#! /usr/local/bin/perl use strict; use warnings; use lib qw(./lib); use CGI; use CGI::Session; use utf8; use Encode; use Unicode::Japanese; use Data::Dumper; my $mail = 'sunnet@sun-net.cc'; my @mailto = ( 'sunnet@sun-net.cc', 'yamamoto@sun-net.cc', 'allegro2015@i.softbank.jp', 'kameya@aone-web.net', 'kanno@aone-web.net' ); my $password = 'rule110'; my $session_dir = 'private/.session'; my $cookie_name = 'jitensha'; my $cookie_path = '/rule'; my $sendmail = '/usr/sbin/sendmail'; my $rate = '0'; # 消費税（％） my $hontai = '100'; # 価格 $CGI::POST_MAX = 10 * 1024 * 1024; my $query = CGI->new(); # ログイン状態のチェック my $logged = &login_check(); if ( defined $logged ) { my $mode = $query->param('mode') || undef; # フォームの処理 if ( defined $mode ) { if ( $mode eq 'confirm' ) { &form('confirm'); } elsif ( $mode eq 'send' ) { &mailsend(); } elsif ( $mode eq 'finish' ) { &finish(); } else { &form(); } } else { &form(); } } else { # ログインフォーム &login(); } exit; sub html_header { my $title = '申し込みログインページ'; if ( defined $logged ) { $title = '申し込みフォーム'; } my $html = qq| 「自転車交通ルールを学ぼう！」（合本）$title｜自転車駐車場整備センター

「自転車交通ルールを学ぼう！」（合本）
$title

|; if ( !defined $logged ) { $html .= '

受付期間は終了しました。

'; } $html .= qq|

|; return $html; } sub html_footer { my $html = qq|

|; return $html; } sub login { my $contents = qq|

|; # 20200120 受付終了に伴いログインを封鎖 $contents = ''; $contents = &html_header . $contents; $contents .= &html_footer; $contents = Encode::encode( 'utf8', $contents ); print $query->header( -charset => 'utf8' ); print $contents; exit; } sub form { my $mode = shift; my $number = $query->param('number') || undef; if ( defined $mode && !defined $number ) { &error('冊数を入力して下さい。'); } if ( defined $mode && $number !~ /^\d+$/ ) { &error('冊数は半角数字で入力して下さい。'); } $number = Encode::decode_utf8($number) if defined $number; $number = &xss($number) if defined $number; my $use = $query->param('use') || undef; if ( defined $mode && ( !defined $use || $use eq '' ) ) { &error('使用目的を入力して下さい。'); } $use = Encode::decode_utf8($use) if defined $use; $use = &xss($use) if defined $use; my $company = $query->param('company') || undef; if ( defined $mode && !defined $company ) { $company = ''; } $company = Encode::decode_utf8($company) if defined $company; $company = &xss($company) if defined $company; if ( defined $mode && !defined $company ) { &error('団体名を入力して下さい。'); } my $section = $query->param('section') || undef; # if ( defined $mode && !defined $section ) { $section = ''; } $section = Encode::decode_utf8($section) if defined $section; $section = &xss($section) if defined $section; if ( defined $mode && !defined $section ) { &error('部署名を入力して下さい。'); } my $name1 = $query->param('name1') || undef; my $name2 = $query->param('name2') || undef; if ( defined $mode && ( !defined $name1 || !defined $name2 ) ) { &error('ご担当者姓名を入力して下さい。'); } $name1 = Encode::decode_utf8($name1) if defined $name1; $name1 = &xss($name1) if defined $name1; $name2 = Encode::decode_utf8($name2) if defined $name2; $name2 = &xss($name2) if defined $name2; my $name3 = $query->param('name3') || ''; my $name4 = $query->param('name4') || ''; $name3 = Encode::decode_utf8($name3) if defined $name3; $name3 = &xss($name3) if defined $name3; $name4 = Encode::decode_utf8($name4) if defined $name4; $name4 = &xss($name4) if defined $name4; my $zipcode = $query->param('zipcode') || undef; my $pref = $query->param('pref') || undef; my $address = $query->param('address') || undef; my $building = $query->param('building') || undef; if ( defined $mode && ( !defined $zipcode || !defined $pref || !defined $address ) ) { &error('所在地を入力して下さい。'); } $zipcode = Encode::decode_utf8($zipcode); $zipcode = &xss($zipcode) if defined $zipcode; $pref = Encode::decode_utf8($pref); $pref = &xss($pref) if defined $pref; $address = Encode::decode_utf8($address) if defined $address; $address = &xss($address) if defined $address; $building = Encode::decode_utf8($building) if defined $building; $building = &xss($building) if defined $building; my $tel = $query->param('tel') || undef; if ( defined $mode && !defined $tel ) { &error('電話番号を入力して下さい。'); } $tel = Encode::decode_utf8($tel) if defined $tel; $tel = &xss($tel) if defined $tel; my $mail = $query->param('mail') || undef; if ( defined $mode && !defined $mail ) { &error('メールアドレスを入力して下さい。'); } $mail = Encode::decode_utf8($mail) if defined $mail; $mail = &xss($mail) if defined $mail; my $shipping_company = $query->param('shipping_company') || undef; if ( defined $mode && !defined $shipping_company ) { $shipping_company = ''; } $shipping_company = Encode::decode_utf8($shipping_company) if defined $shipping_company; $shipping_company = &xss($shipping_company) if defined $shipping_company; my $shipping_section = $query->param('shipping_section') || undef; if ( defined $mode && !defined $shipping_section ) { $shipping_section = ''; } $shipping_section = Encode::decode_utf8($shipping_section) if defined $shipping_section; $shipping_section = &xss($shipping_section) if defined $shipping_section; my $shipping_name1 = $query->param('shipping_name1') || undef; my $shipping_name2 = $query->param('shipping_name2') || undef; $shipping_name1 = Encode::decode_utf8($shipping_name1) if defined $shipping_name1; $shipping_name1 = &xss($shipping_name1) if defined $shipping_name1; $shipping_name2 = Encode::decode_utf8($shipping_name2) if defined $shipping_name2; $shipping_name2 = &xss($shipping_name2) if defined $shipping_name2; my $shipping_name3 = $query->param('shipping_name3') || undef; my $shipping_name4 = $query->param('shipping_name4') || undef; $shipping_name3 = Encode::decode_utf8($shipping_name3) if defined $shipping_name3; $shipping_name3 = &xss($shipping_name3) if defined $shipping_name3; $shipping_name4 = Encode::decode_utf8($shipping_name4) if defined $shipping_name4; $shipping_name4 = &xss($shipping_name4) if defined $shipping_name4; my $shipping_zipcode = $query->param('shipping_zipcode') || undef; my $shipping_pref = $query->param('shipping_pref') || undef; my $shipping_address = $query->param('shipping_address') || undef; my $shipping_building = $query->param('shipping_building') || undef; $shipping_zipcode = Encode::decode_utf8($shipping_zipcode); $shipping_zipcode = &xss($shipping_zipcode) if defined $shipping_zipcode; $shipping_pref = Encode::decode_utf8($shipping_pref); $shipping_pref = &xss($shipping_pref) if defined $shipping_pref; $shipping_address = Encode::decode_utf8($shipping_address) if defined $shipping_address; $shipping_address = &xss($shipping_address) if defined $shipping_address; $shipping_building = Encode::decode_utf8($shipping_building) if defined $shipping_building; $shipping_building = &xss($shipping_building) if defined $shipping_building; my $shipping_tel = $query->param('shipping_tel') || undef; $shipping_tel = Encode::decode_utf8($shipping_tel) if defined $shipping_tel; $shipping_tel = &xss($shipping_tel) if defined $shipping_tel; my $shipping_flag; if ( ( defined $shipping_company && $shipping_company ne '' ) || ( defined $shipping_name1 && $shipping_name1 ne '' ) || ( defined $shipping_name2 && $shipping_name2 ne '' ) || ( defined $shipping_name3 && $shipping_name3 ne '' ) || ( defined $shipping_name4 && $shipping_name4 ne '' ) || ( defined $shipping_zipcode && $shipping_zipcode ne '' ) || ( defined $shipping_pref && $shipping_pref ne '' ) || ( defined $shipping_address && $shipping_address ne '' ) || ( defined $shipping_building && $shipping_building ne '' ) || ( defined $shipping_tel && $shipping_tel ne '' ) ) { $shipping_flag = 1; } my $message = $query->param('message') || ''; $message = Encode::decode_utf8($message) if defined $message; $message = &xss($message) if defined $message; my $contents; if ( !defined $mode ) { $contents = qq|

申込に関して
1冊100円（税込）
※基本的には10冊単位でのお申込みです。難しいようでしたら、下記フォーム内よりご相談ください。また、お電話でのご相談も受付けてあります。(有)サン・ネット　TEL.03-3269-6696 まで。なお、送料は無料です。
申込期限
令和元年12月27日（金）24時締切

好評につき申込期間を延長します。
増刷しておりますので注文からお届けまで暫くお時間をいただきます。
送金先口座
三菱UFJ銀行　本店
（普通）７６５０８７４
（名義　公益財団法人自転車駐車場整備センター）
お届けの予定時期
ご入金いただいてから1か月程度を目安としております。
お申込みに関する問合せ先
（有）サン・ネット　03-3269-6696
〒162-0808　東京都新宿区天神町22-3　ルート神楽坂5F

|; } $contents .= qq|

|; $contents .= qq|

お申し込みフォーム

|; if ( !defined $mode ) { $contents .= qq|

はじめに…
下記にメールアドレスをご記入ください。自動返信メールが届きます。
sun-net.ccのドメインが受信できるように設定をお願いします。
自動返信メールが届かない場合は上記電話番号からお問い合わせ下さい。

|; } $contents .= qq|

メールアドレス（必須）	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $mail \|; } $contents .= qq\|

|; # 1. 機関・団体名、所在地、電話番号、所属部署、ご担当者 ────────────────────────────────────────── $contents .= qq|

1. 機関・団体名、所在地、電話番号、所属部署、ご担当者

団体名（必須）	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $company \|; } $contents .= qq\|
部署名（必須）	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $section \|; } $contents .= qq\|
所在地（必須）	\|; if ( !defined $mode ) { $contents .= qq\| 〒市区町村以下マンション・ビル名 \|; } else { $contents .= qq\| 〒 $zipcode $pref $address $building \|; } $contents .= qq\|
ご連絡先電話番号（必須）	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $tel \|; } $contents .= qq\|
ご担当者様（必須）	\|; if ( !defined $mode ) { $contents .= qq\| 所属部課姓名 \|; } else { $contents .= qq\| 所属 ${name3}部 ${name4}課 $name1 $name2 \|; } $contents .= qq\|

|; # 2. 希望冊数 ────────────────────────────────────────── $contents .= qq|

2. 希望冊数

ご希望冊数（必須）	\|; if ( !defined $mode ) { $contents .= qq\| 冊　※半角数字 \|; } else { $contents .= qq\| $number 冊 \|; } $contents .= qq\|
使用目的（必須）	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $use \|; } $contents .= qq\|

|; # 3. 配送先 ────────────────────────────────────────── $contents .= qq|

3. 配送先
|; if ( !defined $mode ) { $contents .= qq| 配送先が上記１と異なる場合のみご記入ください。 |; } if ( defined $mode && !defined $shipping_flag ) { $contents .= qq| 上記１と同一場所 |; } $contents .= qq|

|; if ( !defined $mode || ( defined $mode && defined $shipping_flag ) ) { $contents .= qq| |; $contents .= qq| |; $contents .= qq| |; $contents .= qq| |; $contents .= qq| |; $contents .= qq| |; $contents .= qq|

団体名	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $shipping_company \|; } $contents .= qq\|
部署名	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $shipping_section \|; } $contents .= qq\|
所在地	\|; if ( !defined $mode ) { $contents .= qq\| 〒市区町村以下マンション・ビル名 \|; } else { $contents .= qq\| 〒 $shipping_zipcode $shipping_pref $shipping_address $shipping_building \|; } $contents .= qq\|
ご連絡先電話番号	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { $contents .= qq\| $shipping_tel \|; } $contents .= qq\|
ご担当者様	\|; if ( !defined $mode ) { $contents .= qq\| 所属部課姓名 \|; } else { $contents .= qq\| 所属 ${shipping_name3}部 ${shipping_name4}課 $shipping_name1 $shipping_name2 \|; } $contents .= qq\|

|; } # 4. お問い合わせ ────────────────────────────────────────── $contents .= qq|

4. お問い合わせ

お問い合わせ内容	\|; if ( !defined $mode ) { $contents .= qq\| \|; } else { my $view_message = $message; $view_message =~ s/\n/ /g; $contents .= qq\| $view_message \|; } $contents .= qq\|

|; if ( defined $mode ) { my $price = $number * $hontai; my $tax = $price / 100 * $rate; my $total = $price + $tax; ( my $view_price = $price ) =~ s/(\d{1,3})(?=(?:\d{3})+(?!\d))/$1,/g; ( my $view_total = $total ) =~ s/(\d{1,3})(?=(?:\d{3})+(?!\d))/$1,/g; ( my $view_tax = $tax ) =~ s/(\d{1,3})(?=(?:\d{3})+(?!\d))/$1,/g; $contents .= qq|

合計金額：${view_total}円
内訳
本体価格：${view_price}円送料：0円　※送料は無料ですが、振込手数料をご負担ください。

|; } $contents .= qq|

|; if ( !defined $mode ) { $contents .= qq| |; } else { $contents .= qq| |; } $contents .= qq|

送信完了しました。お申し込みトップに戻る

$message

|; $contents = &html_header . $contents; $contents .= &html_footer; $contents = Encode::encode( 'utf8', $contents ); print $query->header( -charset => 'utf8' ); print $contents; exit; } sub xss { my $value = shift; $value =~ s/&/&/g; $value =~ s//>/g; $value =~ s/\"/"/g; $value =~ s/\'/'/g; return ($value); } sub xss_rtn { my $value = shift; $value =~ s/&/&/g; $value =~ s/<//g; $value =~ s/"/\"/g; $value =~ s/'/\'/g; return ($value); } sub login_check { # クッキーからログイン情報を取得する my $sid = $query->cookie( -name => "$cookie_name" ) || undef; if ( defined $sid ) { my $session = CGI::Session->new( undef, $sid, { Directory => $session_dir } ); if ( $sid ne $session->id ) { $sid = undef; $session->delete; } $session->close(); if ( defined $sid ) { return $sid; } } # フォームからの入力をチェックする my $pass = $query->param('pass') || undef; if ( defined $pass && $pass eq $password ) { # ログイン成功 # セッション生成 my $session = CGI::Session->new( undef, undef, { Directory => $session_dir } ); $session->expire('+1d'); $sid = $session->id; $session->flush; my $cookie = $query->cookie( -name => $cookie_name, -value => $sid, -path => $cookie_path ); print $query->redirect( -url => '/rule', -cookie => $cookie ); exit; } return undef; } sub mailsend { my $total = $query->param('total') || ''; $total = Encode::decode_utf8($total) if defined $total; $total = &xss($total) if defined $total; my $price = $query->param('price') || ''; $price = Encode::decode_utf8($price) if defined $price; $price = &xss($price) if defined $price; my $tax = $query->param('tax') || ''; $tax = Encode::decode_utf8($tax) if defined $tax; $tax = &xss($tax) if defined $tax; my $number = $query->param('number') || undef; if ( !defined $number ) { &error('冊数を入力して下さい。'); } $number = Encode::decode_utf8($number); $number = &xss_rtn($number) if defined $number; my $use = $query->param('use') || undef; if ( !defined $use || $use eq '' ) { &error('使用目的を入力して下さい。'); } $use = Encode::decode_utf8($use) if defined $use; $use = &xss_rtn($use) if defined $use; my $company = $query->param('company') || undef; if ( !defined $company ) { &error('団体名を入力して下さい。'); } $company = Encode::decode_utf8($company); $company = &xss_rtn($company) if defined $company; my $section = $query->param('section') || undef; if ( !defined $section ) { &error('部署名を入力して下さい。'); } $section = Encode::decode_utf8($section); $section = &xss_rtn($section) if defined $section; my $name1 = $query->param('name1') || undef; my $name2 = $query->param('name2') || undef; if ( !defined $name1 || !defined $name2 ) { &error('お名前を入力して下さい。'); } $name1 = Encode::decode_utf8($name1); $name1 = &xss_rtn($name1) if defined $name1; $name2 = Encode::decode_utf8($name2); $name2 = &xss_rtn($name2) if defined $name2; my $name3 = $query->param('name3') || undef; my $name4 = $query->param('name4') || undef; if ( !defined $name3 ) { $name3 = ""; } if ( !defined $name4 ) { $name4 = ""; } $name3 = Encode::decode_utf8($name3); $name3 = &xss_rtn($name3) if defined $name3; $name4 = Encode::decode_utf8($name4); $name4 = &xss_rtn($name4) if defined $name4; my $zipcode = $query->param('zipcode') || undef; my $pref = $query->param('pref') || undef; my $address = $query->param('address') || undef; my $building = $query->param('building') || undef; if ( !defined $zipcode || !defined $pref || !defined $address ) { &error('所在地を入力して下さい。'); } $zipcode = Encode::decode_utf8($zipcode); $zipcode = &xss_rtn($zipcode) if defined $zipcode; $pref = Encode::decode_utf8($pref); $pref = &xss_rtn($pref) if defined $pref; $address = Encode::decode_utf8($address); $address = &xss_rtn($address) if defined $address; $building = Encode::decode_utf8($building); $building = &xss_rtn($building) if defined $building; my $tel = $query->param('tel') || undef; if ( !defined $tel ) { &error('電話番号を入力して下さい。'); } $tel = Encode::decode_utf8($tel); $tel = &xss_rtn($tel) if defined $tel; my $mail = $query->param('mail') || undef; if ( !defined $mail ) { &error('メールアドレスを入力して下さい。'); } $mail = Encode::decode_utf8($mail); $mail = &xss_rtn($mail) if defined $mail; my $shipping_company = $query->param('shipping_company') || ''; if ( !defined $shipping_company ) { $shipping_company = ''; } $shipping_company = Encode::decode_utf8($shipping_company) if defined $shipping_company; $shipping_company = &xss_rtn($shipping_company) if defined $shipping_company; my $shipping_section = $query->param('shipping_section') || ''; if ( !defined $shipping_section ) { $shipping_section = ''; } $shipping_section = Encode::decode_utf8($shipping_section) if defined $shipping_section; $shipping_section = &xss_rtn($shipping_section) if defined $shipping_section; my $shipping_name1 = $query->param('shipping_name1') || ''; my $shipping_name2 = $query->param('shipping_name2') || ''; $shipping_name1 = Encode::decode_utf8($shipping_name1) if defined $shipping_name1; $shipping_name1 = &xss_rtn($shipping_name1) if defined $shipping_name1; $shipping_name2 = Encode::decode_utf8($shipping_name2) if defined $shipping_name2; $shipping_name2 = &xss_rtn($shipping_name2) if defined $shipping_name2; my $shipping_name3 = $query->param('shipping_namec') || ''; my $shipping_name4 = $query->param('shipping_name4') || ''; $shipping_name3 = Encode::decode_utf8($shipping_name3) if defined $shipping_name3; $shipping_name3 = &xss_rtn($shipping_name3) if defined $shipping_name3; $shipping_name4 = Encode::decode_utf8($shipping_name4) if defined $shipping_name4; $shipping_name4 = &xss_rtn($shipping_name4) if defined $shipping_name4; my $shipping_zipcode = $query->param('shipping_zipcode') || ''; my $shipping_pref = $query->param('shipping_pref') || ''; my $shipping_address = $query->param('shipping_address') || ''; my $shipping_building = $query->param('shipping_building') || ''; $shipping_zipcode = Encode::decode_utf8($shipping_zipcode); $shipping_zipcode = &xss_rtn($shipping_zipcode) if defined $shipping_zipcode; $shipping_pref = Encode::decode_utf8($shipping_pref); $shipping_pref = &xss_rtn($shipping_pref) if defined $shipping_pref; $shipping_address = Encode::decode_utf8($shipping_address) if defined $shipping_address; $shipping_address = &xss_rtn($shipping_address) if defined $shipping_address; $shipping_building = Encode::decode_utf8($shipping_building) if defined $shipping_building; $shipping_building = &xss_rtn($shipping_building) if defined $shipping_building; my $shipping_tel = $query->param('shipping_tel') || ''; $shipping_tel = Encode::decode_utf8($shipping_tel) if defined $shipping_tel; $shipping_tel = &xss_rtn($shipping_tel) if defined $shipping_tel; my $shipping_flag; if ( ( defined $shipping_company && $shipping_company ne '' ) || ( defined $shipping_name1 && $shipping_name1 ne '' ) || ( defined $shipping_name2 && $shipping_name2 ne '' ) || ( defined $shipping_name3 && $shipping_name3 ne '' ) || ( defined $shipping_name4 && $shipping_name4 ne '' ) || ( defined $shipping_zipcode && $shipping_zipcode ne '' ) || ( defined $shipping_pref && $shipping_pref ne '' ) || ( defined $shipping_address && $shipping_address ne '' ) || ( defined $shipping_building && $shipping_building ne '' ) || ( defined $shipping_tel && $shipping_tel ne '' ) ) { $shipping_flag = 1; } my $message = $query->param('message') || ''; $message = Encode::decode_utf8($message) if defined $message; $message = &xss_rtn($message) if defined $message; my $subject = 'お申し込みありがとうございます。'; my $subject_admin = '「自転車交通ルールを学ぼう」のお申し込みがありました。'; my $affilication = ''; if ( $name3 ne '' || $name4 ne '' ) { $affilication = '所属 '; } if ( $name3 ne '' ) { $affilication .= qq|${name3}部|; } if ( $name4 ne '' ) { $affilication .= qq|${name4}課|; } my $shipping_text = "上記１と同一場所\n"; if ($shipping_flag) { my $shipping_affilication = ''; if ( $shipping_name3 ne '' || $shipping_name4 ne '' ) { $shipping_affilication = '所属 '; } if ( $shipping_name3 ne '' ) { $shipping_affilication .= qq|${shipping_name3}部|; } if ( $shipping_name4 ne '' ) { $shipping_affilication .= qq|${shipping_name4}課|; } $shipping_text = <お手数ですが、再度送信を試みて下さい。'); } print $query->redirect( -url => '?mode=finish' ); exit; } sub mailer { my $to = shift; my $subject = shift; my $data = shift; my $admin = shift; #件名、本文をJISに変換 my $s = Unicode::Japanese->new($subject); # $subject = $s->jis; $subject = encode( 'MIME-Header-ISO_2022_JP', $subject ); my $body; if ( $admin == 1 ) { my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst ) = localtime(time); my $week = ( "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" )[$wday]; my $nowdate = sprintf( "%04d/%02d/%02d(%s) %02d:%02d:%02d", $year + 1900, $mon + 1, $mday, $week, $hour, $min, $sec ); my $host = $ENV{'REMOTE_HOST'}; my $address = $ENV{'REMOTE_ADDR'}; if ( !defined $host || $host eq $address ) { if ( $address =~ /^(\.|\d)+$/ ) { $host = gethostbyaddr( pack( 'C4', split( /\./, $address ) ), 2 ) || $address; } else { $host = ''; } } $body = <new($body); $body = $t->jis; # メール送信 eval { open( MAIL, "| $sendmail $to" ) || die('open error'); print MAIL "Return-Path: $mail\n" if $mail; print MAIL "X-Mailer: sendmail\n"; print MAIL "Reply-To: $mail\n" if $mail; print MAIL "To: $to\n"; print MAIL "From: $mail\n"; print MAIL "Subject: $subject\n"; print MAIL "Content-Transfer-Encoding: 7bit\n"; print MAIL "Content-Type: text/plain\; charset=\"ISO-2022-JP\"\n\n"; print MAIL $body; close MAIL; }; if ($@) { return 1; } return undef; }