Index: /branches/beta/data/downloads/module/mdl_remise/remise_recv.php
===================================================================
--- /branches/beta/data/downloads/module/mdl_remise/remise_recv.php	(revision 16656)
+++ /branches/beta/data/downloads/module/mdl_remise/remise_recv.php	(revision 16656)
@@ -0,0 +1,169 @@
+<?php
+/**
+ *
+ * @copyright   2000-2007 LOCKON CO.,LTD. All Rights Reserved.
+ * @version CVS: $Id$
+ * @link        http://www.lockon.co.jp/
+ *
+ */
+require_once '../require.php';
+require_once MODULE_PATH . "mdl_remise/mdl_remise.inc";
+
+// ¥ë¥ß¡¼¥º¥«¡¼¥É¥¯¥ì¥¸¥Ã¥È·èºÑ·ë²ÌÄÌÃÎ½èÍý
+lfRemiseCreditResultCheck();
+
+// ¥³¥ó¥Ó¥ËÆþ¶â¥Á¥§¥Ã¥¯
+lfRemiseConveniCheck();
+
+//-------------------------------------------------------------------------------------------------------
+
+// ¥ë¥ß¡¼¥º¥«¡¼¥É¥¯¥ì¥¸¥Ã¥È·èºÑ·ë²ÌÄÌÃÎ½èÍý
+function lfRemiseCreditResultCheck(){
+    $objQuery = new SC_Query;
+
+    $log_path = DATA_PATH . "logs/remise_card_result.log";
+    gfPrintLog("remise card result : ".$_POST["X-TRANID"] , $log_path);
+
+    // TRAN_ID ¤ò»ØÄê¤µ¤ì¤Æ¤¤¤Æ¡¢¥«¡¼¥É¾ðÊó¤¬¤¢¤ë¾ì¹ç
+    if (isset($_POST["X-TRANID"]) && isset($_POST["X-PARTOFCARD"])) {
+
+        $errFlg = FALSE;
+
+        gfPrintLog("remise card result start----------", $log_path);
+        foreach($_POST as $key => $val){
+            gfPrintLog( "\t" . $key . " => " . $val, $log_path);
+        }
+        gfPrintLog("remise credit result end  ----------", $log_path);
+
+        // IP¥¢¥É¥ì¥¹À©¸æ¤¹¤ë¾ì¹ç
+        if (REMISE_IP_ADDRESS_DENY == 1) {
+            gfPrintLog("remise remoto ip address : ".$_SERVER["REMOTE_HOST"]."-".$_SERVER["REMOTE_ADDR"], $log_path);
+            if (!isset($_SERVER["REMOTE_ADDR"]) || !lfIpAddressDenyCheck($_SERVER["REMOTE_ADDR"])) {
+                print("NOT REMISE SERVER");
+                exit;
+            }
+        }
+
+        // ÀÁµáÈÖ¹æ¤È¶â³Û¤Î¼èÆÀ
+        $order_id = 0;
+        $payment_total = 0;
+
+        if (isset($_POST["X-S_TORIHIKI_NO"])) {
+            $order_id = $_POST["X-S_TORIHIKI_NO"];
+        }
+
+        if (isset($_POST["X-TOTAL"])) {
+            $payment_total = $_POST["X-TOTAL"];
+        }
+
+        gfPrintLog("order_id : ".$order_id, $log_path);
+        gfPrintLog("payment_total : ".$payment_total, $log_path);
+
+        // ÃíÊ¸¥Ç¡¼¥¿¼èÆÀ
+        $arrTempOrder = $objQuery->getall("SELECT payment_total FROM dtb_order_temp WHERE order_id = ? ", array($order_id));
+
+        // ¶â³Û¤ÎÁê°ã
+        if (count($arrTempOrder) > 0) {
+            gfPrintLog("ORDER payment_total : ".$arrTempOrder[0]['payment_total'], $log_path);
+            if ($arrTempOrder[0]['payment_total'] == $payment_total) {
+                $errFlg = TRUE;
+            }
+        }
+
+        if ($errFlg) {
+            print(REMISE_PAYMENT_CHARGE_OK);
+            exit;
+        }
+        print("ERROR");
+        exit;
+    }
+}
+
+// ¥³¥ó¥Ó¥ËÆþ¶â³ÎÇ§½èÍý
+function lfRemiseConveniCheck(){
+    $objQuery = new SC_Query;
+
+    $log_path = DATA_PATH . "logs/remise_cv_charge.log";
+    gfPrintLog("remise conveni result : ".$_POST["JOB_ID"] , $log_path);
+
+    // É¬Í×¤Ê¥Ç¡¼¥¿¤¬Á÷¿®¤µ¤ì¤Æ¤¤¤Æ¡¢¼ýÇ¼ÄÌÃÎ¤Î¼«Æ°¼õ¿®¤òµö²Ä¤·¤Æ¤¤¤ë¾ì¹ç
+    if(isset($_POST["JOB_ID"]) && isset($_POST["REC_FLG"]) && REMISE_CONVENIENCE_RECIVE == 1){
+
+        $errFlg = FALSE;
+
+        // ¼ýÇ¼ºÑ¤ß¤Î¾ì¹ç
+        if ($_POST["REC_FLG"] == REMISE_CONVENIENCE_CHARGE) {
+            // POST¤ÎÆâÍÆ¤òÁ´¤Æ¥í¥°ÊÝÂ¸
+            gfPrintLog("remise conveni charge start----------", $log_path);
+            foreach($_POST as $key => $val){
+                gfPrintLog( "\t" . $key . " => " . $val, $log_path);
+            }
+            gfPrintLog("remise conveni charge end  ----------", $log_path);
+
+            // IP¥¢¥É¥ì¥¹À©¸æ¤¹¤ë¾ì¹ç
+            if (REMISE_IP_ADDRESS_DENY == 1) {
+                gfPrintLog("remise remoto ip address : ".$_SERVER["REMOTE_HOST"]."-".$_SERVER["REMOTE_ADDR"], $log_path);
+                if (!isset($_SERVER["REMOTE_ADDR"]) || !lfIpAddressDenyCheck($_SERVER["REMOTE_ADDR"])) {
+                    print("NOT REMISE SERVER");
+                    exit;
+                }
+            }
+
+            // ÀÁµáÈÖ¹æ¤È¶â³Û¤Î¼èÆÀ
+            $order_id = 0;
+            $payment_total = 0;
+
+            if (isset($_POST["S_TORIHIKI_NO"])) {
+                $order_id = $_POST["S_TORIHIKI_NO"];
+            }
+
+            if (isset($_POST["TOTAL"])) {
+                $payment_total = $_POST["TOTAL"];
+            }
+
+            gfPrintLog("order_id : ".$order_id, $log_path);
+            gfPrintLog("payment_total : ".$payment_total, $log_path);
+
+            // ÃíÊ¸¥Ç¡¼¥¿¼èÆÀ
+            $arrTempOrder = $objQuery->getall("SELECT payment_total FROM dtb_order_temp WHERE order_id = ? ", array($order_id));
+
+            // ¶â³Û¤ÎÁê°ã
+            if (count($arrTempOrder) > 0) {
+                gfPrintLog("ORDER payment_total : ".$arrTempOrder[0]['payment_total'], $log_path);
+                if ($arrTempOrder[0]['payment_total'] == $payment_total) {
+                    $errFlg = TRUE;
+                }
+            }
+
+            // JOB_ID¤ÈÀÁµáÈÖ¹æ¡£Æþ¶â¶â³Û¤¬°ìÃ×¤¹¤ë¾ì¹ç¤Î¤ß¡¢¥¹¥Æ¡¼¥¿¥¹¤òÆþ¶âºÑ¤ß¤ËÊÑ¹¹¤¹¤ë
+            if ($errFlg) {
+                $sql = "UPDATE dtb_order SET status = 6, update_date = now() ".
+                    "WHERE order_id = ? AND memo04 = ? ";
+                $objQuery->query($sql, array($order_id, $_POST["JOB_ID"]));
+
+                //±þÅú·ë²Ì¤òÉ½¼¨
+                print(REMISE_CONVENIENCE_CHARGE_OK);
+                exit;
+            }
+        }
+        print("ERROR");
+        exit;
+    }
+}
+
+/**
+ * IP¥¢¥É¥ì¥¹ÂÓ°è¥Á¥§¥Ã¥¯
+ * @param $ip IP¥¢¥É¥ì¥¹
+ * @return boolean
+ */
+function lfIpAddressDenyCheck($ip) {
+
+    // IP¥¢¥É¥ì¥¹ÈÏ°Ï¤ËÆþ¤Ã¤Æ¤Ê¤¤¾ì¹ç
+    if (ip2long(REMISE_IP_ADDRESS_S) > ip2long($ip) ||
+        ip2long(REMISE_IP_ADDRESS_E) < ip2long($ip)) {
+        return FALSE;
+    }
+    return TRUE;
+}
+
+?>
