Index: /branches/comu-utf8/data/Smarty/templates/admin/order/edit.tpl
===================================================================
--- /branches/comu-utf8/data/Smarty/templates/admin/order/edit.tpl	(revision 15099)
+++ /branches/comu-utf8/data/Smarty/templates/admin/order/edit.tpl	(revision 16077)
@@ -9,5 +9,5 @@
 <!--
 	function fnEdit(customer_id) {
-		document.form1.action = '/admin/customer/edit.php';
+		document.form1.action = '<!--{$smarty.const.URL_DIR}-->admin/customer/edit.php';
 		document.form1.mode.value = "edit"
 		document.form1['edit_customer_id'].value = customer_id;
Index: /branches/comu-utf8/data/Smarty/templates/mobile/entry/set2.tpl
===================================================================
--- /branches/comu-utf8/data/Smarty/templates/mobile/entry/set2.tpl	(revision 15099)
+++ /branches/comu-utf8/data/Smarty/templates/mobile/entry/set2.tpl	(revision 16077)
@@ -40,5 +40,5 @@
 	【メールマガジン】<br>
 	お得な情報を希望されますか？<br>
-	配信希望<input type="checkbox" name="mailmaga_flg" value="on" <!--{if $mailmaga_flg eq 'on'}-->checked<!--{/if}--> /><br>
+	配信希望<input type="checkbox" name="mailmaga_flg" value="on" <!--{if $mailmaga_flg eq 'on' || $mailmaga_flg == 2}-->checked<!--{/if}--> /><br>
 	（希望されない場合はチェックをはずしてください）<br>
 	<br>
Index: /branches/comu-utf8/data/class/SC_Customer.php
===================================================================
--- /branches/comu-utf8/data/class/SC_Customer.php	(revision 15099)
+++ /branches/comu-utf8/data/class/SC_Customer.php	(revision 16077)
@@ -46,5 +46,5 @@
 		
 		if ( strlen($email) > 0 && strlen($pass) > 0 ){
-			$this->getCustomerDataFromEmailPass( $email, $pass );
+			$this->getCustomerDataFromEmailPass($pass, $email);
 		}
 	}
Index: /branches/comu-utf8/data/class/SC_DbConn.php
===================================================================
--- /branches/comu-utf8/data/class/SC_DbConn.php	(revision 15099)
+++ /branches/comu-utf8/data/class/SC_DbConn.php	(revision 16077)
@@ -109,9 +109,6 @@
 		
 		if(PEAR::isError($this->conn)) {
-			if(ADMIN_MODE){
-				sfErrorHeader("DBへの接続に失敗しました。:" . $this->dsn);
-			}else{
-				sfErrorHeader("DBへの接続に失敗しました。:");
-			}
+			sfErrorHeader("DBへの接続に失敗しました。");
+            gfPrintLog("couldn't connect : " . $this->dsn);
 			return 0;
 		}
Index: /branches/comu-utf8/data/lib/slib.php
===================================================================
--- /branches/comu-utf8/data/lib/slib.php	(revision 16016)
+++ /branches/comu-utf8/data/lib/slib.php	(revision 16077)
@@ -481,10 +481,12 @@
         // sfErrorHeader('>> referrerが無効になっています。');
     } else {
-        $domain  = sfIsHTTPS() ? SSL_URL : SITE_URL;
-        $pattern = sprintf('|^%s.*|', $domain);
+        $siteurl = preg_quote(SITE_URL, "/");
+        $sslurl  = preg_quote(SSL_URL, "/");
+
+        $pattern = "/^($siteurl|$sslurl)/";
         $referer = $_SERVER['HTTP_REFERER'];
 
         // 管理画面から以外の遷移の場合はエラー画面を表示
-        if (!preg_match($pattern, $referer)) {
+        if ( !preg_match($pattern, $referer) ) {
             if ($disp_error) sfDispError(INVALID_MOVE_ERRORR);
             return false;
@@ -595,9 +597,4 @@
     Header("Pragma: ");
 
-    /* i18n~ だと正常に動作しないため、mb~ に変更
-    if (i18n_discover_encoding($data) == CHAR_CODE){
-        $data = i18n_convert($data,'SJIS',CHAR_CODE);
-    }
-    */
     if (mb_internal_encoding() == CHAR_CODE){
         $data = mb_convert_encoding($data,'SJIS',CHAR_CODE);
Index: /branches/comu-utf8/html/mobile/entry/index.php
===================================================================
--- /branches/comu-utf8/html/mobile/entry/index.php	(revision 15099)
+++ /branches/comu-utf8/html/mobile/entry/index.php	(revision 16077)
@@ -143,5 +143,5 @@
 			$checkVal = array("sex", "year", "month", "day", "zip01", "zip02");
 		} else {
-			$checkVal = array("pref", "addr01", "addr02", "tel01", "tel02", "tel03", "mail_flag");
+			$checkVal = array("pref", "addr01", "addr02", "tel01", "tel02", "tel03", "mailmaga_flg");
 		}
 
@@ -174,8 +174,8 @@
 			
 			//メール受け取り
-			if (strtolower($objPage->arrForm['mail_flag']) == "on") {
-				$objPage->arrForm['mail_flag']  = "2";
+			if (strtolower($objPage->arrForm['mailmaga_flg']) == "on") {
+				$objPage->arrForm['mailmaga_flg']  = "2";
 			} else {
-				$objPage->arrForm['mail_flag']  = "3";
+				$objPage->arrForm['mailmaga_flg']  = "3";
 			}
 
Index: /branches/comu-utf8/html/mobile/shopping/complete.php
===================================================================
--- /branches/comu-utf8/html/mobile/shopping/complete.php	(revision 15099)
+++ /branches/comu-utf8/html/mobile/shopping/complete.php	(revision 16077)
@@ -45,4 +45,5 @@
 // ユーザユニークIDの取得と購入状態の正当性をチェック
 $uniqid = sfCheckNormalAccess($objSiteSess, $objCartSess);
+
 if ($uniqid != "") {
 	
Index: /branches/comu-utf8/html/admin/products/upload_csv.php
===================================================================
--- /branches/comu-utf8/html/admin/products/upload_csv.php	(revision 15099)
+++ /branches/comu-utf8/html/admin/products/upload_csv.php	(revision 16077)
@@ -114,5 +114,5 @@
 				echo "<font color=\"red\">■" . $line . "行目でエラーが発生しました。</font></br>\n";
 				foreach($arrCSVErr as $val) {
-					echo "<font color=\"red\">$val</font></br>\n";	
+					echo "<font color=\"red\">" . htmlspecialchars($val, ENT_QUOTES) . "</font></br>\n";
 				}
 				$err = true;
Index: /branches/comu-utf8/html/install/user_data/include/bloc/cart.tpl
===================================================================
--- /branches/comu-utf8/html/install/user_data/include/bloc/cart.tpl	(revision 15099)
+++ /branches/comu-utf8/html/install/user_data/include/bloc/cart.tpl	(revision 16077)
@@ -21,5 +21,4 @@
 				<td class="fs12"><span class="redst">合計：<!--{$arrCartList.0.ProductsTotal|number_format|default:0}-->円</span></td>
 			</tr>
-			<tr><td height="5"><!--{$arrCartList.0.free_rule}--></td></tr>
 			
 			<!-- カゴの中に商品がある場合にのみ表示 -->
Index: /branches/comu-utf8/html/install/user_data/templates/default1/templates/detail.tpl
===================================================================
--- /branches/comu-utf8/html/install/user_data/templates/default1/templates/detail.tpl	(revision 15099)
+++ /branches/comu-utf8/html/install/user_data/templates/default1/templates/detail.tpl	(revision 16077)
@@ -316,4 +316,41 @@
 				<!--お客様の声ここまで-->
 
+				<!--{if $arrTrackbackView == "ON"}-->
+				<!--▼トラックバックここから-->
+				<table width="580" border="0" cellspacing="0" cellpadding="0" summary=" ">
+					<tr>
+						<td><img src="<!--{$smarty.const.URL_DIR}-->img/products/title_tb.jpg" width="580" height="30" alt="この商品に対するトラックバック"></td>
+					</tr>
+					<tr><td height="10"></td></tr>
+					<tr>
+						<td class="fs12"><strong>この商品のトラックバック先URL</strong></td>
+					</tr>
+					<tr><td height="5"></td></tr>
+					<tr>
+						<td class="fs12"><input type="text" name="trackback" value="<!--{$trackback_url}-->" size="100"></td>
+					</tr>
+					<!--{if $arrTrackback}-->
+					<tr><td height="5"></td></tr>
+					<!--{section name=cnt loop=$arrTrackback}-->
+					<tr>
+						<td class="fs12"><strong><!--{$arrTrackback[cnt].create_date|sfDispDBDate:false}-->　<a href="<!--{$arrTrackback[cnt].url}-->" target="_blank"><!--{$arrTrackback[cnt].title|escape}--></a> from <!--{$arrTrackback[cnt].blog_name|escape}--></strong></td>
+					</tr>
+					<tr><td height="5"></td></tr>
+					<tr>
+						<td class="fs12"><!--{$arrTrackback[cnt].excerpt|escape|mb_strimwidth:0:200:"..."}--></td>
+					</tr>
+			
+					<!--{if !$smarty.section.cnt.last}-->
+					<tr><td height="20"><img src="<!--{$smarty.const.URL_DIR}-->img/common/line_580.gif" width="580" height="1" alt=""></td></tr>
+					<!--{/if}-->
+					
+					<!--{/section}-->
+					<!--{/if}-->
+					
+					<tr><td height="30"></td></tr>
+				</table>
+				<!--▲トラックバックここまで-->
+				<!--{/if}-->
+
 				<!--{if $arrRecommend}-->
 				<!--▼オススメ商品ここから-->
@@ -345,5 +382,6 @@
 										<!--{assign var=image_path value="`$smarty.const.NO_IMAGE_DIR`"}-->
 									<!--{/if}-->
-									<img src="<!--{$smarty.const.SITE_URL}-->resize_image.php?image=<!--{$image_path|sfRmDupSlash}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|escape}-->"></a></td>
+									<img src="<!--{$smarty.const.SITE_URL}-->resize_image.php?image=<!--{$image_path|sfRmDupSlash}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|escape}-->"></a>
+									</td>
 									<td align="right">
 									<table width="145" border="0" cellspacing="0" cellpadding="0" summary=" ">
Index: /branches/comu-utf8/html/install/user_data/templates/default1/include/bloc/cart.tpl
===================================================================
--- /branches/comu-utf8/html/install/user_data/templates/default1/include/bloc/cart.tpl	(revision 15099)
+++ /branches/comu-utf8/html/install/user_data/templates/default1/include/bloc/cart.tpl	(revision 16077)
@@ -21,5 +21,4 @@
 				<td class="fs12"><span class="redst">合計：<!--{$arrCartList.0.ProductsTotal|number_format|default:0}-->円</span></td>
 			</tr>
-			<tr><td height="5"></td></tr>
 			
 			<!-- カゴの中に商品がある場合にのみ表示 -->
Index: /branches/comu-utf8/html/input_zip.php
===================================================================
--- /branches/comu-utf8/html/input_zip.php	(revision 15099)
+++ /branches/comu-utf8/html/input_zip.php	(revision 16077)
@@ -56,4 +56,5 @@
 // 郵便番号が発見された場合
 if(count($data_list) > 0) {
+    lfCheckInput();
 	$func = "fnPutAddress('" . $_GET['input1'] . "','" . $_GET['input2']. "');";
 	$objPage->tpl_onload = "$func";
@@ -70,12 +71,30 @@
 function fnErrorCheck() {
 	// エラーメッセージ配列の初期化
-	$objErr = new SC_CheckError();
+	$objErr = new SC_CheckError($_GET);
 	
 	// 郵便番号
-	$objErr->doFunc( array("郵便番号1",'zip1',ZIP01_LEN ) ,array( "NUM_COUNT_CHECK" ) );
-	$objErr->doFunc( array("郵便番号2",'zip2',ZIP02_LEN ) ,array( "NUM_COUNT_CHECK" ) );
+	$objErr->doFunc( array("郵便番号1",'zip1',ZIP01_LEN ) ,array( "NUM_CHECK", "NUM_COUNT_CHECK" ) );
+	$objErr->doFunc( array("郵便番号2",'zip2',ZIP02_LEN ) ,array( "NUM_CHECK", "NUM_COUNT_CHECK" ) );
 	
 	return $objErr->arrErr;
 }
 
+/**
+ * input1,2の入力チェック
+ * 英数字アンダーバー以外が入力された場合、
+ * 不正なアクセスとみなしエラー画面へ遷移
+ * @param void
+ * @return void
+ */
+function lfCheckInput(){
+    $pattern = "/^[0-9a-z_]+$/";
+    foreach (array('input1', 'input2') as $key_name) {
+        $ret = preg_match_all($pattern, $_GET[$key_name], $matches);
+        if (!$ret) {
+            $msg = sprintf('invalid param: $_GET[%s]="%s"', $key_name, $_GET[$key_name]);
+            gfPrintLog($msg);
+            sfDispSiteError('');
+        }
+    }
+}
 ?>
Index: /branches/comu-utf8/html/frontparts/login_check.php
===================================================================
--- /branches/comu-utf8/html/frontparts/login_check.php	(revision 15099)
+++ /branches/comu-utf8/html/frontparts/login_check.php	(revision 16077)
@@ -59,7 +59,6 @@
 	// ログイン情報の解放
 	$objCustomer->EndSession();
-	$mypage_url_search = strpos('.'.$_POST['url'], "mypage");
 	//マイページログイン中はログイン画面へ移行
-	if ($mypage_url_search == 2){
+	if ( preg_match('/mypage/', $_POST['url']) ){
 	header("Location: /mypage/login.php");
 	}else{
@@ -81,16 +80,22 @@
 /* POSTされるURLのチェック*/
 function lfIsValidURL() {
-    $site_url  = sfIsHTTPS() ? SSL_URL : SITE_URL;
-    $check_url = trim($_POST['url']);
+    $arrValidUrl = array(SSL_URL, SITE_URL, '/');
+    $targetUrl   = $_POST['url'];
     
-    // ドメインチェック
-    $pattern = "|^$site_url|";
-    if (!preg_match($pattern, $check_url)) {
-        return false;
+    // $arrValidUrlにマッチしない場合は不正なURL
+    $match = false;
+    foreach ($arrValidUrl as $validUrl) {
+        $pattern = sprintf('/^%s/' , preg_quote($validUrl, '/'));
+        gfPrintLog($pattern . ':' . $targetUrl);
+        if ( preg_match($pattern, $targetUrl) ) {
+            $match = true;
+            break;
+        }
     }
+    if (!$match) return false;
 
-    // 改行コード(CR・LF)・NULLバイトチェック
+    // 改行コード(CR・LF)・NULLバイトを含む場合は不正なURL
     $pattern = '/\r|\n|\0|%0D|%0A|%00/';
-    if (preg_match_all($pattern, $check_url, $matches)) {
+    if (preg_match_all($pattern, $targetUrl, $matches)) {
         return false;
     }
