KENT-WEB ¥µ¥Ý¡¼¥È¥³¡¼¥Ê¡¼ ²áµî¥í¥° [ 0359 ]

µ­»öNo¡§ 16814
Åê¹ÆÆü¡§ 2022/04/21(Thu) 22:32:39
¥¿¥¤¥È¥ë¡§ ÃíʸÆþÎÏ¥Ú¡¼¥¸¤Ç¤Î²þÎɤˤĤ¤¤Æ
ID¾ðÊó¡§ tmhk0722
Åê¹Æ¼Ô¡§ tomo
URL¡§ http://bodyvine.sakura.ne.jp

¤¤¤Ä¤â¤ªÀ¤ÏäˤʤäƤ¤¤Þ¤¹¡£
¸½ºß¡¢Åö¥·¥ç¥Ã¥×¤ËWEB MART¤òƳÆþ¤¹¤ë¤Ù¤¯¥È¥é¥¤Ãæ¤Ç¤¹¡£
³Æ¥Õ¥¡¥¤¥ë¤Î½¤Àµ¤äÀßÃÖ¡¢¥Ñ¡¼¥ß¥Ã¥·¥ç¥óÀßÄê¡¢¾¦ÉÊÅÐÏ¿¤Ê¤É´°Î»¤·¡¢º£¤ÏÃíʸÆþÎÏ¥Õ¥©¡¼¥à¤òÅöŹÍѤ˥«¥¹¥¿¥Þ¥¤¥º¤·¤Æ¤¤¤ë¤È¤³¤í¤Ç¤¹¡£

ÃíʸÆþÎÏ¥Ú¡¼¥¸(addr.html)¤È¡¢¤½¤ÎÆâÍƳÎǧ¥Ú¡¼¥¸(conf.html)Æâ¤ÎÃíʸ¼ÔÆþÎϾðÊó¤òÄɲᦺï½üÅù¤ò¤·¡¢Åö¥·¥ç¥Ã¥×ÍѤ˥«¥¹¥¿¥Þ¥¤¥º¤¬´°Î»¤·¤¿¤Î¤Ç¤¹¤¬¡¢£²ÅÀÌäÂ꤬¡£

­¡"¥í¡¼¥Þ»ú̾Á°"¤È"¥í¡¼¥Þ»ú½»½ê"¤ÎÆþÎÏÍó¤òÄɲä·¡¢É¬¿Ü¹àÌܤˤâ¤Ç¤­¤¿ÍͤʤΤǤ¹¤¬¡¢¤³¤Î2²Õ½ê¤Î¤ß¡¢Ì¤ÆþÎϤ¬¤¢¤Ã¤¿¾ì¹ç¤Î¡É̾Á°¤¬Ì¤ÆþÎϤǤ¹¡ÉÅù¤Î¥¢¥é¡¼¥È¤¬½Ð¤Þ¤»¤ó¡£
order.cgi¤ÎÆþÎÏ¥Á¥§¥Ã¥¯Éôʬ¤Î¡¢Ì¾Á°¤äÅÅÏÃÈÖ¹æ¤Ê¤É¤ÈƱ¤¸Íͤˡ¢if ($in{roman} eq '') { $er{roman} = '¥í¡¼¥Þ»ú̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }¤ÈÄɲä·¤¿¤Î¤Ç¤¹¤¬¡¢¤½¤ì¤Ç¤â¥¢¥é¡¼¥È¤Ï½Ð¤Þ¤»¤ó¡£¤â¤Ã¤È¾¤Î¤È¤³¤í¤Ë²¿¤«Äɲä¬É¬ÍפʤΤǤ·¤ç¤¦¤«¡©¤É¤³¤Ë²¿¤ò¤·¤¿¤é²þÁ±¤µ¤ì¤Þ¤¹¤Ç¤·¤ç¤¦¤«¡©

­¢²¾¤ËÁ´¤Æ¤Î¾ðÊó¤òÆþÎϤ·¤Æ¡¢³ÎÄêÃíʸ¤¹¤ë¥Ü¥¿¥ó¤ò²¡¤¹¤È¡¢Ãíʸ´°Î»¥Ú¡¼¥¸¤Ë¹Ô¤«¤º¡¢°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬¥Ö¥é¥¦¥¶¤Ë½Ð¤Þ¤¹¡£
Can't locate lib/jacode.pl in @INC (@INC contains: ./lib /usr/local/perl/5.32/lib/perl5/site_perl/5.32/mach /usr/local/perl/5.32/lib/perl5/site_perl/5.32 /usr/local/perl/5.32/lib/perl5/5.32/mach /usr/local/perl/5.32/lib/perl5/5.32) at order.cgi line 525.
For help, please send mail to the webmaster ([no address given]), giving this error message and the time and date of the error.

²¿¤«¡Ä½é¤á¤Æ¤ß¤ë¥¨¥é¡¼¤Ê¤Î¤Ç¶Ã¤¤¤Æ¤Þ¤¹¡£
¤É¤¦¤·¤¿¤é²þÁ±¤µ¤ì¤Þ¤¹¤Ç¤·¤ç¤¦¤«¡©

¤´¶µ¼¨Äº¤±¤ë¤È´ò¤·¤¤¤Ç¤¹¡£

µ­»öNo¡§ 16815
Åê¹ÆÆü¡§ 2022/04/22(Fri) 04:24:22
¥¿¥¤¥È¥ë¡§ Re: ÃíʸÆþÎÏ¥Ú¡¼¥¸¤Ç¤Î²þÎɤˤĤ¤¤Æ
ID¾ðÊó¡§ tmhk0722
Åê¹Æ¼Ô¡§ tomo
URL¡§ http://bodyvine.sakura.ne.jp

¤Á¤Ê¤ß¤Ë¡¢order.cgi¤Î¥¿¥°¤Ï²¼µ­¤Ë¤Ê¤ê¤Þ¤¹¡£

#!/usr/local/bin/perl

#¨£¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡
#¨¢ WEB MART : order.cgi - 2021/04/25
#¨¢ copyright (c) kentweb, 1997-2021
#¨¢ https://www.kent-web.com/
#¨¦¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡

# ¥â¥¸¥å¡¼¥ëÀë¸À
use strict;
use CGI::Carp qw(fatalsToBrowser);
use lib "./lib";
use CGI::Minimal;
use Crypt::RC4;

# ÀßÄê¥Õ¥¡¥¤¥ë¼è¤ê¹þ¤ß
require './init.cgi';
my %cf = set_init();

# ¥Ç¡¼¥¿¼õÍý
CGI::Minimal::max_read_size($cf{maxdata});
my $cgi = CGI::Minimal->new;
cgi_err('ÍÆÎÌ¥ª¡¼¥Ð¡¼') if ($cgi->truncated);
my %in = parse_form($cgi);

# ½èÍýʬ´ô
if ($in{mode} eq "law") { law_data(); }
if ($in{mode} eq "addr") { addr_form(); }
if ($in{mode} eq "conf") { conf_form(); }
if ($in{mode} eq "send") { send_form(); }
error("ÉÔÌÀ¤Ê½èÍý¤Ç¤¹");

#-----------------------------------------------------------
# ½»½êÆþÎϲèÌÌ (Step1)
#-----------------------------------------------------------
sub addr_form {
my %er = @_;

# back°À­¥Á¥§¥Ã¥¯
chk_back($in{back});

# Çãʪ¥Ç¡¼¥¿¼õÍý
my ($cart,$cust) = get_cookie();
if (@{$cart} == 0) { error("Çãʪ¥«¥´¤ÎÃæ¿È¤¬¶õ¤Ç¤¹"); }

# ¾¦Éʥǡ¼¥¿Ç§¼±
my %cart = get_data();

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# Á°²èÌ̤«¤é¤ÎÌá¤ê¤Î¾ì¹ç
my %c;
if ($in{job} eq "back" or %er != 0) {
%c = %in;

# Ìá¤ê¤Ç¤Ê¤¤¾ì¹ç¤Ï¸ÜµÒ¾ðÊó¤Î¥¯¥Ã¥­¡¼¼è¤ê½Ð¤·
} else {
# Éü¹æ
($c{name},$c{roman},$c{email},$c{zip},$c{pref},$c{addr},$c{addr2},$c{tel}) = decrypt_cust(@{$cust});
}

# ²þ¹ÔÉü¸µ
$c{addr} =~ s/\t/\n/g;
$c{addr2} =~ s/\t/\n/g;
$c{memo} =~ s/\t/\n/g;

# Á÷ÎÁ¤ÇÍ­½þ¤ÎÃ϶褬¤¢¤ë¤«¤ò¥Á¥§¥Ã¥¯
my ($flg,$remark);
foreach (0 .. $#{$cf{pref}}) {
my ($prf,$pri) = split(/,/,${$cf{pref}}[$_]);

if ($pri > 0) {
$flg++;
last;
}
}
if ($flg) { $remark = "(Á÷ÎÁÅù¤Ï¼¡²èÌ̤Ƿ׻»¤µ¤ì¤Þ¤¹)"; }

# »ÙʧÊýË¡
my $payment;
foreach (0 .. $#{$cf{payment}}) {
my ($pay,$cost) = split(/,/,${$cf{payment}}[$_]);

if (($in{payment} eq $_) || ($in{payment} eq "" && $_ == 0)) {
$payment .= qq|<input type="radio" name="payment" value="$_" checked>$pay<br>\n|;
} else {
$payment .= qq|<input type="radio" name="payment" value="$_">$pay<br>\n|;
}
}

# ÇÛã»þ´Ö
my $opt_deli;
foreach (0 .. $#{$cf{deli}}) {
if ($in{deli} eq $_) {
$opt_deli .= qq|<option value="$_" selected>${$cf{deli}}[$_]</option>\n|;
} else {
$opt_deli .= qq|<option value="$_">${$cf{deli}}[$_]</option>\n|;
}
}

# ÅÔÆ»Éܸ©
my ($opt_pref,$opt_pref2);
foreach (0 .. $#{$cf{pref}}) {
my ($pref,$postage) = split(/,/,${$cf{pref}}[$_]);

if ($c{pref} eq $_) {
$opt_pref .= qq|<option value="$_" selected>$pref</option>\n|;
} else {
$opt_pref .= qq|<option value="$_">$pref</option>\n|;
}
if ($c{pref2} eq $_) {
$opt_pref2 .= qq|<option value="$_" selected>$pref</option>\n|;
} else {
$opt_pref2 .= qq|<option value="$_">$pref</option>\n|;
}
}

# ¥Æ¥ó¥×¥ì¡¼¥ÈÆɤ߹þ¤ß
open(IN,"$cf{tmpldir}/addr.html") or error("open err: addr.html");
my $tmpl = join('',<IN>);
close(IN);

# ÃÖ¤­´¹¤¨
$tmpl =~ s/!([a-z]+_cgi)!/$cf{$1}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!back!/$in{back}/g;
$tmpl =~ s/!payment!/$payment/g;
$tmpl =~ s/!remark!/$remark/g;
$tmpl =~ s/!date!/$in{date}/g;
$tmpl =~ s/!c_(\w+)!/$c{$1}/g;
$tmpl =~ s/<!-- option_deli -->/$opt_deli/g;
$tmpl =~ s/<!-- option_pref -->/$opt_pref/g;
$tmpl =~ s/<!-- option_pref2 -->/$opt_pref2/g;
$tmpl =~ s/!renraku!/$c{memo} eq '' ? '&nbsp;' : $c{memo}/eg;
$tmpl =~ s|!icon:(\w+\.\w+)!|<img src="$cf{cmnurl}/$1" alt="$1" class="icon">|g;

# ÀÇÂбþ
if (!$cf{tax_per}) { $tmpl =~ s|<!-- tax -->.+?<!-- /tax -->||s; }

# ÆþÎÏ¥¨¥é¡¼
if (%er != 0) {
for (qw(date name roman email zip addr addr2 tel)) {
if (defined $er{$_}) { $tmpl =~ s|<!-- err:$_ -->|<div class="err-addr">$er{$_}</div>|g; }
}
}

# ÇÛÁ÷Àè
if (!$in{deliv}) { $in{deliv} = 1; }
$tmpl =~ s|<input type="radio" name="deliv" value="$in{deliv}" ([^>]+)>|<input type="radio" name="deliv" value="$in{deliv}" $1 checked>|g;

# ÇÛÁ÷Àè¥Õ¥©¡¼¥à
if ($in{deliv} == 2) {
$tmpl =~ s/!disp!/block/g;
} else {
$tmpl =~ s/!disp!/none/g;
}

# ¥Æ¥ó¥×¥ì¡¼¥Èʬ³ä
my ($head,$loop,$foot) = $tmpl =~ m|(.+)<!-- item -->(.+?)<!-- /item -->(.+)|s
? ($1,$2,$3)
: error("¥Æ¥ó¥×¥ì¡¼¥ÈÉÔÀµ");

# Çãʪ¥«¥´Å¸³«
my $all = 0;
my $red = 0;
my $body;
for (@{$cart}) {
my ($id,$code,$num,@op) = split(/,/);
my (undef,$name,$price,$memo,$back,@ops) = split(/<>/,$cart{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¥ª¥×¥·¥ç¥ó½èÍý
my ($memo,@op2);
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $memo .= "[$nam]$op[$i] "; }
}

# °ú¿ô
my $hid = "$id;$code;$num";
for my $i (0 .. $#{$cf{options}}) {
# ÀµÅöÀ­¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
my $flg;
foreach my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
$hid .= ";$op[$i]";
}

# ¾®·×/Îß·×
my $kei = $price * $num;
$all += $kei;

# ·Ú¸ºÀÇΨ
if ($cf{tax_per} > 0 && defined $red{$code}) {
$red += $kei;
$memo .= "<br>" if ($memo ne '');
$memo .= "¡Ú·Ú¸ºÀÇΨÂоݡÛ";
}
if ($memo eq '') { $memo = '<br>'; }

# ½ñ¤­½Ð¤·
my $tmp = $loop;
$tmp =~ s/!code!/$code/g;
$tmp =~ s/!item!/$name/g;
$tmp =~ s/!num!/$num/g;
$tmp =~ s/!tanka!/comma($price)/ge;
$tmp =~ s/!gouka!/comma($kei)/ge;
$tmp =~ s/!memo!/$memo/g;
$body .= $tmp;
}

# ¾ÃÈñÀÇ
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

for ($head, $foot) {
s/!kei!/comma($kei)/ge;
s/!tax!/comma($tax1)/ge;
s/!tax_red!/comma($tax2)/ge;
s/!all!/comma($all)/ge;
s/!tax_per!/$cf{tax_per}/e;
s/!red_per!/$cf{red_per}/e;
s/!tar_tax1!/comma($tar)/ge;
s/!tar_tax2!/comma($red)/ge;
}

# ²èÌÌŸ³«
print "Content-type: text/html; charset=utf-8\n\n";
print $head, $body;

# ¥Õ¥Ã¥¿
footer($foot);
}

#-----------------------------------------------------------
# ³Îǧ²èÌÌ (Step2)
#-----------------------------------------------------------
sub conf_form {
# back°À­¥Á¥§¥Ã¥¯
chk_back($in{back});

# Çãʪ¾ðÊó¼èÆÀ
my ($cart,undef) = get_cookie();
if (@{$cart} == 0) { error("Çãʪ¾ðÊ󤬤¢¤ê¤Þ¤»¤ó"); }

# ÆþÎϳÎǧ
check_input();

# Ãíʸ¼Ô¾ðÊó¤ò¥¯¥Ã¥­¡¼³ÊǼ
my $cookie;
if ($in{cook} == 1) {
# ¸ÜµÒ¾ðÊó°Å¹æ²½
my @cust = encrypt_cust($in{name},$in{roman},$in{email},$in{zip},$in{pref},$in{addr},$in{addr2},$in{tel});


# ¥¯¥Ã¥­¡¼Êݸ
set_cookie(@cust);
}

# ºß¸Ëǧ¼±
my %zan = get_zan() if ($cf{stock});

# ¾¦Éʥǡ¼¥¿Ç§¼±
my %cart = get_data();

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# ÅÔÆ»Éܸ©/Á÷ÎÁ
my ($pref2,%pref);
my $postage = 0;
my ($pref,$postage) = split(/,/,${$cf{pref}}[$in{pref}]);
$pref{pref} = $pref;
if ($in{pref2} ne "") {
($pref2,$postage) = split(/,/,${$cf{pref}}[$in{pref2}]);
$pref{pref2} = $pref2;
}

# »ÙʧÊýË¡¤Î¼ê¿ôÎÁ
my ($pay,$cost) = split(/,/,${$cf{payment}}[$in{payment}]);

# Á÷ÎÁ¥µ¡¼¥Ó¥¹¥Õ¥é¥°
my $serv_flag = 0;

# ÇÛã»þ´Ö
my $deliv;
if ($in{date} ne '') { $deliv = "$in{date} "; }
if ($in{deli} ne '') { $deliv .= ${$cf{deli}}[$in{deli}]; }
if ($deliv eq '') { $deliv = '<br>'; }

# ͹ÊØÈÖ¹æ
$in{zip} =~ s/(\d{3})(\d{4})/$1-$2/;
$in{zip2} =~ s/(\d{3})(\d{4})/$1-$2/;

# ²þ¹ÔÉü¸µ
$in{addr} =~ s/\t/<br>/g;
$in{addr2} =~ s/\t/<br>/g;
$in{memo} =~ s/\t/<br>/g;

# ¥Æ¥ó¥×¥ì¡¼¥ÈÆɤ߹þ¤ß
open(IN,"$cf{tmpldir}/conf.html") or error("open err: conf.html");
my $tmpl = join('',<IN>);
close(IN);

# ÃÖ¤­´¹¤¨
$tmpl =~ s/!ses!/make_session()/e;
$tmpl =~ s/!([a-z]+_cgi)!/$cf{$1}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!back!/$in{back}/g;
$tmpl =~ s/!c_(\w+)!/$in{$1}/g;
$tmpl =~ s/!renraku!/$in{memo}/g;
$tmpl =~ s/!deliv!/$deliv/g;
$tmpl =~ s/!payment!/$pay/g;
$tmpl =~ s/!ses!/$in{ses}/g;

# ÀÇÂбþ
if (!$cf{tax_per}) { $tmpl =~ s|<!-- tax -->.+?<!-- /tax -->||s; }

# ¥Æ¥ó¥×¥ì¡¼¥Èʬ³ä
my ($head,$loop,$foot) = $tmpl =~ m|(.+)<!-- item -->(.+?)<!-- /item -->(.+)|s
? ($1,$2,$3)
: error("¥Æ¥ó¥×¥ì¡¼¥ÈÉÔÀµ");

# Çãʪ¥«¥´Å¸³«
my $all = 0;
my $red = 0;
my $gkei = 0;
my ($flg,$scode,$body);
for (@{$cart}) {
my ($id,$code,$num,@op) = split(/,/);
my (undef,$name,$price,$memo,$back,@ops) = split(/<>/,$cart{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¥ª¥×¥·¥ç¥ó½èÍý
my ($memo,@op2);
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $memo .= "[$nam]$op[$i] "; }
}

# °ú¿ô
my $hid = "$id;$code;$num";
for my $i (0 .. $#{$cf{options}}) {

# ÀµÅöÀ­¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
my $flg;
for my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
$hid .= ";$op[$i]";
}

# ¾®·×/Îß·×
my $kei = $price * $num;
$all += $kei;

# ·Ú¸ºÀÇΨ
if ($cf{tax_per} > 0 && defined $red{$code}) {
$red += $kei;
$memo .= "<br>" if ($memo ne '');
$memo .= "¡Ú·Ú¸ºÀÇΨÂоݡÛ";
}
if ($memo eq '') { $memo = '<br>'; }

# ½ñ¤­½Ð¤·
my $tmp = $loop;
$tmp =~ s/!code!/$code/g;
$tmp =~ s/!item!/$name/g;
$tmp =~ s/!num!/$num/g;
$tmp =~ s/!tanka!/comma($price)/ge;
$tmp =~ s/!gouka!/comma($kei)/ge;
$tmp =~ s/!memo!/$memo/g;
$body .= $tmp;

# ºß¸Ë¿ô¥Á¥§¥Ã¥¯
if ($cf{stock}) {
if ($zan{$code} - $num < 0) {
$scode = $code;
$flg++;
last;
}
}
}

# ºß¸ËÀÚ¤ì
if ($flg) {
my ($name) = (split(/<>/,$cart{$scode}))[1];
my $msg = "ÂçÊÑ¿½¤·Ìõ¤¢¤ê¤Þ¤»¤ó¡£¡Ö$name¡×¤Ïºß¸ËÀÚ¤ì¤Ç¤¹(ºß¸Ë¿ô:$zan{$scode})<br>\n";
$msg .= "¤¿¤Ã¤¿º£¡¢Â¾¤ÎÊý¤«¤é¤Î¹ØÆþ¤¬¤¢¤Ã¤¿¤è¤¦¤Ç¤¹\n";
error($msg);
}

# Á÷ÎÁ
if ($postage > 0) {
# Á÷ÎÁ¥µ¡¼¥Ó¥¹Í­¤ê
if ($cf{cari_serv} && $cf{cari_serv} <= $all) {
$postage = 0;
$serv_flag++;
}
}

# Á÷ÎÁ¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¾ì¹ç
if (!$serv_flag) { $all += $postage; }

# »Ùʧ¼ê¿ôÎÁ¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¾ì¹ç
if ($cost > 0) { $all += $cost; }

# ¼¡²èÌÌÍѥѥé¥á¡¼¥¿
my $hidden;
for (qw(payment date deli name roman email zip pref addr addr2 tel memo)) {
my $val = $in{$_};
if ($_ eq 'addr' or $_ eq 'addr2' or $_ eq 'memo') {
$val =~ s|<br>|\t|g;
}
$hidden .= qq|<input type="hidden" name="$_" value="$val">\n|;
}

# ¾ÃÈñÀÇ
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

for ($head, $foot) {
s/!kei!/comma($kei)/ge;
s/!tax!/comma($tax1)/ge;
s/!tax_red!/comma($tax2)/ge;
s/!all!/comma($all)/ge;
s/!postage!/comma($postage)/ge;
s/!cost!/comma($cost)/ge;
s/!(pref2?)!/$pref{$1}/g;
s/<!-- hidden -->/$hidden/g;
s/!tax_per!/$cf{tax_per}/e;
s/!red_per!/$cf{red_per}/e;
s/!tar_tax1!/comma($tar)/ge;
s/!tar_tax2!/comma($red)/ge;

if ($in{deliv} == 1) {
s|<!-- deliv -->.+?<!-- /deliv -->||s;
}
}

# ²èÌÌŸ³«
print "Content-type: text/html; charset=utf-8\n\n";
print $head, $body;

# ¥Õ¥Ã¥¿
footer($foot);
}

#-----------------------------------------------------------
# ÃíʸÁ÷¿® (Step3)
#-----------------------------------------------------------
sub send_form {
# Çãʪ¾ðÊó¼èÆÀ
my ($cart,undef) = get_cookie();
if (@{$cart} == 0) { error("Çãʪ¾ðÊ󤬤¢¤ê¤Þ¤»¤ó"); }

# ÆþÎϳÎǧ
check_input();

# ²þ¹ÔÊÑ´¹
for ( keys %in ) {
if ($_ eq 'addr' or $_ eq 'addr2' or $_ eq 'memo') {
$in{$_} =~ s/\t+$//;
$in{$_} =~ s/\t/\n /g;
} else {
$in{$_} =~ s/\t//g;
}
}

# ºß¸Ëǧ¼±
my %zan = get_zan() if ($cf{stock});

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# ¥Û¥¹¥È̾/»þ´Ö¤ò¼èÆÀ
my $host = get_host();
my ($time,$mdate) = get_time();
$in{time} = $time;
$in{host} = $host;

# ¥Ö¥é¥¦¥¶¾ðÊó
$in{agent} = $ENV{HTTP_USER_AGENT};
$in{agent} =~ s/[<>&"']//g;

# ÃíʸÈÖ¹æºÎÈÖ
open(DAT,"+< $cf{datadir}/num.dat") or error("open err: num.dat");
eval "flock(DAT,2);";
my $num = <DAT>;
seek(DAT,0,0);
print DAT ++$num;
truncate(DAT,tell(DAT));
close(DAT);

# ·å¿ôÄ´À°
$in{number} = sprintf("%06d",$num);

# ¥á¡¼¥ë·ï̾¤òMIME¥¨¥ó¥³¡¼¥É
require "lib/jacode.pl";
my $msub = mime_unstructured_header("¤´Ãíʸ¥á¡¼¥ë ($in{name}ÍÍ)");

# ¥á¡¼¥ë¥Ø¥Ã¥À¡¼ÄêµÁ
my $mhead = <<EOM;
Subject: $msub
Date: $mdate
MIME-Version: 1.0
Content-type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
X-Mailer: $cf{version}
EOM

# ¥Ç¡¼¥¿Æɤ߼è¤ê
my %cart = get_data();

# Çãʪ¥«¥´Å¸³«
my $all = 0;
my $red = 0;
my $i = 0;
$in{order} = '';
foreach (@{$cart}) {
my ($id,$code,$num,@op) = split(/,/);
my (undef,$name,$price,undef,undef,@ops) = split(/<>/,$cart{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¾®·×
my $kei = $price * $num;
$all += $kei;

if ($cf{tax_per} > 0 && defined $red{$code}) { $red += $kei; }

# ºß¸Ë¥Á¥§¥Ã¥¯
if ($cf{stock}) {
if ($zan{$code} - $num < 0) {
my $msg = "ÂçÊÑ¿½¤·Ìõ¤¢¤ê¤Þ¤»¤ó¡£¡Ö$name¡×¤Ïºß¸ËÀÚ¤ì¤Ç¤¹(¸½ºß¤Îºß¸Ë¿ô:$zan{$code})<br>\n";
$msg .= "¤¿¤Ã¤¿º£¡¢Â¾¤ÎÊý¤«¤é¤Î¹ØÆþ¤¬¤¢¤Ã¤¿¤è¤¦¤Ç¤¹\n";
error($msg);
}
$zan{$code} -= $num;
}

# ñ²Á·×»»
$price = comma($price);
$kei = comma($kei);

$i++;
$in{order} .= "¡ü¤´ÃíʸÆâÍÆ$i\n";
$in{order} .= "¥³¡¼¥É : $code\n";
$in{order} .= "¾¦ÉÊ̾ : $name\n";

# ¥ª¥×¥·¥ç¥ó½èÍý
my @op2;
foreach my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $in{order} .= "[$nam] $op[$i]\n"; }
}
if ($cf{tax_per} > 0 && defined $red{$code}) { $in{order} .= "[·Ú¸ºÀÇΨÂоÝ]\n"; }

$in{order} .= "¶â ³Û : $price ¡ß $num = ¡ï$kei\n\n";

# ¥ª¥×¥·¥ç¥óÀµÅö¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
foreach my $i (0 .. $#{$cf{options}}) {
my $flg;
foreach my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
}
}
$in{order} =~ s/\n+$//;

# ¥»¥Ã¥·¥ç¥ó¥Á¥§¥Ã¥¯
check_session();

# ÇÛã»þ´Ö
$in{deliv} = '';
if ($in{date} ne '') {
$in{deliv} = "$in{date} ";
if ($in{deli} ne "") {
$in{deliv} .= " ${$cf{deli}}[$in{deli}]";
}
}

# ÅÔÆ»Éܸ©/Á÷ÎÁ
my ($pref,$pref2);
my $postage = 0;
my ($pref,$postage) = split(/,/,${$cf{pref}}[$in{pref}]);
$in{pref} = $pref;
if ($in{pref2} ne "") {
($pref2,$postage) = split(/,/,${$cf{pref}}[$in{pref2}]);
$in{pref2} = $pref2;
}

# »ÙʧÊýË¡¤Î¼ê¿ôÎÁ
my ($pay,$cost) = split(/,/,${cf{payment}}[$in{payment}]);
my $q_pay = $in{payment};
$in{payment} = $pay;

# ¸©ÊÌÁ÷ÎÁ
my $memo;
if ($postage > 0) {
# Á÷ÎÁ¥µ¡¼¥Ó¥¹Í­¤ê
$in{postage} = 0;
if ($cf{cari_serv} && $cf{cari_serv } <= $all) {
$in{postage} = $postage = 0;
$in{postage} .= ' (Á÷ÎÁ¥µ¡¼¥Ó¥¹)';

# Á÷ÎÁ¥µ¡¼¥Ó¥¹Ìµ¤·
} else {
$all += $postage;
$in{postage} = comma($postage);
}
}
if ($in{postage} eq '') { $in{postage} = 0; }

# »Ùʧ¼ê¿ôÎÁ
$in{cost} = 0;
if ($cost > 0) {
$all += $cost;
$in{cost} = comma($cost);
}

# ¾ÃÈñÀÇ
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

# ¥á¡¼¥ëËÜʸÍÑ
$in{kei} = comma($kei);
$in{all} = comma($all);
if ($cf{tax_per} == 0) {
$in{tax1} = $in{tax2} = "[ÆâÀÇ]";
} else {
$in{tax1} = comma($tax1) . "¡Ê$cf{tax_per}%ÂÐ¾Ý ¡ï" . comma($tar) . "¡Ë";
$in{tax2} = comma($tax2) . "¡Ê$cf{red_per}%ÂÐ¾Ý ¡ï" . comma($red) . "¡Ë";
}

# ¥á¡¼¥ëËÜʸ¥Æ¥ó¥×¥ì¡¼¥ÈÆɽСʴÉÍý¼Ô°¸¡Ë
open(IN,"$cf{tmpldir}/order.txt") or error("open err: order.txt");
my $body_ord = join('',<IN>);
close(IN);

# ¥ª¡¼¥À¡¼ËÜʸ¥Æ¥ó¥×¥ì¡¼¥ÈÆɽСÊÃíʸ¼Ô°¸¡Ë
open(IN,"$cf{tmpldir}/reply.txt") or error("open err: reply.txt");
my $body_rep = join('',<IN>);
close(IN);

# ʸ»úÃÖ¤­´¹¤¨
$body_ord =~ s/!(\w+)!/$in{$1}/g;
$body_rep =~ s/!(\w+)!/$in{$1}/g;

# ¥í¥°ÍÑ
my $log = $body_ord;

# ¥³¡¼¥ÉÊÑ´¹
my $tmp_body;
for my $tmp ( split(/\n/,$body_ord) ) {
jcode::convert(\$tmp,'jis','utf8');
$tmp_body .= "$tmp\n";
}
$body_ord = $tmp_body;

my $tmp_body;
for my $tmp ( split(/\n/,$body_rep) ) {
jcode::convert(\$tmp,'jis','utf8');
$tmp_body .= "$tmp\n";
}
$body_rep = $tmp_body;

# ¥¿¥°Éü¸µ
$body_ord = tag_chg($body_ord);
$body_rep = tag_chg($body_rep);

# sendmail¥³¥Þ¥ó¥ÉÄêµÁ
my $scmd1 = "$cf{sendmail} -t -i";
my $scmd2 = "$cf{sendmail} -t -i";
if ($cf{sendm_f} == 1) {
$scmd1 .= " -f $in{email}";
$scmd2 .= " -f $cf{master}";
}

# ´ÉÍý¼Ô¤ØÁ÷¿®
open(MAIL,"| $scmd1") or error("¥á¡¼¥ëÁ÷¿®¼ºÇÔ");
print MAIL "To: $cf{master}\n";
print MAIL "From: $in{email}\n";
print MAIL "$mhead\n";
print MAIL "$body_ord\n";
close(MAIL);

# Ãíʸ¼Ô¤ØÁ÷¿®
open(MAIL,"| $scmd2") or error("¥á¡¼¥ëÁ÷¿®¼ºÇÔ");
print MAIL "To: $in{email}\n";
print MAIL "From: $cf{master}\n";
print MAIL "$mhead\n";
print MAIL "$body_rep\n";
close(MAIL);

# Çãʪ¾ðÊó¤Î¥¯¥Ã¥­¡¼¾Ãµî
del_cookie();

# ºß¸Ë¿ô¹¹¿·
if ($cf{stock}) {
my @data;
while ( my ($id,$zan) = each %zan ) {
push(@data,"$id<>$zan<>\n");
}

open(OUT,"> $cf{datadir}/stock.dat") or error("write err: stock.dat");
eval "flock(OUT,2);";
print OUT @data;
close(OUT);
}

# ¥í¥°Êݸ
save_log($time,$in{number},$log);

# ¥Æ¥ó¥×¥ì¡¼¥ÈȽÊÌ
my $zeus_num;
my $tmplfile = "send.html";
# ¥¯¥ì¥¸¥Ã¥È
if (($cf{zeus_serv} == 1 && $q_pay == $#{$cf{payment}})
or ($cf{zeus_serv} == 2 && $q_pay == $#{$cf{payment}}-1)
or ($cf{zeus_serv} == 3 && $q_pay == $#{$cf{payment}}-1)
or ($cf{zeus_serv} == 4 && $q_pay == $#{$cf{payment}}-2)) {
$tmplfile = "send-credit.html";
$zeus_num = $cf{zeus_num};

# ¶ä¹Ô
} elsif (($cf{zeus_serv} == 2 && $q_pay == $#{$cf{payment}})
or ($cf{zeus_serv} == 4 && $q_pay == $#{$cf{payment}}-1)) {
$tmplfile = "send-bank.html";
$zeus_num = $cf{zeus_bip};

# ¥³¥ó¥Ó¥Ë
} elsif (($cf{zeus_serv} == 3 && $q_pay == $#{$cf{payment}})
or ($cf{zeus_serv} == 4 && $q_pay == $#{$cf{payment}})) {
$tmplfile = "send-conv.html";
$zeus_num = $cf{zeus_cip};
}

# ´°Î»²èÌÌ
open(IN,"$cf{tmpldir}/$tmplfile") or error("open err: $tmplfile");
my $tmpl = join('',<IN>);
close(IN);

# ʸ»úÃÖ´¹
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;

# ¥¼¥¦¥¹ÍÑ
my $money = $all;
if ($cf{zeus_serv} > 0) {
$in{tel} =~ s/\D//g;

$tmpl =~ s/!zeus_num!/$zeus_num/g;
$tmpl =~ s/!money!/$money/g;
$tmpl =~ s/!tel!/$in{tel}/g;
$tmpl =~ s/!email!/$in{email}/g;
$tmpl =~ s/!sendid!/$in{number}/g;
}
$tmpl =~ s/!order_cgi!/$cf{order_cgi}/g;

# ɽ¼¨
print "Content-type: text/html; charset=utf-8\n\n";
footer($tmpl);
}

#-----------------------------------------------------------
# »þ´Ö¼èÆÀ
#-----------------------------------------------------------
sub get_time {
my ($sec,$min,$hour,$mday,$mon,$year,$wday) = (localtime(time))[0..6];

my @week = qw|Sun Mon Tue Wed Thu Fri Sat|;
my @mon = qw|Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec|;

# Æü»þ¥Õ¥©¡¼¥Þ¥Ã¥È
my $date = sprintf("%04d/%02d/%02d(%s) %02d:%02d:%02d",
$year+1900,$mon+1,$mday,$week[$wday],$hour,$min,$sec);

# ¥á¡¼¥ëÍÑ¥Õ¥©¡¼¥Þ¥Ã¥È
my $mdate = sprintf("%s, %02d %s %04d %02d:%02d:%02d",
$week[$wday],$mday,$mon[$mon],$year+1900,$hour,$min,$sec) . " +0900";

return ($date,$mdate);
}

#-----------------------------------------------------------
# ¥Û¥¹¥È̾¼èÆÀ
#-----------------------------------------------------------
sub get_host {
my $host = $ENV{REMOTE_HOST};
my $addr = $ENV{REMOTE_ADDR};

if ($cf{gethostbyaddr} && ($host eq "" || $host eq $addr)) {
$host = gethostbyaddr(pack("C4", split(/\./, $addr)), 2);
}
$host ||= $addr;

return $host;
}

#-----------------------------------------------------------
# ¥í¥°Êݸ
#-----------------------------------------------------------
sub save_log {
my ($date,$num,$log) = @_;

# ²þ¹ÔÃÖ¤­´¹¤¨
$log =~ s/\n/\t/g;
$log =~ s/ +/ /g;

# ¥í¥°¥Õ¥¡¥¤¥ë̾¤òÄêµÁ
my $file = ($date =~ /^(\d{4})\/(\d{2})/) && "$1$2.cgi";

# ¸ºß¥Á¥§¥Ã¥¯
my $flg;
if (-e "$cf{datadir}/log/$file") { $flg++; }

# ¥í¥°Äɲýñ¤­¹þ¤ß
open(DAT,">> $cf{datadir}/log/$file") or error("write err: $file");
eval "flock(DAT, 2);";
print DAT "$date<>$num<>$log\n";
close(DAT);

# ¿·µ¬À¸À®¤Î¾ì¹ç¤Ï¥Ñ¡¼¥ß¥Ã¥·¥ç¥óÉÕÍ¿
chmod(0666, "$cf{datadir}/log/$file") if (!$flg);
}

#-----------------------------------------------------------
# ÆþÎÏ¥Á¥§¥Ã¥¯
#-----------------------------------------------------------
sub check_input {
# ²þ¹ÔËöÈø¤ò¥«¥Ã¥È
$in{addr} =~ s/\t+$//g;
$in{addr2} =~ s/\t+$//g;
$in{memo} =~ s/\t+$//g;

# ÆþÎϳÎǧ
my %er;
if ($in{payment} eq '') { $er{payment} = '»ÙʧÊýË¡¤¬Ì¤ÁªÂò¤Ç¤¹'; }
if ($in{date} ne '') {
if ($in{date} =~ m|^(\d+)/(\d+)/(\d+)|) {
my ($yr,$mon,$day) = ($1,$2,$3);
my ($d,$m,$y) = (localtime())[3..5];
my $date = sprintf("%04d%02d%02d",$y+1900,$m+1,$d);
if ("$yr$mon$day" < $date) { $er{date} = 'ÇÛãÆü¤Ïº£Æü°Ê¹ß¤ò»ØÄꤷ¤Æ¤¯¤À¤µ¤¤'; }
} else {
$er{date} = 'ÇÛãÆü¤Ï¡Öǯ/·î/Æü¡×¤ÇÆþÎϤ·¤Æ¤¯¤À¤µ¤¤';
}
}
if ($in{name} eq '') { $er{name} = '̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{roman} eq '') { $er{roman} = '¥í¡¼¥Þ»ú̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{email} !~ /^[\w\.\-]+\@[\w\.\-]+\.[a-zA-Z]{2,6}$/) { $er{email} = 'ÅŻҥ᡼¥ë¤ÎÆþÎϤ¬ÉÔÀµ¤Ç¤¹'; }
if ($in{zip} !~ /^\d{3}-?\d{4}$/) { $er{zip} = '͹ÊØÈÖ¹æ¤Ï¡Ö¿ô»ú7·å¡×¤«¡Ö¿ô»ú3·å-4·å¡×¤Ç¤¹'; }
if ($in{pref} eq '' or $in{addr} eq '') { $er{addr} = '½»½ê¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{pref} eq '' or $in{addr2} eq '') { $er{addr2} = '¥í¡¼¥Þ»ú½»½ê¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{tel} eq '') { $er{tel} = 'ÅÅÏÃÈֹ椬̤ÆþÎϤǤ¹'; }
if ($in{deliv} == 2) {
if ($in{name2} eq '') { $er{name2} = 'ÇÛÁ÷Àè¤Î̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{zip2} !~ /^\d{3}-?\d{4}$/) { $er{zip2} = 'ÇÛÁ÷Àè¤Î͹ÊØÈÖ¹æ¤Ï¡Ö¿ô»ú7·å¡×¤«¡Ö¿ô»ú3·å-4·å¡×¤Ç¤¹'; }
if ($in{pref2} eq '' or $in{addr2} eq '') { $er{addr2} = 'ÇÛÁ÷Àè¤Î½»½ê¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{tel2} eq '') { $er{tel2} = 'ÇÛÁ÷Àè¤ÎÅÅÏÃÈֹ椬̤ÆþÎϤǤ¹'; }
} else {
$in{name2} = $in{kana2} = $in{zip2} = $in{addr2} = $in{pref2} = $in{tel2} = $in{fax2} = '';
}
if (%er != 0) { addr_form(%er); }
}

#-----------------------------------------------------------
# ¥¿¥°Éü¸µ
#-----------------------------------------------------------
sub tag_chg {
local($_) = @_;

s/&lt;/</g;
s/&gt;/>/g;
s/&quot;/"/g;
s/&amp;/&/g;
$_;
}

#-----------------------------------------------------------
# ¸ÜµÒ¾ðÊó°Å¹æ²½
#-----------------------------------------------------------
sub encrypt_cust {
my @cust = @_;

my @ret;
foreach (@cust) {
my $encrypt = RC4($cf{passphrase}, $_);
$encrypt =~ s/(.)/unpack('H2', $1)/eg;

push(@ret,$encrypt);
}
return @ret;
}

#-----------------------------------------------------------
# ¸ÜµÒ¾ðÊóÉü¹æ²½
#-----------------------------------------------------------
sub decrypt_cust {
my @cust = @_;

my @ret;
foreach (@cust) {
s/([0-9A-Fa-f]{2})/pack('H2', $1)/eg;
my $decrypt = RC4($cf{passphrase}, $_);
$decrypt =~ s/[&"'<>]//g;

push(@ret,$decrypt);
}
return @ret;
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼¾Ãµî
#-----------------------------------------------------------
sub del_cookie {
print "Set-Cookie: $cf{cookie_cart}=; expires=Thu, 01-Jan-1970 00:00:00 GMT;\n";
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼È¯¹Ô
#-----------------------------------------------------------
sub set_cookie {
my @data = @_;

my ($sec,$min,$hour,$mday,$mon,$year,$wday,undef,undef) = gmtime(time + 60*24*60*60);
my @mon = qw|Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec|;
my @week = qw|Sun Mon Tue Wed Thu Fri Sat|;

# »þ¹ï¥Õ¥©¡¼¥Þ¥Ã¥È
my $gmt = sprintf("%s, %02d-%s-%04d %02d:%02d:%02d GMT",
$week[$wday],$mday,$mon[$mon],$year+1900,$hour,$min,$sec);

# URL¥¨¥ó¥³¡¼¥É
my $cook;
foreach (@data) {
s/(\W)/sprintf("%%%02X", unpack("C", $1))/eg;
$cook .= "$_<>";
}

print "Set-Cookie: $cf{cookie_cust}=$cook; expires=$gmt;";
print " secure" if ($cf{ssl_cookie});
print "\n";
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼¼èÆÀ
#-----------------------------------------------------------
sub get_cookie {
# ¥¯¥Ã¥­¡¼¼èÆÀ
my $cook = $ENV{HTTP_COOKIE};

# ³ºÅöID¤ò¼è¤ê½Ð¤¹
my %cook;
for ( split(/;/,$cook) ) {
my ($key,$val) = split(/=/);
$key =~ s/\s//g;
$cook{$key} = $val;
}

# URL¥Ç¥³¡¼¥É
my (@cart,@cook);
for ( split(/<>/,$cook{$cf{cookie_cart}}) ) {
s/%([0-9A-Fa-f][0-9A-Fa-f])/pack("H2",$1)/eg;
s/[&"'<>]//g;

push(@cart,$_);
}
for ( split(/<>/,$cook{$cf{cookie_cust}}) ) {
s/%([0-9A-Fa-f][0-9A-Fa-f])/pack("H2",$1)/eg;
s/[&"'<>]//g;

push(@cook,$_);
}
return (\@cart,\@cook);
}

#-----------------------------------------------------------
# ºß¸Ë¿ôǧ¼±
#-----------------------------------------------------------
sub get_zan {
my %zan;
open(IN,"$cf{datadir}/stock.dat") or error("open err: stock.dat");
while (<IN>) {
my ($id,$zan) = split(/<>/);
$zan{$id} = $zan;
}
close(IN);

return %zan;
}

#-----------------------------------------------------------
# ¥»¥Ã¥·¥ç¥óºîÀ®
#-----------------------------------------------------------
sub make_session {
# À¸À®
my @wd = (0 .. 9, 'a' .. 'z', 'A' .. 'Z', '_');
my $ses;
for (1 .. 25) { $ses .= $wd[int(rand(@wd))]; }

# ¹¹¿·
my $now = time;
open(DAT,">> $cf{datadir}/ses.dat") or error("write err: ses.dat");
eval "flock(DAT,2);";
print DAT "$now\t$ses\n";
close(DAT);

return $ses;
}

#-----------------------------------------------------------
# ¥»¥Ã¥·¥ç¥ó³Îǧ
#-----------------------------------------------------------
sub check_session {
my $now = time;
my ($flg,@log);
open(DAT,"+< $cf{datadir}/ses.dat") or error("open err: ses.dat");
eval "flock(DAT,2);";
while(<DAT>) {
chomp;
my ($time,$id) = split(/\t/);
next if ($now - $time > 3600); # 60ʬ°Ê¾å¤Ï¥¹¥­¥Ã¥×

if ($in{ses} eq $id) {
$flg++;
next;
}
push(@log,"$_\n");
}
seek(DAT,0,0);
print DAT @log;
truncate(DAT,tell(DAT));
close(DAT);

if (!$flg) {
my $msg = "²èÌÌɽ¼¨¸å°ìÄê»þ´Ö¤¬·Ð²á¤·¤¿¤¿¤á¡¢²¼µ­¤Î¥ê¥ó¥¯¤«¤éºÆÅÙ¤ä¤êľ¤·¤Æ¤¯¤À¤µ¤¤\n";
$msg .= qq|<p><a href="$cf{order_cgi}?mode=addr&amp;back=$in{back}">Ãíʸ¼Ô¾ðÊóÆþÎÏ</a></p>\n|;
error($msg);
}
}

#-----------------------------------------------------------
# mime¥¨¥ó¥³¡¼¥É
# [quote] http://www.din.or.jp/~ohzaki/perl.htm#JP_Base64
#-----------------------------------------------------------
sub mime_unstructured_header {
my $oldheader = shift;
jcode::convert(\$oldheader,'euc','utf8');
my ($header,@words,@wordstmp,$i);
my $crlf = $oldheader =~ /\n$/;
$oldheader =~ s/\s+$//;
@wordstmp = split /\s+/, $oldheader;
for ($i = 0; $i < $#wordstmp; $i++) {
if ($wordstmp[$i] !~ /^[\x21-\x7E]+$/ and
$wordstmp[$i + 1] !~ /^[\x21-\x7E]+$/) {
$wordstmp[$i + 1] = "$wordstmp[$i] $wordstmp[$i + 1]";
} else {
push(@words, $wordstmp[$i]);
}
}
push(@words, $wordstmp[-1]);
foreach my $word (@words) {
if ($word =~ /^[\x21-\x7E]+$/) {
$header =~ /(?:.*\n)*(.*)/;
if (length($1) + length($word) > 76) {
$header .= "\n $word";
} else {
$header .= $word;
}
} else {
$header = add_encoded_word($word, $header);
}
$header =~ /(?:.*\n)*(.*)/;
if (length($1) == 76) {
$header .= "\n ";
} else {
$header .= ' ';
}
}
$header =~ s/\n? $//mg;
$crlf ? "$header\n" : $header;
}
sub add_encoded_word {
my ($str, $line) = @_;
my $result;
my $ascii = '[\x00-\x7F]';
my $twoBytes = '[\x8E\xA1-\xFE][\xA1-\xFE]';
my $threeBytes = '\x8F[\xA1-\xFE][\xA1-\xFE]';
while (length($str)) {
my $target = $str;
$str = '';
if (length($line) + 22 +
($target =~ /^(?:$twoBytes|$threeBytes)/o) * 8 > 76) {
$line =~ s/[ \t\n\r]*$/\n/;
$result .= $line;
$line = ' ';
}
while (1) {
my $encoded = '=?ISO-2022-JP?B?' .
b64encode(jcode::jis($target,'euc','z')) . '?=';
if (length($encoded) + length($line) > 76) {
$target =~ s/($threeBytes|$twoBytes|$ascii)$//o;
$str = $1 . $str;
} else {
$line .= $encoded;
last;
}
}
}
$result . $line;
}
# [quote] http://www.tohoho-web.com/perl/encode.htm
sub b64encode {
my $buf = shift;
my ($mode,$tmp,$ret);
my $b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
. "abcdefghijklmnopqrstuvwxyz"
. "0123456789+/";

$mode = length($buf) % 3;
if ($mode == 1) { $buf .= "\0\0"; }
if ($mode == 2) { $buf .= "\0"; }
$buf =~ s/(...)/{
$tmp = unpack("B*", $1);
$tmp =~ s|(......)|substr($b64, ord(pack("B*", "00$1")), 1)|eg;
$ret .= $tmp;
}/eg;
if ($mode == 1) { $ret =~ s/..$/==/; }
if ($mode == 2) { $ret =~ s/.$/=/; }

return $ret;
}

µ­»öNo¡§ 16816
Åê¹ÆÆü¡§ 2022/04/22(Fri) 04:30:48
¥¿¥¤¥È¥ë¡§ Re: ÃíʸÆþÎÏ¥Ú¡¼¥¸¤Ç¤Î²þÎɤˤĤ¤¤Æ
ID¾ðÊó¡§ tmhk0722
Åê¹Æ¼Ô¡§ tomo
URL¡§ http://bodyvine.sakura.ne.jp

Ç°¤Î°Ù¡¢mart.cgi¤Î¥¿¥°¤âºÜ¤»¤Æ¤ª¤­¤Þ¤¹¡£

#!/usr/local/bin/perl

#¨£¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡
#¨¢ WEB MART : mart.cgi - 2021/04/25
#¨¢ copyright (c) kentweb, 1997-2021
#¨¢ https://www.kent-web.com/
#¨¦¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡

# ¥â¥¸¥å¡¼¥ëÀë¸À
use strict;
use CGI::Carp qw(fatalsToBrowser);
use lib "./lib";
use CGI::Minimal;

# ³°Éô¥Õ¥¡¥¤¥ë¼è¤ê¹þ¤ß
require './init.cgi';
my %cf = set_init();

# ¥Ç¡¼¥¿¼õÍý
CGI::Minimal::max_read_size($cf{maxdata});
my $cgi = CGI::Minimal->new;
cgi_err('ÍÆÎÌ¥ª¡¼¥Ð¡¼') if ($cgi->truncated);
my %in = parse_form($cgi);

# ½èÍýʬ´ô
if ($in{mode} eq "law") { law_data(); }
if ($in{mode} eq "chg") { chg_cart(); }
pick_cart();

#-----------------------------------------------------------
# ¥«¥´Æþ¤ì
#-----------------------------------------------------------
sub pick_cart {
# ¥³¡¼¥É/¿ôÎ̤ÎÀµÅöÀ­
$in{code} =~ s/\W//g;
$in{num} =~ s/\D//g;

# BACK°À­¤¬¤Ê¤±¤ì¤Ð¡¢HTTP_REFERER¤Ç¼èÆÀ
$in{back} ||= $ENV{HTTP_REFERER};
if ($in{back}) {
chk_back($in{back});
} else {
error("BACK°À­¤¬¤¢¤ê¤Þ¤»¤ó");
}

# ÅÐÏ¿¥Ç¡¼¥¿Ç§¼±
my %cart = get_data();

# ¸Ä¿ô¤¬¤Ê¤¤¾ì¹ç¤Ï1¤È¤¹¤ë
if ($in{num} eq '') { $in{num} = 1; }

# ¥³¡¼¥É¤¬¤Ê¤¤¾ì¹ç¤Ï¡ÖÃæ¿È³Îǧ¡×
if ($in{code} eq '') {
my @cook = get_cookie();
basket(\@cook,\%cart);
}

# ¾¦ÉÊ¥³¡¼¥É¤ÎÀ°¹çÀ­¥Á¥§¥Ã¥¯
error("¾¦ÉÊ¥³¡¼¥É¡Ö$in{code}¡×¤Ï̤ÅÐÏ¿¤Ç¤¹") if (!defined $cart{$in{code}});

# ºß¸Ë´ÉÍý¤Î¾ì¹ç
chk_stock($in{code},$in{num}) if ($cf{stock});

# ¥¯¥Ã¥­¡¼¼èÆÀ
my @cook = get_cookie();

# ½ÅÊ£¥Á¥§¥Ã¥¯
my ($flg,@new);
for (@cook) {
my ($id,$code,$num,@op) = split(/,/);

if ($in{code} eq $code) {
my $chk;
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);

if ($op[$i] ne $in{$key}) {
$chk++;
last;
}
}
# Í×ÁǤ¬Æ±¤¸¾ì¹ç¤Ï¿ôÎ̤ò­¤·¤³¤à¡Ê½ÅÊ£¤¹¤ë¾ì¹ç¡Ë
if (!$chk) {
$flg++;
$num += $in{num};
$_ = "$id,$code,$num";
foreach my $op (@op) {
$_ .= ",$op";
}
}
}
push(@new,$_);
}
@cook = @new;

# ½ÅÊ£¤¬¤Ê¤±¤ì¤ÐÇãʪ¥«¥´¤ØÄɲÃ
if (!$flg) {

# ¾¦ÉʾðÊó
my (undef,undef,undef,undef,undef,@ops) = split(/<>/,$cart{$in{code}});

# ¥ª¥×¥·¥ç¥ó¤òÆ󼡸µÇÛÎó²½
my $i = 0;
my @op;
for (0 .. $#{$cf{options}}) {
$op[$i] = [split(/\s+/,$ops[$_])];
$i++;
}

# IDÈÖ¹æȯ¹Ô
my ($id) = (split(/,/,$cook[0]))[0];
$id++;

# ÄɲÃʬ
my $add = "$id,$in{code},$in{num}";

# ¥ª¥×¥·¥ç¥ó
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);

# ÀµÅöÀ­¤ò¥Á¥§¥Ã¥¯
if ($in{$key} ne '' && $cf{chk_ops} == 1) {
my $flg;
for (@{$op[$_]}) {
if ($_ eq $in{$key}) {
$flg++;
last;
}
}
if (!$flg) {
my $msg = qq|$in{$key}¤ÏÉÔÀµ¤ÊÃͤǤ¹|;
error($msg);
}
}
$add .= qq|,$in{$key}|;
}
unshift(@cook,$add);
}

# ¥¯¥Ã¥­¡¼³ÊǼ
set_cookie(@cook);

# ¥«¥´³Îǧ²èÌÌ
basket(\@cook,\%cart);
}

#-----------------------------------------------------------
# Çãʪ¥«¥´²èÌÌɽ¼¨
#-----------------------------------------------------------
sub basket {
my ($cook,$mart) = @_;

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# ¥Æ¥ó¥×¥ì¡¼¥ÈÆɤ߹þ¤ß
open(IN,"$cf{tmpldir}/mart.html") or error("open err: mart.html");
my $tmpl = join('',<IN>);
close(IN);

# ÊÑ´¹
$tmpl =~ s/!back!/$in{back}/g;
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!([a-z]+_cgi)!/$cf{$1}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;

# Ãæ¿È¤Ê¤·¤Î¤È¤­
if (@{$cook} == 0) { $tmpl =~ s|<!-- next_btn -->.+?<!-- /next_btn -->||s; }

# ÀÇÂбþ
if (!$cf{tax_per}) { $tmpl =~ s|<!-- tax -->.+?<!-- /tax -->||s; }

# ¥Æ¥ó¥×¥ì¡¼¥Èʬ²ò
my ($head,$loop,$foot) = $tmpl =~ m|(.+)<!-- item -->(.+?)<!-- /item -->(.+)|s
? ($1,$2,$3)
: error("¥Æ¥ó¥×¥ì¡¼¥ÈÉÔÀµ");

# ¾¦ÉÊÆâÍƤòŸ³«
my $all = 0;
my $red = 0;
my $body;
for my $ck (@{$cook}) {
my ($id,$code,$num,@op) = split(/,/,$ck);
my (undef,$name,$price,$memo,$back,@ops) = split(/<>/,$mart->{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¥ª¥×¥·¥ç¥ó½èÍý
my ($memo,@op2);
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $memo .= "[$nam]$op[$i] "; }
}

# °ú¿ô
my $hid = "$id;$code;$num";
for my $i (0 .. $#{$cf{options}}) {

# ÀµÅöÀ­¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
my $flg;
for my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
$hid .= ";$op[$i]";
}

# ¾®·×/Îß·×
my $kei = $price * $num;
$all += $kei;

# ·Ú¸ºÀÇΨ
if ($cf{tax_per} > 0 && defined $red{$code}) {
$red += $kei;
$memo .= "<br>" if ($memo ne '');
$memo .= "¡Ú·Ú¸ºÀÇΨÂоݡÛ";
}
if ($memo eq '') { $memo = '<br>'; }

# ¥×¥ë¥À¥¦¥óÀ¸À®
my ($sel_num,$flg);
for my $i (1 .. $cf{max_select}) {
if ($num == $i) {
$flg++;
$sel_num .= qq|<option value="$i" selected>$i</option>\n|;
} else {
$sel_num .= qq|<option value="$i">$i</option>\n|;
}
}
if (!$flg) { $sel_num .= qq|<option value="$num" selected>$num</option>\n|; }

my $tmp = $loop;
$tmp =~ s/!code!/$code/g;
$tmp =~ s/!item!/$name/g;
$tmp =~ s/!num!/num:$id/g;
$tmp =~ s/<!-- sel_num -->/$sel_num/g;
$tmp =~ s/!chg!/chg:$id/g;
$tmp =~ s/!tanka!/comma($price)/ge;
$tmp =~ s/!gouka!/comma($kei)/ge;
$tmp =~ s/!del!/del:$id/g;
$tmp =~ s/!memo!/$memo/g;

$body .= $tmp;
}

# ¾ÃÈñÀÇ·×»»
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

# ʸ»úÃÖ´¹
for ($head,$foot) {
s/!kei!/comma($kei)/ge;
s/!tax!/comma($tax1)/ge;
s/!tax_red!/comma($tax2)/ge;
s/!tax_per!/$cf{tax_per}/e;
s/!red_per!/$cf{red_per}/e;
s/!all!/comma($all)/ge;
s/!tar_tax1!/comma($tar)/ge;
s/!tar_tax2!/comma($red)/ge;
}

# ²èÌÌɽ¼¨
print "Content-type: text/html; charset=utf-8\n\n";
print $head, $body;

# ¥Õ¥Ã¥¿
footer($foot);
}

#-----------------------------------------------------------
# ¥«¡¼¥ÈÆâÍÆÊѹ¹
#-----------------------------------------------------------
sub chg_cart {
# ¾¦ÉÊ¥³¡¼¥É
$in{code} =~ s/\W//g;

# Êѹ¹/ºï½ü¥Ü¥¿¥óǧ¼±
my ($chg_num,$del_num);
for ( keys %in ) {
if (/^chg:(\d+)/) {
$chg_num = $1;
last;
} elsif (/^del:(\d+)/) {
$del_num = $1;
last;
}
}

# ¥¯¥Ã¥­¡¼¼èÆÀ
my @get = get_cookie();

my ($mycode,$mynum,@cook);
for (@get) {
my ($id,$code,$num,@op) = split(/,/);

# Êѹ¹
if ($chg_num eq $id) {
$mycode = $code;
$mynum = $in{"num:$id"};
$_ = qq|$id,$code,$in{"num:$id"}|;
foreach my $op (@op) {
$_ .= ",$op";
}

# ºï½ü
} elsif ($del_num eq $id) {
next;
}
push(@cook,$_);
}

# ¿ôÎÌÊѹ¹¤Î¾ì¹ç¡¢ºß¸Ë¥Á¥§¥Ã¥¯
if ($cf{stock} && $chg_num) { chk_stock($mycode,$mynum); }

# ¥¯¥Ã¥­¡¼³ÊǼ
set_cookie(@cook);

# Çãʪ¥«¥´
my %cart = get_data();
basket(\@cook,\%cart);
}

#-----------------------------------------------------------
# ¿ô»úȾ³ÑÊÑ´¹
#-----------------------------------------------------------
sub num_z2h {
local($_) = @_;

s/£°/0/g;
s/£±/1/g;
s/£²/2/g;
s/£³/3/g;
s/£´/4/g;
s/£µ/5/g;
s/£¶/6/g;
s/£·/7/g;
s/£¸/8/g;
s/£¹/9/g;
$_;
}

#-----------------------------------------------------------
# ºß¸Ë¿ô¥Á¥§¥Ã¥¯
#-----------------------------------------------------------
sub chk_stock {
my ($qcode,$qnum) = @_;

my ($flg,$zaiko);
open(IN,"$cf{datadir}/stock.dat") or error("open err: stock.dat");
while (<IN>) {
my ($code,$zan) = split(/<>/);

if ($qcode eq $code) {
if ($zan - $qnum < 0) {
$zaiko = $zan;
$flg++;
last;
}
}
}
close(IN);

# ºß¸Ë¤Ê¤·
error("À¿¤Ë¿½¤·Ìõ¤¢¤ê¤Þ¤»¤ó¡£<br>¤³¤Î¾¦ÉʤϺ߸ËÀÚ¤ì¤Ç¤¹(ºß¸Ë¿ô:<b>$zaiko</b>)") if ($flg);
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼¼èÆÀ
#-----------------------------------------------------------
sub get_cookie {
# ¥¯¥Ã¥­¡¼¼èÆÀ
$ENV{HTTP_COOKIE} =~ /$cf{cookie_cart}=([^=;]+);?/;
my $cook = $1;
$cook =~ s/\s//g;

# URL¥Ç¥³¡¼¥É
my @cook;
foreach ( split(/<>/,$cook) ) {
s/%([0-9A-Fa-f][0-9A-Fa-f])/pack("H2",$1)/eg;
s/[&"'<>]//g;

push(@cook,$_);
}
return @cook;
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼È¯¹Ô
#-----------------------------------------------------------
sub set_cookie {
my @data = @_;

# URL¥¨¥ó¥³¡¼¥É
my $cook;
foreach (@data) {
s/(\W)/sprintf("%%%02X",unpack("C",$1))/eg;
$cook .= "$_<>";
}

print "Set-Cookie: $cf{cookie_cart}=$cook\n";
}

µ­»öNo¡§ 16817
Åê¹ÆÆü¡§ 2022/04/22(Fri) 04:57:41
¥¿¥¤¥È¥ë¡§ Re: ÃíʸÆþÎÏ¥Ú¡¼¥¸¤Ç¤Î²þÎɤˤĤ¤¤Æ
ID¾ðÊó¡§ tmhk0722
Åê¹Æ¼Ô¡§ tomo
URL¡§ http://bodyvine.sakura.ne.jp

Ç°¤Î°Ù¡¢order.cgi¤Î¥¿¥°¤òŽ¤êÉÕ¤±¤Æ¤ª¤­¤Þ¤¹¡£

#!/usr/local/bin/perl

#¨£¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡
#¨¢ WEB MART : order.cgi - 2021/04/25
#¨¢ copyright (c) kentweb, 1997-2021
#¨¢ https://www.kent-web.com/
#¨¦¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡¨¡

# ¥â¥¸¥å¡¼¥ëÀë¸À
use strict;
use CGI::Carp qw(fatalsToBrowser);
use lib "./lib";
use CGI::Minimal;
use Crypt::RC4;

# ÀßÄê¥Õ¥¡¥¤¥ë¼è¤ê¹þ¤ß
require './init.cgi';
my %cf = set_init();

# ¥Ç¡¼¥¿¼õÍý
CGI::Minimal::max_read_size($cf{maxdata});
my $cgi = CGI::Minimal->new;
cgi_err('ÍÆÎÌ¥ª¡¼¥Ð¡¼') if ($cgi->truncated);
my %in = parse_form($cgi);

# ½èÍýʬ´ô
if ($in{mode} eq "law") { law_data(); }
if ($in{mode} eq "addr") { addr_form(); }
if ($in{mode} eq "conf") { conf_form(); }
if ($in{mode} eq "send") { send_form(); }
error("ÉÔÌÀ¤Ê½èÍý¤Ç¤¹");

#-----------------------------------------------------------
# ½»½êÆþÎϲèÌÌ (Step1)
#-----------------------------------------------------------
sub addr_form {
my %er = @_;

# back°À­¥Á¥§¥Ã¥¯
chk_back($in{back});

# Çãʪ¥Ç¡¼¥¿¼õÍý
my ($cart,$cust) = get_cookie();
if (@{$cart} == 0) { error("Çãʪ¥«¥´¤ÎÃæ¿È¤¬¶õ¤Ç¤¹"); }

# ¾¦Éʥǡ¼¥¿Ç§¼±
my %cart = get_data();

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# Á°²èÌ̤«¤é¤ÎÌá¤ê¤Î¾ì¹ç
my %c;
if ($in{job} eq "back" or %er != 0) {
%c = %in;

# Ìá¤ê¤Ç¤Ê¤¤¾ì¹ç¤Ï¸ÜµÒ¾ðÊó¤Î¥¯¥Ã¥­¡¼¼è¤ê½Ð¤·
} else {
# Éü¹æ
($c{name},$c{roman},$c{email},$c{zip},$c{pref},$c{addr},$c{romanaddr},$c{tel}) = decrypt_cust(@{$cust});
}

# ²þ¹ÔÉü¸µ
$c{addr} =~ s/\t/\n/g;
$c{romanaddr} =~ s/\t/\n/g;
$c{memo} =~ s/\t/\n/g;

# Á÷ÎÁ¤ÇÍ­½þ¤ÎÃ϶褬¤¢¤ë¤«¤ò¥Á¥§¥Ã¥¯
my ($flg,$remark);
foreach (0 .. $#{$cf{pref}}) {
my ($prf,$pri) = split(/,/,${$cf{pref}}[$_]);

if ($pri > 0) {
$flg++;
last;
}
}
if ($flg) { $remark = "(Á÷ÎÁÅù¤Ï¼¡²èÌ̤Ƿ׻»¤µ¤ì¤Þ¤¹)"; }

# »ÙʧÊýË¡
my $payment;
foreach (0 .. $#{$cf{payment}}) {
my ($pay,$cost) = split(/,/,${$cf{payment}}[$_]);

if (($in{payment} eq $_) || ($in{payment} eq "" && $_ == 0)) {
$payment .= qq|<input type="radio" name="payment" value="$_" checked>$pay<br>\n|;
} else {
$payment .= qq|<input type="radio" name="payment" value="$_">$pay<br>\n|;
}
}

# ÇÛã»þ´Ö
my $opt_deli;
foreach (0 .. $#{$cf{deli}}) {
if ($in{deli} eq $_) {
$opt_deli .= qq|<option value="$_" selected>${$cf{deli}}[$_]</option>\n|;
} else {
$opt_deli .= qq|<option value="$_">${$cf{deli}}[$_]</option>\n|;
}
}

# ÅÔÆ»Éܸ©
my ($opt_pref,$opt_pref2);
foreach (0 .. $#{$cf{pref}}) {
my ($pref,$postage) = split(/,/,${$cf{pref}}[$_]);

if ($c{pref} eq $_) {
$opt_pref .= qq|<option value="$_" selected>$pref</option>\n|;
} else {
$opt_pref .= qq|<option value="$_">$pref</option>\n|;
}
if ($c{pref2} eq $_) {
$opt_pref2 .= qq|<option value="$_" selected>$pref</option>\n|;
} else {
$opt_pref2 .= qq|<option value="$_">$pref</option>\n|;
}
}

# ¥Æ¥ó¥×¥ì¡¼¥ÈÆɤ߹þ¤ß
open(IN,"$cf{tmpldir}/addr.html") or error("open err: addr.html");
my $tmpl = join('',<IN>);
close(IN);

# ÃÖ¤­´¹¤¨
$tmpl =~ s/!([a-z]+_cgi)!/$cf{$1}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!back!/$in{back}/g;
$tmpl =~ s/!payment!/$payment/g;
$tmpl =~ s/!remark!/$remark/g;
$tmpl =~ s/!date!/$in{date}/g;
$tmpl =~ s/!c_(\w+)!/$c{$1}/g;
$tmpl =~ s/<!-- option_deli -->/$opt_deli/g;
$tmpl =~ s/<!-- option_pref -->/$opt_pref/g;
$tmpl =~ s/<!-- option_pref2 -->/$opt_pref2/g;
$tmpl =~ s/!renraku!/$c{memo} eq '' ? '&nbsp;' : $c{memo}/eg;
$tmpl =~ s|!icon:(\w+\.\w+)!|<img src="$cf{cmnurl}/$1" alt="$1" class="icon">|g;

# ÀÇÂбþ
if (!$cf{tax_per}) { $tmpl =~ s|<!-- tax -->.+?<!-- /tax -->||s; }

# ÆþÎÏ¥¨¥é¡¼
if (%er != 0) {
for (qw(date name roman email zip addr romanaddr tel)) {
if (defined $er{$_}) { $tmpl =~ s|<!-- err:$_ -->|<div class="err-addr">$er{$_}</div>|g; }
}
}

# ÇÛÁ÷Àè
if (!$in{deliv}) { $in{deliv} = 1; }
$tmpl =~ s|<input type="radio" name="deliv" value="$in{deliv}" ([^>]+)>|<input type="radio" name="deliv" value="$in{deliv}" $1 checked>|g;

# ÇÛÁ÷Àè¥Õ¥©¡¼¥à
if ($in{deliv} == 2) {
$tmpl =~ s/!disp!/block/g;
} else {
$tmpl =~ s/!disp!/none/g;
}

# ¥Æ¥ó¥×¥ì¡¼¥Èʬ³ä
my ($head,$loop,$foot) = $tmpl =~ m|(.+)<!-- item -->(.+?)<!-- /item -->(.+)|s
? ($1,$2,$3)
: error("¥Æ¥ó¥×¥ì¡¼¥ÈÉÔÀµ");

# Çãʪ¥«¥´Å¸³«
my $all = 0;
my $red = 0;
my $body;
for (@{$cart}) {
my ($id,$code,$num,@op) = split(/,/);
my (undef,$name,$price,$memo,$back,@ops) = split(/<>/,$cart{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¥ª¥×¥·¥ç¥ó½èÍý
my ($memo,@op2);
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $memo .= "[$nam]$op[$i] "; }
}

# °ú¿ô
my $hid = "$id;$code;$num";
for my $i (0 .. $#{$cf{options}}) {
# ÀµÅöÀ­¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
my $flg;
foreach my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
$hid .= ";$op[$i]";
}

# ¾®·×/Îß·×
my $kei = $price * $num;
$all += $kei;

# ·Ú¸ºÀÇΨ
if ($cf{tax_per} > 0 && defined $red{$code}) {
$red += $kei;
$memo .= "<br>" if ($memo ne '');
$memo .= "¡Ú·Ú¸ºÀÇΨÂоݡÛ";
}
if ($memo eq '') { $memo = '<br>'; }

# ½ñ¤­½Ð¤·
my $tmp = $loop;
$tmp =~ s/!code!/$code/g;
$tmp =~ s/!item!/$name/g;
$tmp =~ s/!num!/$num/g;
$tmp =~ s/!tanka!/comma($price)/ge;
$tmp =~ s/!gouka!/comma($kei)/ge;
$tmp =~ s/!memo!/$memo/g;
$body .= $tmp;
}

# ¾ÃÈñÀÇ
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

for ($head, $foot) {
s/!kei!/comma($kei)/ge;
s/!tax!/comma($tax1)/ge;
s/!tax_red!/comma($tax2)/ge;
s/!all!/comma($all)/ge;
s/!tax_per!/$cf{tax_per}/e;
s/!red_per!/$cf{red_per}/e;
s/!tar_tax1!/comma($tar)/ge;
s/!tar_tax2!/comma($red)/ge;
}

# ²èÌÌŸ³«
print "Content-type: text/html; charset=utf-8\n\n";
print $head, $body;

# ¥Õ¥Ã¥¿
footer($foot);
}

#-----------------------------------------------------------
# ³Îǧ²èÌÌ (Step2)
#-----------------------------------------------------------
sub conf_form {
# back°À­¥Á¥§¥Ã¥¯
chk_back($in{back});

# Çãʪ¾ðÊó¼èÆÀ
my ($cart,undef) = get_cookie();
if (@{$cart} == 0) { error("Çãʪ¾ðÊ󤬤¢¤ê¤Þ¤»¤ó"); }

# ÆþÎϳÎǧ
check_input();

# Ãíʸ¼Ô¾ðÊó¤ò¥¯¥Ã¥­¡¼³ÊǼ
my $cookie;
if ($in{cook} == 1) {
# ¸ÜµÒ¾ðÊó°Å¹æ²½
my @cust = encrypt_cust($in{name},$in{roman},$in{email},$in{zip},$in{pref},$in{addr},$in{romanaddr},$in{tel});


# ¥¯¥Ã¥­¡¼Êݸ
set_cookie(@cust);
}

# ºß¸Ëǧ¼±
my %zan = get_zan() if ($cf{stock});

# ¾¦Éʥǡ¼¥¿Ç§¼±
my %cart = get_data();

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# ÅÔÆ»Éܸ©/Á÷ÎÁ
my ($pref2,%pref);
my $postage = 0;
my ($pref,$postage) = split(/,/,${$cf{pref}}[$in{pref}]);
$pref{pref} = $pref;
if ($in{pref2} ne "") {
($pref2,$postage) = split(/,/,${$cf{pref}}[$in{pref2}]);
$pref{pref2} = $pref2;
}

# »ÙʧÊýË¡¤Î¼ê¿ôÎÁ
my ($pay,$cost) = split(/,/,${$cf{payment}}[$in{payment}]);

# Á÷ÎÁ¥µ¡¼¥Ó¥¹¥Õ¥é¥°
my $serv_flag = 0;

# ÇÛã»þ´Ö
my $deliv;
if ($in{date} ne '') { $deliv = "$in{date} "; }
if ($in{deli} ne '') { $deliv .= ${$cf{deli}}[$in{deli}]; }
if ($deliv eq '') { $deliv = '<br>'; }

# ͹ÊØÈÖ¹æ
$in{zip} =~ s/(\d{3})(\d{4})/$1-$2/;
$in{zip2} =~ s/(\d{3})(\d{4})/$1-$2/;

# ²þ¹ÔÉü¸µ
$in{addr} =~ s/\t/<br>/g;
$in{romanaddr} =~ s/\t/<br>/g;
$in{memo} =~ s/\t/<br>/g;

# ¥Æ¥ó¥×¥ì¡¼¥ÈÆɤ߹þ¤ß
open(IN,"$cf{tmpldir}/conf.html") or error("open err: conf.html");
my $tmpl = join('',<IN>);
close(IN);

# ÃÖ¤­´¹¤¨
$tmpl =~ s/!ses!/make_session()/e;
$tmpl =~ s/!([a-z]+_cgi)!/$cf{$1}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!back!/$in{back}/g;
$tmpl =~ s/!c_(\w+)!/$in{$1}/g;
$tmpl =~ s/!renraku!/$in{memo}/g;
$tmpl =~ s/!deliv!/$deliv/g;
$tmpl =~ s/!payment!/$pay/g;
$tmpl =~ s/!ses!/$in{ses}/g;

# ÀÇÂбþ
if (!$cf{tax_per}) { $tmpl =~ s|<!-- tax -->.+?<!-- /tax -->||s; }

# ¥Æ¥ó¥×¥ì¡¼¥Èʬ³ä
my ($head,$loop,$foot) = $tmpl =~ m|(.+)<!-- item -->(.+?)<!-- /item -->(.+)|s
? ($1,$2,$3)
: error("¥Æ¥ó¥×¥ì¡¼¥ÈÉÔÀµ");

# Çãʪ¥«¥´Å¸³«
my $all = 0;
my $red = 0;
my $gkei = 0;
my ($flg,$scode,$body);
for (@{$cart}) {
my ($id,$code,$num,@op) = split(/,/);
my (undef,$name,$price,$memo,$back,@ops) = split(/<>/,$cart{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¥ª¥×¥·¥ç¥ó½èÍý
my ($memo,@op2);
for my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $memo .= "[$nam]$op[$i] "; }
}

# °ú¿ô
my $hid = "$id;$code;$num";
for my $i (0 .. $#{$cf{options}}) {

# ÀµÅöÀ­¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
my $flg;
for my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
$hid .= ";$op[$i]";
}

# ¾®·×/Îß·×
my $kei = $price * $num;
$all += $kei;

# ·Ú¸ºÀÇΨ
if ($cf{tax_per} > 0 && defined $red{$code}) {
$red += $kei;
$memo .= "<br>" if ($memo ne '');
$memo .= "¡Ú·Ú¸ºÀÇΨÂоݡÛ";
}
if ($memo eq '') { $memo = '<br>'; }

# ½ñ¤­½Ð¤·
my $tmp = $loop;
$tmp =~ s/!code!/$code/g;
$tmp =~ s/!item!/$name/g;
$tmp =~ s/!num!/$num/g;
$tmp =~ s/!tanka!/comma($price)/ge;
$tmp =~ s/!gouka!/comma($kei)/ge;
$tmp =~ s/!memo!/$memo/g;
$body .= $tmp;

# ºß¸Ë¿ô¥Á¥§¥Ã¥¯
if ($cf{stock}) {
if ($zan{$code} - $num < 0) {
$scode = $code;
$flg++;
last;
}
}
}

# ºß¸ËÀÚ¤ì
if ($flg) {
my ($name) = (split(/<>/,$cart{$scode}))[1];
my $msg = "ÂçÊÑ¿½¤·Ìõ¤¢¤ê¤Þ¤»¤ó¡£¡Ö$name¡×¤Ïºß¸ËÀÚ¤ì¤Ç¤¹(ºß¸Ë¿ô:$zan{$scode})<br>\n";
$msg .= "¤¿¤Ã¤¿º£¡¢Â¾¤ÎÊý¤«¤é¤Î¹ØÆþ¤¬¤¢¤Ã¤¿¤è¤¦¤Ç¤¹\n";
error($msg);
}

# Á÷ÎÁ
if ($postage > 0) {
# Á÷ÎÁ¥µ¡¼¥Ó¥¹Í­¤ê
if ($cf{cari_serv} && $cf{cari_serv} <= $all) {
$postage = 0;
$serv_flag++;
}
}

# Á÷ÎÁ¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¾ì¹ç
if (!$serv_flag) { $all += $postage; }

# »Ùʧ¼ê¿ôÎÁ¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¾ì¹ç
if ($cost > 0) { $all += $cost; }

# ¼¡²èÌÌÍѥѥé¥á¡¼¥¿
my $hidden;
for (qw(payment date deli name roman email zip pref addr romanaddr tel memo)) {
my $val = $in{$_};
if ($_ eq 'addr' or $_ eq 'romanaddr' or $_ eq 'memo') {
$val =~ s|<br>|\t|g;
}
$hidden .= qq|<input type="hidden" name="$_" value="$val">\n|;
}

# ¾ÃÈñÀÇ
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

for ($head, $foot) {
s/!kei!/comma($kei)/ge;
s/!tax!/comma($tax1)/ge;
s/!tax_red!/comma($tax2)/ge;
s/!all!/comma($all)/ge;
s/!postage!/comma($postage)/ge;
s/!cost!/comma($cost)/ge;
s/!(pref2?)!/$pref{$1}/g;
s/<!-- hidden -->/$hidden/g;
s/!tax_per!/$cf{tax_per}/e;
s/!red_per!/$cf{red_per}/e;
s/!tar_tax1!/comma($tar)/ge;
s/!tar_tax2!/comma($red)/ge;

if ($in{deliv} == 1) {
s|<!-- deliv -->.+?<!-- /deliv -->||s;
}
}

# ²èÌÌŸ³«
print "Content-type: text/html; charset=utf-8\n\n";
print $head, $body;

# ¥Õ¥Ã¥¿
footer($foot);
}

#-----------------------------------------------------------
# ÃíʸÁ÷¿® (Step3)
#-----------------------------------------------------------
sub send_form {
# Çãʪ¾ðÊó¼èÆÀ
my ($cart,undef) = get_cookie();
if (@{$cart} == 0) { error("Çãʪ¾ðÊ󤬤¢¤ê¤Þ¤»¤ó"); }

# ÆþÎϳÎǧ
check_input();

# ²þ¹ÔÊÑ´¹
for ( keys %in ) {
if ($_ eq 'addr' or $_ eq 'romanaddr' or $_ eq 'memo') {
$in{$_} =~ s/\t+$//;
$in{$_} =~ s/\t/\n /g;
} else {
$in{$_} =~ s/\t//g;
}
}

# ºß¸Ëǧ¼±
my %zan = get_zan() if ($cf{stock});

# ·Ú¸ºÀÇΨ
my %red = read_redtax() if ($cf{tax_per} > 0);

# ¥Û¥¹¥È̾/»þ´Ö¤ò¼èÆÀ
my $host = get_host();
my ($time,$mdate) = get_time();
$in{time} = $time;
$in{host} = $host;

# ¥Ö¥é¥¦¥¶¾ðÊó
$in{agent} = $ENV{HTTP_USER_AGENT};
$in{agent} =~ s/[<>&"']//g;

# ÃíʸÈÖ¹æºÎÈÖ
open(DAT,"+< $cf{datadir}/num.dat") or error("open err: num.dat");
eval "flock(DAT,2);";
my $num = <DAT>;
seek(DAT,0,0);
print DAT ++$num;
truncate(DAT,tell(DAT));
close(DAT);

# ·å¿ôÄ´À°
$in{number} = sprintf("%06d",$num);

# ¥á¡¼¥ë·ï̾¤òMIME¥¨¥ó¥³¡¼¥É
require "lib/jacode.pl";
my $msub = mime_unstructured_header("¤´Ãíʸ¥á¡¼¥ë ($in{name}ÍÍ)");

# ¥á¡¼¥ë¥Ø¥Ã¥À¡¼ÄêµÁ
my $mhead = <<EOM;
Subject: $msub
Date: $mdate
MIME-Version: 1.0
Content-type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
X-Mailer: $cf{version}
EOM

# ¥Ç¡¼¥¿Æɤ߼è¤ê
my %cart = get_data();

# Çãʪ¥«¥´Å¸³«
my $all = 0;
my $red = 0;
my $i = 0;
$in{order} = '';
foreach (@{$cart}) {
my ($id,$code,$num,@op) = split(/,/);
my (undef,$name,$price,undef,undef,@ops) = split(/<>/,$cart{$code});

# ¥Á¥§¥Ã¥¯
$id =~ s/\D//g;
$code =~ s/\W//g;
$num =~ s/\D//g;

# ¾®·×
my $kei = $price * $num;
$all += $kei;

if ($cf{tax_per} > 0 && defined $red{$code}) { $red += $kei; }

# ºß¸Ë¥Á¥§¥Ã¥¯
if ($cf{stock}) {
if ($zan{$code} - $num < 0) {
my $msg = "ÂçÊÑ¿½¤·Ìõ¤¢¤ê¤Þ¤»¤ó¡£¡Ö$name¡×¤Ïºß¸ËÀÚ¤ì¤Ç¤¹(¸½ºß¤Îºß¸Ë¿ô:$zan{$code})<br>\n";
$msg .= "¤¿¤Ã¤¿º£¡¢Â¾¤ÎÊý¤«¤é¤Î¹ØÆþ¤¬¤¢¤Ã¤¿¤è¤¦¤Ç¤¹\n";
error($msg);
}
$zan{$code} -= $num;
}

# ñ²Á·×»»
$price = comma($price);
$kei = comma($kei);

$i++;
$in{order} .= "¡ü¤´ÃíʸÆâÍÆ$i\n";
$in{order} .= "¥³¡¼¥É : $code\n";
$in{order} .= "¾¦ÉÊ̾ : $name\n";

# ¥ª¥×¥·¥ç¥ó½èÍý
my @op2;
foreach my $i (0 .. $#{$cf{options}}) {
my ($key,$nam) = split(/,/,$cf{options}[$i]);
$op2[$i] = [split(/\s+/,$ops[$i])];

if ($op[$i] ne '') { $in{order} .= "[$nam] $op[$i]\n"; }
}
if ($cf{tax_per} > 0 && defined $red{$code}) { $in{order} .= "[·Ú¸ºÀÇΨÂоÝ]\n"; }

$in{order} .= "¶â ³Û : $price ¡ß $num = ¡ï$kei\n\n";

# ¥ª¥×¥·¥ç¥óÀµÅö¥Á¥§¥Ã¥¯
if ($cf{chk_ops} == 1) {
foreach my $i (0 .. $#{$cf{options}}) {
my $flg;
foreach my $opt (@{$op2[$i]}) {
if ($op[$i] eq $opt) {
$flg++;
last;
}
}
if ($op[$i] ne '' && !$flg) { error("°À­¤ÎÃͤ¬ÉÔÀµ¤Ç¤¹"); }
}
}
}
$in{order} =~ s/\n+$//;

# ¥»¥Ã¥·¥ç¥ó¥Á¥§¥Ã¥¯
check_session();

# ÇÛã»þ´Ö
$in{deliv} = '';
if ($in{date} ne '') {
$in{deliv} = "$in{date} ";
if ($in{deli} ne "") {
$in{deliv} .= " ${$cf{deli}}[$in{deli}]";
}
}

# ÅÔÆ»Éܸ©/Á÷ÎÁ
my ($pref,$pref2);
my $postage = 0;
my ($pref,$postage) = split(/,/,${$cf{pref}}[$in{pref}]);
$in{pref} = $pref;
if ($in{pref2} ne "") {
($pref2,$postage) = split(/,/,${$cf{pref}}[$in{pref2}]);
$in{pref2} = $pref2;
}

# »ÙʧÊýË¡¤Î¼ê¿ôÎÁ
my ($pay,$cost) = split(/,/,${cf{payment}}[$in{payment}]);
my $q_pay = $in{payment};
$in{payment} = $pay;

# ¸©ÊÌÁ÷ÎÁ
my $memo;
if ($postage > 0) {
# Á÷ÎÁ¥µ¡¼¥Ó¥¹Í­¤ê
$in{postage} = 0;
if ($cf{cari_serv} && $cf{cari_serv } <= $all) {
$in{postage} = $postage = 0;
$in{postage} .= ' (Á÷ÎÁ¥µ¡¼¥Ó¥¹)';

# Á÷ÎÁ¥µ¡¼¥Ó¥¹Ìµ¤·
} else {
$all += $postage;
$in{postage} = comma($postage);
}
}
if ($in{postage} eq '') { $in{postage} = 0; }

# »Ùʧ¼ê¿ôÎÁ
$in{cost} = 0;
if ($cost > 0) {
$all += $cost;
$in{cost} = comma($cost);
}

# ¾ÃÈñÀÇ
my ($kei,$tax1,$tax2,$all,$tar) = calc_tax($all,$red);

# ¥á¡¼¥ëËÜʸÍÑ
$in{kei} = comma($kei);
$in{all} = comma($all);
if ($cf{tax_per} == 0) {
$in{tax1} = $in{tax2} = "[ÆâÀÇ]";
} else {
$in{tax1} = comma($tax1) . "¡Ê$cf{tax_per}%ÂÐ¾Ý ¡ï" . comma($tar) . "¡Ë";
$in{tax2} = comma($tax2) . "¡Ê$cf{red_per}%ÂÐ¾Ý ¡ï" . comma($red) . "¡Ë";
}

# ¥á¡¼¥ëËÜʸ¥Æ¥ó¥×¥ì¡¼¥ÈÆɽСʴÉÍý¼Ô°¸¡Ë
open(IN,"$cf{tmpldir}/order.txt") or error("open err: order.txt");
my $body_ord = join('',<IN>);
close(IN);

# ¥ª¡¼¥À¡¼ËÜʸ¥Æ¥ó¥×¥ì¡¼¥ÈÆɽСÊÃíʸ¼Ô°¸¡Ë
open(IN,"$cf{tmpldir}/reply.txt") or error("open err: reply.txt");
my $body_rep = join('',<IN>);
close(IN);

# ʸ»úÃÖ¤­´¹¤¨
$body_ord =~ s/!(\w+)!/$in{$1}/g;
$body_rep =~ s/!(\w+)!/$in{$1}/g;

# ¥í¥°ÍÑ
my $log = $body_ord;

# ¥³¡¼¥ÉÊÑ´¹
my $tmp_body;
for my $tmp ( split(/\n/,$body_ord) ) {
jcode::convert(\$tmp,'jis','utf8');
$tmp_body .= "$tmp\n";
}
$body_ord = $tmp_body;

my $tmp_body;
for my $tmp ( split(/\n/,$body_rep) ) {
jcode::convert(\$tmp,'jis','utf8');
$tmp_body .= "$tmp\n";
}
$body_rep = $tmp_body;

# ¥¿¥°Éü¸µ
$body_ord = tag_chg($body_ord);
$body_rep = tag_chg($body_rep);

# sendmail¥³¥Þ¥ó¥ÉÄêµÁ
my $scmd1 = "$cf{sendmail} -t -i";
my $scmd2 = "$cf{sendmail} -t -i";
if ($cf{sendm_f} == 1) {
$scmd1 .= " -f $in{email}";
$scmd2 .= " -f $cf{master}";
}

# ´ÉÍý¼Ô¤ØÁ÷¿®
open(MAIL,"| $scmd1") or error("¥á¡¼¥ëÁ÷¿®¼ºÇÔ");
print MAIL "To: $cf{master}\n";
print MAIL "From: $in{email}\n";
print MAIL "$mhead\n";
print MAIL "$body_ord\n";
close(MAIL);

# Ãíʸ¼Ô¤ØÁ÷¿®
open(MAIL,"| $scmd2") or error("¥á¡¼¥ëÁ÷¿®¼ºÇÔ");
print MAIL "To: $in{email}\n";
print MAIL "From: $cf{master}\n";
print MAIL "$mhead\n";
print MAIL "$body_rep\n";
close(MAIL);

# Çãʪ¾ðÊó¤Î¥¯¥Ã¥­¡¼¾Ãµî
del_cookie();

# ºß¸Ë¿ô¹¹¿·
if ($cf{stock}) {
my @data;
while ( my ($id,$zan) = each %zan ) {
push(@data,"$id<>$zan<>\n");
}

open(OUT,"> $cf{datadir}/stock.dat") or error("write err: stock.dat");
eval "flock(OUT,2);";
print OUT @data;
close(OUT);
}

# ¥í¥°Êݸ
save_log($time,$in{number},$log);

# ¥Æ¥ó¥×¥ì¡¼¥ÈȽÊÌ
my $zeus_num;
my $tmplfile = "send.html";
# ¥¯¥ì¥¸¥Ã¥È
if (($cf{zeus_serv} == 1 && $q_pay == $#{$cf{payment}})
or ($cf{zeus_serv} == 2 && $q_pay == $#{$cf{payment}}-1)
or ($cf{zeus_serv} == 3 && $q_pay == $#{$cf{payment}}-1)
or ($cf{zeus_serv} == 4 && $q_pay == $#{$cf{payment}}-2)) {
$tmplfile = "send-credit.html";
$zeus_num = $cf{zeus_num};

# ¶ä¹Ô
} elsif (($cf{zeus_serv} == 2 && $q_pay == $#{$cf{payment}})
or ($cf{zeus_serv} == 4 && $q_pay == $#{$cf{payment}}-1)) {
$tmplfile = "send-bank.html";
$zeus_num = $cf{zeus_bip};

# ¥³¥ó¥Ó¥Ë
} elsif (($cf{zeus_serv} == 3 && $q_pay == $#{$cf{payment}})
or ($cf{zeus_serv} == 4 && $q_pay == $#{$cf{payment}})) {
$tmplfile = "send-conv.html";
$zeus_num = $cf{zeus_cip};
}

# ´°Î»²èÌÌ
open(IN,"$cf{tmpldir}/$tmplfile") or error("open err: $tmplfile");
my $tmpl = join('',<IN>);
close(IN);

# ʸ»úÃÖ´¹
$tmpl =~ s/!home!/$cf{home}/g;
$tmpl =~ s/!cmnurl!/$cf{cmnurl}/g;

# ¥¼¥¦¥¹ÍÑ
my $money = $all;
if ($cf{zeus_serv} > 0) {
$in{tel} =~ s/\D//g;

$tmpl =~ s/!zeus_num!/$zeus_num/g;
$tmpl =~ s/!money!/$money/g;
$tmpl =~ s/!tel!/$in{tel}/g;
$tmpl =~ s/!email!/$in{email}/g;
$tmpl =~ s/!sendid!/$in{number}/g;
}
$tmpl =~ s/!order_cgi!/$cf{order_cgi}/g;

# ɽ¼¨
print "Content-type: text/html; charset=utf-8\n\n";
footer($tmpl);
}

#-----------------------------------------------------------
# »þ´Ö¼èÆÀ
#-----------------------------------------------------------
sub get_time {
my ($sec,$min,$hour,$mday,$mon,$year,$wday) = (localtime(time))[0..6];

my @week = qw|Sun Mon Tue Wed Thu Fri Sat|;
my @mon = qw|Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec|;

# Æü»þ¥Õ¥©¡¼¥Þ¥Ã¥È
my $date = sprintf("%04d/%02d/%02d(%s) %02d:%02d:%02d",
$year+1900,$mon+1,$mday,$week[$wday],$hour,$min,$sec);

# ¥á¡¼¥ëÍÑ¥Õ¥©¡¼¥Þ¥Ã¥È
my $mdate = sprintf("%s, %02d %s %04d %02d:%02d:%02d",
$week[$wday],$mday,$mon[$mon],$year+1900,$hour,$min,$sec) . " +0900";

return ($date,$mdate);
}

#-----------------------------------------------------------
# ¥Û¥¹¥È̾¼èÆÀ
#-----------------------------------------------------------
sub get_host {
my $host = $ENV{REMOTE_HOST};
my $addr = $ENV{REMOTE_ADDR};

if ($cf{gethostbyaddr} && ($host eq "" || $host eq $addr)) {
$host = gethostbyaddr(pack("C4", split(/\./, $addr)), 2);
}
$host ||= $addr;

return $host;
}

#-----------------------------------------------------------
# ¥í¥°Êݸ
#-----------------------------------------------------------
sub save_log {
my ($date,$num,$log) = @_;

# ²þ¹ÔÃÖ¤­´¹¤¨
$log =~ s/\n/\t/g;
$log =~ s/ +/ /g;

# ¥í¥°¥Õ¥¡¥¤¥ë̾¤òÄêµÁ
my $file = ($date =~ /^(\d{4})\/(\d{2})/) && "$1$2.cgi";

# ¸ºß¥Á¥§¥Ã¥¯
my $flg;
if (-e "$cf{datadir}/log/$file") { $flg++; }

# ¥í¥°Äɲýñ¤­¹þ¤ß
open(DAT,">> $cf{datadir}/log/$file") or error("write err: $file");
eval "flock(DAT, 2);";
print DAT "$date<>$num<>$log\n";
close(DAT);

# ¿·µ¬À¸À®¤Î¾ì¹ç¤Ï¥Ñ¡¼¥ß¥Ã¥·¥ç¥óÉÕÍ¿
chmod(0666, "$cf{datadir}/log/$file") if (!$flg);
}

#-----------------------------------------------------------
# ÆþÎÏ¥Á¥§¥Ã¥¯
#-----------------------------------------------------------
sub check_input {
# ²þ¹ÔËöÈø¤ò¥«¥Ã¥È
$in{addr} =~ s/\t+$//g;
$in{romanaddr} =~ s/\t+$//g;
$in{memo} =~ s/\t+$//g;

# ÆþÎϳÎǧ
my %er;
if ($in{payment} eq '') { $er{payment} = '»ÙʧÊýË¡¤¬Ì¤ÁªÂò¤Ç¤¹'; }
if ($in{date} ne '') {
if ($in{date} =~ m|^(\d+)/(\d+)/(\d+)|) {
my ($yr,$mon,$day) = ($1,$2,$3);
my ($d,$m,$y) = (localtime())[3..5];
my $date = sprintf("%04d%02d%02d",$y+1900,$m+1,$d);
if ("$yr$mon$day" < $date) { $er{date} = 'ÇÛãÆü¤Ïº£Æü°Ê¹ß¤ò»ØÄꤷ¤Æ¤¯¤À¤µ¤¤'; }
} else {
$er{date} = 'ÇÛãÆü¤Ï¡Öǯ/·î/Æü¡×¤ÇÆþÎϤ·¤Æ¤¯¤À¤µ¤¤';
}
}
if ($in{name} eq '') { $er{name} = '̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{roman} eq '') { $er{roman} = '¥í¡¼¥Þ»ú̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{email} !~ /^[\w\.\-]+\@[\w\.\-]+\.[a-zA-Z]{2,6}$/) { $er{email} = 'ÅŻҥ᡼¥ë¤ÎÆþÎϤ¬ÉÔÀµ¤Ç¤¹'; }
if ($in{zip} !~ /^\d{3}-?\d{4}$/) { $er{zip} = '͹ÊØÈÖ¹æ¤Ï¡Ö¿ô»ú7·å¡×¤«¡Ö¿ô»ú3·å-4·å¡×¤Ç¤¹'; }
if ($in{pref} eq '' or $in{addr} eq '') { $er{addr} = '½»½ê¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{pref} eq '' or $in{romanaddr} eq '') { $er{romanaddr} = '¥í¡¼¥Þ»ú½»½ê¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{tel} eq '') { $er{tel} = 'ÅÅÏÃÈֹ椬̤ÆþÎϤǤ¹'; }
if ($in{deliv} == 2) {
if ($in{name2} eq '') { $er{name2} = 'ÇÛÁ÷Àè¤Î̾Á°¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{zip2} !~ /^\d{3}-?\d{4}$/) { $er{zip2} = 'ÇÛÁ÷Àè¤Î͹ÊØÈÖ¹æ¤Ï¡Ö¿ô»ú7·å¡×¤«¡Ö¿ô»ú3·å-4·å¡×¤Ç¤¹'; }
if ($in{pref2} eq '' or $in{addr2} eq '') { $er{addr2} = 'ÇÛÁ÷Àè¤Î½»½ê¤¬Ì¤ÆþÎϤǤ¹'; }
if ($in{tel2} eq '') { $er{tel2} = 'ÇÛÁ÷Àè¤ÎÅÅÏÃÈֹ椬̤ÆþÎϤǤ¹'; }
} else {
$in{name2} = $in{kana2} = $in{zip2} = $in{addr2} = $in{pref2} = $in{tel2} = $in{fax2} = '';
}
if (%er != 0) { addr_form(%er); }
}

#-----------------------------------------------------------
# ¥¿¥°Éü¸µ
#-----------------------------------------------------------
sub tag_chg {
local($_) = @_;

s/&lt;/</g;
s/&gt;/>/g;
s/&quot;/"/g;
s/&amp;/&/g;
$_;
}

#-----------------------------------------------------------
# ¸ÜµÒ¾ðÊó°Å¹æ²½
#-----------------------------------------------------------
sub encrypt_cust {
my @cust = @_;

my @ret;
foreach (@cust) {
my $encrypt = RC4($cf{passphrase}, $_);
$encrypt =~ s/(.)/unpack('H2', $1)/eg;

push(@ret,$encrypt);
}
return @ret;
}

#-----------------------------------------------------------
# ¸ÜµÒ¾ðÊóÉü¹æ²½
#-----------------------------------------------------------
sub decrypt_cust {
my @cust = @_;

my @ret;
foreach (@cust) {
s/([0-9A-Fa-f]{2})/pack('H2', $1)/eg;
my $decrypt = RC4($cf{passphrase}, $_);
$decrypt =~ s/[&"'<>]//g;

push(@ret,$decrypt);
}
return @ret;
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼¾Ãµî
#-----------------------------------------------------------
sub del_cookie {
print "Set-Cookie: $cf{cookie_cart}=; expires=Thu, 01-Jan-1970 00:00:00 GMT;\n";
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼È¯¹Ô
#-----------------------------------------------------------
sub set_cookie {
my @data = @_;

my ($sec,$min,$hour,$mday,$mon,$year,$wday,undef,undef) = gmtime(time + 60*24*60*60);
my @mon = qw|Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec|;
my @week = qw|Sun Mon Tue Wed Thu Fri Sat|;

# »þ¹ï¥Õ¥©¡¼¥Þ¥Ã¥È
my $gmt = sprintf("%s, %02d-%s-%04d %02d:%02d:%02d GMT",
$week[$wday],$mday,$mon[$mon],$year+1900,$hour,$min,$sec);

# URL¥¨¥ó¥³¡¼¥É
my $cook;
foreach (@data) {
s/(\W)/sprintf("%%%02X", unpack("C", $1))/eg;
$cook .= "$_<>";
}

print "Set-Cookie: $cf{cookie_cust}=$cook; expires=$gmt;";
print " secure" if ($cf{ssl_cookie});
print "\n";
}

#-----------------------------------------------------------
# ¥¯¥Ã¥­¡¼¼èÆÀ
#-----------------------------------------------------------
sub get_cookie {
# ¥¯¥Ã¥­¡¼¼èÆÀ
my $cook = $ENV{HTTP_COOKIE};

# ³ºÅöID¤ò¼è¤ê½Ð¤¹
my %cook;
for ( split(/;/,$cook) ) {
my ($key,$val) = split(/=/);
$key =~ s/\s//g;
$cook{$key} = $val;
}

# URL¥Ç¥³¡¼¥É
my (@cart,@cook);
for ( split(/<>/,$cook{$cf{cookie_cart}}) ) {
s/%([0-9A-Fa-f][0-9A-Fa-f])/pack("H2",$1)/eg;
s/[&"'<>]//g;

push(@cart,$_);
}
for ( split(/<>/,$cook{$cf{cookie_cust}}) ) {
s/%([0-9A-Fa-f][0-9A-Fa-f])/pack("H2",$1)/eg;
s/[&"'<>]//g;

push(@cook,$_);
}
return (\@cart,\@cook);
}

#-----------------------------------------------------------
# ºß¸Ë¿ôǧ¼±
#-----------------------------------------------------------
sub get_zan {
my %zan;
open(IN,"$cf{datadir}/stock.dat") or error("open err: stock.dat");
while (<IN>) {
my ($id,$zan) = split(/<>/);
$zan{$id} = $zan;
}
close(IN);

return %zan;
}

#-----------------------------------------------------------
# ¥»¥Ã¥·¥ç¥óºîÀ®
#-----------------------------------------------------------
sub make_session {
# À¸À®
my @wd = (0 .. 9, 'a' .. 'z', 'A' .. 'Z', '_');
my $ses;
for (1 .. 25) { $ses .= $wd[int(rand(@wd))]; }

# ¹¹¿·
my $now = time;
open(DAT,">> $cf{datadir}/ses.dat") or error("write err: ses.dat");
eval "flock(DAT,2);";
print DAT "$now\t$ses\n";
close(DAT);

return $ses;
}

#-----------------------------------------------------------
# ¥»¥Ã¥·¥ç¥ó³Îǧ
#-----------------------------------------------------------
sub check_session {
my $now = time;
my ($flg,@log);
open(DAT,"+< $cf{datadir}/ses.dat") or error("open err: ses.dat");
eval "flock(DAT,2);";
while(<DAT>) {
chomp;
my ($time,$id) = split(/\t/);
next if ($now - $time > 3600); # 60ʬ°Ê¾å¤Ï¥¹¥­¥Ã¥×

if ($in{ses} eq $id) {
$flg++;
next;
}
push(@log,"$_\n");
}
seek(DAT,0,0);
print DAT @log;
truncate(DAT,tell(DAT));
close(DAT);

if (!$flg) {
my $msg = "²èÌÌɽ¼¨¸å°ìÄê»þ´Ö¤¬·Ð²á¤·¤¿¤¿¤á¡¢²¼µ­¤Î¥ê¥ó¥¯¤«¤éºÆÅÙ¤ä¤êľ¤·¤Æ¤¯¤À¤µ¤¤\n";
$msg .= qq|<p><a href="$cf{order_cgi}?mode=addr&amp;back=$in{back}">Ãíʸ¼Ô¾ðÊóÆþÎÏ</a></p>\n|;
error($msg);
}
}

#-----------------------------------------------------------
# mime¥¨¥ó¥³¡¼¥É
# [quote] http://www.din.or.jp/~ohzaki/perl.htm#JP_Base64
#-----------------------------------------------------------
sub mime_unstructured_header {
my $oldheader = shift;
jcode::convert(\$oldheader,'euc','utf8');
my ($header,@words,@wordstmp,$i);
my $crlf = $oldheader =~ /\n$/;
$oldheader =~ s/\s+$//;
@wordstmp = split /\s+/, $oldheader;
for ($i = 0; $i < $#wordstmp; $i++) {
if ($wordstmp[$i] !~ /^[\x21-\x7E]+$/ and
$wordstmp[$i + 1] !~ /^[\x21-\x7E]+$/) {
$wordstmp[$i + 1] = "$wordstmp[$i] $wordstmp[$i + 1]";
} else {
push(@words, $wordstmp[$i]);
}
}
push(@words, $wordstmp[-1]);
foreach my $word (@words) {
if ($word =~ /^[\x21-\x7E]+$/) {
$header =~ /(?:.*\n)*(.*)/;
if (length($1) + length($word) > 76) {
$header .= "\n $word";
} else {
$header .= $word;
}
} else {
$header = add_encoded_word($word, $header);
}
$header =~ /(?:.*\n)*(.*)/;
if (length($1) == 76) {
$header .= "\n ";
} else {
$header .= ' ';
}
}
$header =~ s/\n? $//mg;
$crlf ? "$header\n" : $header;
}
sub add_encoded_word {
my ($str, $line) = @_;
my $result;
my $ascii = '[\x00-\x7F]';
my $twoBytes = '[\x8E\xA1-\xFE][\xA1-\xFE]';
my $threeBytes = '\x8F[\xA1-\xFE][\xA1-\xFE]';
while (length($str)) {
my $target = $str;
$str = '';
if (length($line) + 22 +
($target =~ /^(?:$twoBytes|$threeBytes)/o) * 8 > 76) {
$line =~ s/[ \t\n\r]*$/\n/;
$result .= $line;
$line = ' ';
}
while (1) {
my $encoded = '=?ISO-2022-JP?B?' .
b64encode(jcode::jis($target,'euc','z')) . '?=';
if (length($encoded) + length($line) > 76) {
$target =~ s/($threeBytes|$twoBytes|$ascii)$//o;
$str = $1 . $str;
} else {
$line .= $encoded;
last;
}
}
}
$result . $line;
}
# [quote] http://www.tohoho-web.com/perl/encode.htm
sub b64encode {
my $buf = shift;
my ($mode,$tmp,$ret);
my $b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
. "abcdefghijklmnopqrstuvwxyz"
. "0123456789+/";

$mode = length($buf) % 3;
if ($mode == 1) { $buf .= "\0\0"; }
if ($mode == 2) { $buf .= "\0"; }
$buf =~ s/(...)/{
$tmp = unpack("B*", $1);
$tmp =~ s|(......)|substr($b64, ord(pack("B*", "00$1")), 1)|eg;
$ret .= $tmp;
}/eg;
if ($mode == 1) { $ret =~ s/..$/==/; }
if ($mode == 2) { $ret =~ s/.$/=/; }

return $ret;
}

µ­»öNo¡§ 16818
Åê¹ÆÆü¡§ 2022/04/22(Fri) 08:53:12
¥¿¥¤¥È¥ë¡§ ¶Ø»ß¤µ¤ì¤Æ¤¤¤ë¹Ô°Ù¤Ç¤¹!
ID¾ðÊó¡§ passerby
Åê¹Æ¼Ô¡§ Ä̤ꤹ¤¬¤ê

CGI¥×¥í¥°¥é¥à¤Î´Ý¤´¤ÈŽ¤êÉÕ¤±¤Ï¶Ø»ß¤µ¤ì¤Æ¤¤¤ë¹Ô°Ù¤Ç¤¹¡£
¡Ö.txt¡×¥Õ¥¡¥¤¥ë¤ËÊÑ´¹¤·¤Æ¥µ¡¼¥Ð¡¼¤Ëup¤·¡¢¤½¤Î¥¢¥É¥ì¥¹¤òµ­ºÜ¤·¤Æ²¼¤µ¤¤¡£

µ­»öNo¡§ 16819
Åê¹ÆÆü¡§ 2022/04/22(Fri) 12:13:18
¥¿¥¤¥È¥ë¡§ html¤ËºÜ¤»¤ë¤Èʸ»ú²½¤±¤·¤Á¤ã¤¤¤Þ¤¹
ID¾ðÊó¡§ tmhk0722
Åê¹Æ¼Ô¡§ tomo
URL¡§ http://bodyvine.sakura.ne.jp/cgi.html

¤É¤¦¤ä¤Ã¤Æ¸ø³«¤¹¤ì¤ÐÎɤ¤¤Ç¤·¤ç¤¦¤«¡Ä
¤¹¤ß¤Þ¤»¤ó¡Ä

µ­»öNo¡§ 16820
Åê¹ÆÆü¡§ 2022/04/22(Fri) 12:20:55
¥¿¥¤¥È¥ë¡§ Re: html¤ËºÜ¤»¤ë¤Èʸ»ú²½¤±¤·¤Á¤ã¤¤¤Þ¤¹
ID¾ðÊó¡§ passerby
Åê¹Æ¼Ô¡§ Ä̤ꤹ¤¬¤ê

> ¤É¤¦¤ä¤Ã¤Æ¸ø³«¤¹¤ì¤ÐÎɤ¤¤Ç¤·¤ç¤¦¤«¡Ä
> ¤¹¤ß¤Þ¤»¤ó¡Ä

No.16818¤Îµ­»ö¤òÆɤßÊÖ¤·¤Æ²¼¤µ¤¤¡£
²óÅú¤Ï¤½¤³¤Ëµ­ºÜ¤·¤Þ¤·¤¿¡£


¤â¤¦°ìÅÙ¸À¤¦¤È¡¢
³ÈÄ¥»Ò¡Ö.cgi¡×¥Õ¥¡¥¤¥ë¤ò³ÈÄ¥»Ò¡Ö.txt¡×¤ËÊÑ´¹¤·¤Æ
¥µ¡¼¥Ð¡¼¤Ëup¤·¤Æ¡¢¤½¤Î¥¢¥É¥ì¥¹(URL)¤òµ­ºÜ¤·¤Æ²¼¤µ¤¤¡£

¢¨¥¨¥Ç¥£¥¿¡¼¤Çcgi¥Õ¥¡¥¤¥ë¤ò³«¤­¡¢¡Ö̾Á°¤ò¤Ä¤±¤ÆÊݸ¡×¤Ë¤¢¤ë
¥Õ¥¡¥¤¥ë¤Î¼ïÎà¤ò¥Æ¥­¥¹¥È¤òÁªÂò¤·¤ÆÊݸ¤·¤Þ¤¹¡£

µ­»öNo¡§ 16821
Åê¹ÆÆü¡§ 2022/04/22(Fri) 12:32:46
¥¿¥¤¥È¥ë¡§ Re^2: html¤ËºÜ¤»¤ë¤Èʸ»ú²½¤±¤·¤Á¤ã¤¤¤Þ¤¹
ID¾ðÊó¡§ tmhk0722
Åê¹Æ¼Ô¡§ tomo
URL¡§ http://bodyvine.sakura.ne.jp/cgi.html

¤´Ãé¹ð¡õ¤´ÀâÌÀ¡¢¤¢¤ê¤¬¤È¤¦¤´¤¶¤¤¤Þ¤¹¡£
̵»ö¡¢½¤Àµ¤Ç¤­¤Þ¤·¤¿¡£
¤³¤³¤ÇDL¤·¤¿¥Ç¡¼¥¿¤Ê¤Î¤Ç¡¢Å½¤êÉÕ¤±¤¬¶Ø»ß¤µ¤ì¤Æ¤¤¤ë¤È¤Ï»×¤¤¤Þ¤»¤ó¤Ç¤·¤¿¡£
ÂçÊѼºÎ餷¤Þ¤·¤¿¡£°Ê¸å¡¢µ¤¤òÉÕ¤±¤Þ¤¹¡£

º£¸å¤ÎÊýã¤Î¤¿¤á¤Ë¤âµ­ºÜ¤µ¤»¤Æĺ¤¯¤È¡¢
2022/04/05(Tue) 13:59:37¤ËhirayamaÍͤ¬Â¾¤ÎÊý¤Ë¥¢¥É¥Ð¥¤¥¹¤µ¤ì¤Æ¤¤¤¿
order.cgi 525¹ÔÌܤÎ
require "lib/jacode.pl";
¤ò
require "./lib/jacode.pl";
¤ÈÊѹ¹¤·¤Æ¤ß¤Æ¤¯¤À¤µ¤¤¡£
¤È¤¤¤¦Éôʬ¤¬»ä¤âƱ¤¸¤Ç¤·¤¿¡£

[¸¡º÷¥Ú¡¼¥¸]