1 img{max-width:960px; width:100%;}
+    .pm_gift_box2{padding:2rem 0 5rem; background:#70121e; text-align:center;}
+    .pm_gift_box2 img{max-width:960px; width:100%;}
+    .pm_gift_red{padding:2rem 0 4rem; background:#af1c2f; background-size: cover; text-align:center;}
+    .giftwrap{position:relative; max-width:860px; width:100%; margin-bottom:40px; text-align: center;}
+    .giftwrap .bx-pager{position:absolute; width:100%; left:50%; bottom:-20px; transform:translateX(-50%);}
+    .giftwrap .bx-pager div{display:inline-block;padding:0 3px;}
+    .giftwrap .bx-pager div a{display:block; width:6px; height:6px; background:#fff; border-radius:100%; color:transparent; font-size:0px;}
+    .giftwrap .bx-pager div .active{background:#000;}        
+    .gift_slider li{text-align:right;}
+    #giftPop {position: fixed; top: 0; right: 0;bottom: 0;left: 0;width: 100%;height: 100%;overflow: auto;z-index: 999;padding: 0;box-sizing: border-box;
+    background-color: #fff;text-align: center;}
+    .ohidden{overflow:hidden;}
+    .gift-modal-info{position:absolute; top:52px;}
+    .gift_box{margin:3rem auto 2rem; max-width:1080px;}
+    .gift_box .gift_section{width:100%; width:auto; padding:0 2rem;}
+    .gift_box p{font-size:18px;}
+    .gift_box .gift_section{position:relative;}
+    .gift_box .gift_section #modal-gift{position:absolute; bottom:2rem; left:50%; transform: translateX(-50%); max-width:15rem;;}
+    .gift_box .gift_section #modal-gift img{width:100%;}
+</style>   
 <!-- 이벤트를 위한 임시 script 및 style 추가 종료 (21.10.22 by junghwan)  -->
 
 <main role="" id="" class="container dp">
@@ -533,6 +582,10 @@ let replyAttachList = [[${replyAttachList}]];
 let planCornerGoodsList = [[${planCornerGoodsList}]];
 let planCornerList = [[${planCornerList}]];
 
+String.prototype.unescapeHtml = function(){
+	  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+};
+
 var ajaxReplyList = function () {
 	gagaPaging.init('searchForm', fnSearchCallback, 'paging', 10);
 	gagaPaging.load(1);
@@ -570,7 +623,7 @@ var fnSearchCallback = function (result) {
 						}
 						html += '			</div>';
 					}
-					html += '			<p>'+item.entryVal1.escapeHtml()+'</p>';
+					html += '			<p>'+item.entryVal1.unescapeHtml()+'</p>';
 					html += '		</div>';
 					html += '	</li>';
 			 });
@@ -719,7 +772,7 @@ if (notice.length>0) {
 	html += '	<div class="announce_list">';
 	html += '		<ul>';
 	$.each(notice, function(idx, item)  {
-	html += '			<li>' +item.itemVal.escapeHtml();+ '</li>';
+	html += '			<li>' +item.itemVal.unescapeHtml();+ '</li>';
 	});
 	html += '		</ul>';
 	html += '	</div>';
@@ -1187,25 +1240,25 @@ if(template.length>0){
 			html += '		</div>\n';
 			html += '		<div class="announce_list">\n';
 			html += '			<ul>\n';
-			html += '                  <li>' + couponContent[0].cpnNote0.escapeHtml(); +'</li>\n';
+			html += '                  <li>' + couponContent[0].cpnNote0.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote1 != null && couponContent[0].cpnNote1 != '')
-				html += '                  <li>' + couponContent[0].cpnNote1.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote1.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote2 != null && couponContent[0].cpnNote2 != '')
-				html += '                  <li>' + couponContent[0].cpnNote2.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote2.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote3 != null && couponContent[0].cpnNote3 != '')
-				html += '                  <li>' + couponContent[0].cpnNote3.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote3.unescapeHtml; +'</li>\n';
 			if(couponContent[0].cpnNote4 != null && couponContent[0].cpnNote4 != '')
-				html += '                  <li>' + couponContent[0].cpnNote4.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote4.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote5 != null && couponContent[0].cpnNote5 != '')
-				html += '                  <li>' + couponContent[0].cpnNote5.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote5.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote6 != null && couponContent[0].cpnNote6 != '')
-				html += '                  <li>' + couponContent[0].cpnNote6.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote6.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote7 != null && couponContent[0].cpnNote7 != '')
-				html += '                  <li>' + couponContent[0].cpnNote7.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote7.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote8 != null && couponContent[0].cpnNote8 != '')
-				html += '                  <li>' + couponContent[0].cpnNote8.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote8.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote9 != null && couponContent[0].cpnNote9 != '')
-				html += '                  <li>' + couponContent[0].cpnNote9.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote9.unescapeHtml(); +'</li>\n';
 			html += '			</ul>\n';
 			html += '		</div>\n';
 			html += '	</div>\n';

src/main/webapp/WEB-INF/views/web/callcenter/FaqFormWeb.html

@@ -168,6 +168,11 @@
 		// Load data
 		gagaPaging.load(1);
 	}
+	
+	String.prototype.unescapeHtml = function(){
+		  return this.replace(/&amp;/g, "&").replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&quot;/g, "\"");
+	};
+	
 	var idx = 1;
 	var fnGetListCallback = function(result) {
 		$('#ulFaq').html('');
@@ -180,14 +185,14 @@
 				tag += '			<div>\n';
 				tag += '				<span class="fold_state">' + item.faqTypeNm + '</span>\n';
 				tag += '				<div class="fold_tit">\n';
-				tag += '					<span>' + item.question + '</span>\n';
+				tag += '					<span>' + item.question.unescapeHtml() + '</span>\n';
 				tag += '				</div>\n';
 				tag += '			</div>\n';
 				tag += '		</a>\n';
 				tag += '	</div>\n';
 				tag += '	<div class="fold_cont" style="display: none;">\n';
 				tag += '		<div class="fold_answer">\n';
-				tag += '			<div>' + item.answer + '</div>\n';
+				tag += '			<div>' + item.answer.replaceAll('&lt;','<').replaceAll('&gt;', '>').replaceAll('&quot;', '"').replaceAll('&amp;nbsp;', ' ') + '</div>\n';
 				tag += '		</div>\n';
 				tag += '	</div>\n';
 				tag += '</li>\n';
@@ -228,7 +233,7 @@
 		let answer = $(obj).data('answer');
 		if (!gagajf.isNull(answer)) {
 			$('#faqTypeNm').html('[' + answer.substring(0, answer.indexOf('|')) + ']');
-			$('#faqAnswer').html('<span>답변 내용은 아래와 같습니다.</span>' + answer.substring(answer.indexOf('|') + 1).escapeHtml().replace(/\n/g,'<br/>'));
+			$('#faqAnswer').html('<span>답변 내용은 아래와 같습니다.</span>' + answer.substring(answer.indexOf('|') + 1).unescapeHtml().replace(/\n/g,'<br/>'));
 		}
 	}
 	

src/main/webapp/WEB-INF/views/web/callcenter/NoticeFormWeb.html

@@ -86,12 +86,10 @@
 		gagaPaging.load(1);
 	}
 	
-	String.prototype.unescapeHtml = function(){
+	String.prototype.unescapeHtml = function(){	//XSS변환
 	  return this.replace(/&amp;/g, "&").replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&quot;/g, "\"");
 	};
 
-
-
 	var idx = 1;
 	var fnGetListCallback = function(result) {
 		$('#ulNotice').html('');
@@ -119,7 +117,7 @@
 				
 // 				tag += '				<span class="fold_category">공지</span>\n';
 				tag += '				<div class="fold_tit">\n';
-				tag += '					<span>' + item.noticeTitle.escapeHtml() + '</span>\n';
+				tag += '					<span>' + item.noticeTitle.unescapeHtml() + '</span>\n';
 				tag += '				</div>\n';
 				tag += '				<span class="data">' + item.regDt.toDate("YYYYMMDD").format("YYYY.MM.DD") + '</span>\n';
 				tag += '			</div>\n';

src/main/webapp/WEB-INF/views/web/goods/GoodsDetailQnaFormWeb.html

@@ -83,6 +83,10 @@
 		gagaPaging.load(1);
 	}
 	
+	String.prototype.unescapeHtml = function(){	//XSS변환
+		  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+	};
+	
 	var fnGoodsQnaListCallback = function(result) {
 		$('#ulGoodsQna').html('');
 		$('#goodsQnaForm').find('.nodata').hide();
@@ -102,7 +106,7 @@
 				tag += '			<div>\n';
 				tag += '				<span class="fold_state ' + (item.ansStat == "G060_10" ? "doing" : "done") + '">' + item.ansStatNm + '</span>\n'; //답변완료 : done / 처리중 : doing
 				tag += '				<div class="fold_tit">\n';
-				tag += '					<span>' + item.questContent.escapeHtml() + '</span>\n';
+				tag += '					<span>' + item.questContent.unescapeHtml() + '</span>\n';
 				if (item.secretYn == "Y"){
 				tag += '					<i class="ico ico_secret"></i>\n';	//비밀글에 추가되는 아이콘
 				}
@@ -120,7 +124,7 @@
 				tag += '	<div class="fold_cont" style="display: none;">\n';
 				tag += '		<div class="fold_detail">\n'; //문의 내용
 				tag += '			<div>\n'; 
-				tag += '				<p>' + item.questContent.escapeHtml() + '</p>\n';
+				tag += '				<p>' + item.questContent.unescapeHtml() + '</p>\n';
 				tag += '			</div>\n';
 				tag += '		</div>\n';
 				

src/main/webapp/WEB-INF/views/web/mypage/MypageReviewCreateFormWeb.html

@@ -390,6 +390,10 @@ let photoPoint  = [[${reviewPoint.photoReviewPoint}]];
 var $starEls = $('#star button#starBtn');
 var rate = 1;
 
+String.prototype.unescapeHtml = function(){	//XSS변환
+	  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+};
+
 $starEls.each(function (index, el) {
     $(el).on('click', function () {
         rating(index);
@@ -651,7 +655,7 @@ $(document).ready(function() {
 		 rating(reviewScore-1);
 		$("#reviewForm input[name=height]").val(reviewList.height);
 		$("#reviewForm input[name=weight]").val(reviewList.weight);
-		$("#reviewForm textarea[name=reviewContent]").val(reviewList.reviewContent.escapeHtml());
+		$("#reviewForm textarea[name=reviewContent]").val(reviewList.reviewContent.unescapeHtml());
 		if(reviewList.scoreSize == "1"){
 			$('#reviewForm input:radio[name=scoreSize]:radio[value="1"]').prop('checked', true);
 		}else if(reviewList.scoreSize == "2"){

src/main/webapp/WEB-INF/views/web/mypage/MypageReviewFormWeb.html

@@ -110,6 +110,10 @@
 	<script src="/ux/plugins/gaga/gaga.paging.js"></script>
 	<script th:inline="javascript">
 	let attachList = [[${alreadyReviewAttach}]];
+	
+	String.prototype.unescapeHtml = function(){	//XSS변환
+		  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+	};
 	// 작성가능한 리뷰 클릭 시
 	$("#completeReview").click(function() {
 		$("#alreadyReview").removeClass("active");
@@ -337,7 +341,7 @@
 
 				}
 				html+='						<div class="txt_review_box"  id="admin_'+item.reviewSq+'">\n';
-				html+='							<p style="white-space:pre;">'+item.reviewContent.escapeHtml()+'</p>\n';
+				html+='							<p style="white-space:pre;">'+item.reviewContent.unescapeHtml()+'</p>\n';
 				html+='						</div>\n';
 
 				if (item.admRpl != null && item.admRpl != '') {
@@ -348,7 +352,7 @@
 					html+='									<span class="wr_date">'+item.admRplDt+'</span>\n';
 					html+='								</div>\n';
 					html+='								<div class="reply_txt">\n';
-					html+='									<p style="white-space:pre;">'+item.admRpl.escapeHtml()+'</p>\n';
+					html+='									<p style="white-space:pre;">'+item.admRpl.unescapeHtml()+'</p>\n';
 					html+='								</div>\n';
 					html+='							</div>\n';
 					html+='						</div>\n';

src/main/webapp/WEB-INF/views/web/planning/PlanningDetailFormWeb.html

@@ -19,10 +19,10 @@
 <th:block layout:fragment="content">
 <script src="https://developers.kakao.com/sdk/js/kakao.min.js"></script>
 <!-- 이벤트를 위한 임시 script 및 style 추가 시작 (21.10.22 by junghwan)  -->
-<link rel="stylesheet" th:href="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.css'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56">
+<link rel="stylesheet" th:href="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.css'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56 or ${planInfo.planSq}==63">
 <!-- <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43"></script> -->
-<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.min.js'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56"></script>
-<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/pc/js/all.min.js'" th:if="${planInfo.planSq}==49 or ${planInfo.planSq}==56"></script>
+<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/jquery.bxslider.min.js'" th:if="${planInfo.planSq}==38 or ${planInfo.planSq}==43 or ${planInfo.planSq}==49 or ${planInfo.planSq}==56 or ${planInfo.planSq}==63"></script>
+<script th:src="${@environment.getProperty('domain.uximage')} + '/ux/pc/js/all.min.js'" th:if="${planInfo.planSq}==49 or ${planInfo.planSq}==56 or ${planInfo.planSq}==63"></script>
 
 <!-- 스타일데이 -->
 <script src="https://mattstow.com/experiment/responsive-image-maps/jquery.rwdImageMaps.min.js" th:if="${planInfo.planSq}==38"></script>
@@ -189,6 +189,49 @@
 .gift_slider li{text-align:right;}
 .gift_slider li span{position:absolute; left:50%; bottom:30px; transform:translateX(-50%);}
 </style>
+<!-- 유아동브랜드 Holiday 사은품이벤트 -->
+<script th:if="${planInfo.planSq}==63">
+	openWindow = function() {
+		var popupX = (document.body.offsetWidth / 2) - (800 / 2);
+		var popupY= (window.screen.height / 2) - (700 / 2);
+		window.open('gift_popup.html', '', 'status=no, height=700, width=800, left='+ popupX + ', top='+ popupY + ', screenX='+ popupX + ', screenY= '+ popupY);
+		return;
+	}
+	let slider = $('.gift_slider').bxSlider(
+        {
+            wrapperClass: 'giftwrap', 
+            auto: true, 
+            speed: 300, 
+            nextText: '<i class="xi-angle-right-thin"></i>',
+            prevText: '<i class="xi-angle-left-thin"></i>',
+        }
+    );
+    $(document).on('click','.bx-next, .bx-prev',function() {
+        slider.stopAuto();
+        slider.startAuto();
+    });
+</script>
+<style th:if="${planInfo.planSq}==63">
+	.coner_item01 img {max-width:100%;}
+	.pm_gift_box1{padding:110px 0 70px; background:#333231; text-align:center;}
+	.pm_gift_box1 img{max-width:1080px;}
+	.pm_gift_red{padding:80px 0; background:#af1c2f; text-align:center;}
+	.pm_gift_red img{max-width:1080px;}
+	.giftwrap{position:relative; max-width:860px; width:100%; margin-bottom:80px; text-align: center;}
+	.giftwrap .bx-pager{position:absolute; left:50%; bottom:-40px; transform:translateX(-50%);}
+	.giftwrap .bx-pager div{display:inline-block;padding:0 3px;}
+	.giftwrap .bx-pager div a{display:block; width:6px; height:6px; background:#fff; border-radius:100%; color:transparent; font-size:0px;}
+	.giftwrap .bx-pager div .active{background:#000;}
+	.g_controls .bx-prev, .g_controls .bx-next{position:absolute;top:50%;transform:translateY(-50%);font-size:4rem;color:#fff;}
+	.g_controls .bx-prev{right:calc(100% + 40px);}
+	.g_controls .bx-next{left:calc(100% + 40px);}
+	.gift_box{margin:30px 0;}
+	.gift_box .gift_section{position:relative; max-width:860px; width:auto; margin:0 auto;}
+	.gift_box .gift_section #g-view{position:absolute; bottom:2rem; left:50%; transform: translateX(-50%);}
+	.gift_box p{font-size:18px;}
+	.gift_slider li{text-align:right;}
+	.gift_slider li span{position:absolute; left:50%; bottom:30px; transform:translateX(-50%);}
+</style>
 <!-- 이벤트를 위한 임시 script 및 style 추가 종료 (21.10.22 by junghwan)  -->
 
 <div id="container" class="container dp" th:with="frontUrl=${@environment.getProperty('domain.front')}, goodsView=${@environment.getProperty('upload.goods.view')}, planView=${@environment.getProperty('upload.image.view')}">
@@ -420,6 +463,10 @@ let replyAttachList = [[${replyAttachList}]];
 let planCornerGoodsList = [[${planCornerGoodsList}]];
 let planCornerList = [[${planCornerList}]];
 
+String.prototype.unescapeHtml = function(){	//XSS변환
+	  return this.replace(/&lt;/g, "<").replace(/&gt;/g, ">");
+};
+
 if(notice.length>0){
 	$("#G082_60").show();
 	
@@ -439,7 +486,7 @@ if(notice.length>0){
 	html += '            <div class="announce_list">\n';
 	html += '                <ul>\n';
 	$.each(notice, function(idx, item)  {
-		html += '				<li>' +item.itemVal.escapeHtml();+ '</li>\n';
+		html += '				<li>' +item.itemVal.unescapeHtml();+ '</li>\n';
 	});
 	html += '                </ul>\n';
 	html += '            </div>\n';
@@ -982,25 +1029,25 @@ if(template.length>0){
 			html += '            </div>\n                                                                ';
 			html += '            <div class="announce_list">\n                                           ';
 			html += '               <ul>\n';
-			html += '                  <li>' + couponContent[0].cpnNote0.escapeHtml(); +'</li>\n';
+			html += '                  <li>' + couponContent[0].cpnNote0.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote1 != null && couponContent[0].cpnNote1 != '')
-				html += '                  <li>' + couponContent[0].cpnNote1.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote1.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote2 != null && couponContent[0].cpnNote2 != '')
-				html += '                  <li>' + couponContent[0].cpnNote2.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote2.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote3 != null && couponContent[0].cpnNote3 != '')
-				html += '                  <li>' + couponContent[0].cpnNote3.escapeHtml(); +'</li>\n';	
+				html += '                  <li>' + couponContent[0].cpnNote3.unescapeHtml(); +'</li>\n';	
 			if(couponContent[0].cpnNote4 != null && couponContent[0].cpnNote4 != '')
-				html += '                  <li>' + couponContent[0].cpnNote4.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote4.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote5 != null && couponContent[0].cpnNote5 != '')
-				html += '                  <li>' + couponContent[0].cpnNote5.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote5.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote6 != null && couponContent[0].cpnNote6 != '')
-				html += '                  <li>' + couponContent[0].cpnNote6.escapeHtml();+'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote6.unescapeHtml();+'</li>\n';
 			if(couponContent[0].cpnNote7 != null && couponContent[0].cpnNote7 != '')
-				html += '                  <li>' + couponContent[0].cpnNote7.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote7.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote8 != null && couponContent[0].cpnNote8 != '')
-				html += '                  <li>' + couponContent[0].cpnNote8.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote8.unescapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote9 != null && couponContent[0].cpnNote9 != '')
-				html += '                  <li>' + couponContent[0].cpnNote9.escapeHtml(); +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote9.unescapeHtml(); +'</li>\n';
 			html += '               </ul>\n';
 			html += '            </div>                                                                '; 
 			html += '        </div>                                                                    '; 
@@ -1128,7 +1175,7 @@ var fnSearchCallback = function (result) {
 				 }
 				
 				 html += '			</div>\n';
-				 html += '			<p>'+item.entryVal1.escapeHtml()+'</p>\n';
+				 html += '			<p>'+item.entryVal1.unescapeHtml()+'</p>\n';
 				 if (item.entryCustNo == result.custNo) {
 					 html += '			<button class="btn btn_default btn_del" value="'+item.planEntrySq+'" onclick="fnDelReply(this.value)"><span>삭제</span></button>\n';
 				 }