Index: /branches/camp/camp-2_5-E/data/install.php
===================================================================
--- /branches/camp/camp-2_5-E/data/install.php	(revision 18852)
+++ /branches/camp/camp-2_5-E/data/install.php	(revision 19341)
@@ -0,0 +1,17 @@
+<?php
+    define ('ECCUBE_INSTALL', 'ON');
+    define ('SITE_URL', 'http://b.nanasess.net/camp-2_5-E/html/');
+    define ('SSL_URL', 'http://b.nanasess.net/camp-2_5-E/html/');
+    define ('URL_DIR', '/camp-2_5-E/html/');
+    define ('DOMAIN_NAME', '');
+    define ('DB_TYPE', 'pgsql');
+    define ('DB_USER', 'eccube_25_b_user');
+    define ('DB_PASSWORD', 'RJsLTLTFJz');
+    define ('DB_SERVER', '127.0.0.1');
+    define ('DB_NAME', 'eccube_25_b_db');
+    define ('DB_PORT', '54320');
+    define ('MOBILE_HTML_PATH', HTML_PATH . 'mobile/');
+    define ('MOBILE_SITE_URL', SITE_URL . 'mobile/');
+    define ('MOBILE_SSL_URL', SSL_URL . 'mobile/');
+    define ('MOBILE_URL_DIR', URL_DIR . 'mobile/');
+?>
Index: /branches/camp/camp-2_5-E/data/class/SC_Response.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/SC_Response.php	(revision 19149)
+++ /branches/camp/camp-2_5-E/data/class/SC_Response.php	(revision 19341)
@@ -111,5 +111,22 @@
 
     function sendRedirect(String $location){
-      
+        if (preg_match("/(" . preg_quote(SITE_URL, '/')
+                          . "|" . preg_quote(SSL_URL, '/') . ")/", $location)) {
+
+            $netURL = new Net_URL($location);
+            if (!empty($_SERVER['QUERY_STRING'])) {
+                $netURL->addRawQueryString($_SERVER['QUERY_STRING']);
+            }
+
+            $session = SC_SessionFactory::getInstance();
+            if (SC_MobileUserAgent::isMobile() || $session->useCookie() == false) {
+                $netURL->addQueryString(session_name(), session_id());
+            }
+
+            $netURL->addQueryString(TRANSACTION_ID_NAME, SC_Helper_Session_Ex::getToken());
+            header("Location: " . $netURL->getURL());
+            exit;
+        }
+        return false;
     }
 
Index: /branches/camp/camp-2_5-E/data/class/pages/shopping/LC_Page_Shopping.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/shopping/LC_Page_Shopping.php	(revision 19311)
+++ /branches/camp/camp-2_5-E/data/class/pages/shopping/LC_Page_Shopping.php	(revision 19341)
@@ -114,5 +114,5 @@
 
         if ($_SERVER["REQUEST_METHOD"] == "POST") {
-            if (!$this->isValidToken()) {
+            if (!SC_Helper_Session_Ex::isValidToken()) {
                 SC_Utils_Ex::sfDispSiteError(PAGE_ERROR, "", true);
             }
@@ -198,5 +198,5 @@
         $this->arrForm = $this->objFormParam->getFormParamList();
 
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
     }
 
Index: /branches/camp/camp-2_5-E/data/class/pages/admin/system/LC_Page_Admin_System_Input.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/admin/system/LC_Page_Admin_System_Input.php	(revision 18820)
+++ /branches/camp/camp-2_5-E/data/class/pages/admin/system/LC_Page_Admin_System_Input.php	(revision 19341)
@@ -66,5 +66,5 @@
 
         // トランザクショントークンの取得
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
 
         switch($this->getMode()) {
@@ -124,5 +124,5 @@
      */
     function execNewMode() {
-        if ($this->isValidToken() !== true) {
+        if (SC_Helper_Session_Ex::isValidToken() !== true) {
             SC_Utils::sfDispError('');
         }
@@ -143,5 +143,5 @@
             $this->arrErr = $arrErr;
             // トランザクショントークンの取得
-            $this->transactionid = $this->getToken();
+            $this->transactionid = SC_Helper_Session_Ex::getToken();
             return;
         }
@@ -214,5 +214,5 @@
      */
     function execEditMode() {
-        if ($this->isValidToken() !== true) {
+        if (SC_Helper_Session_Ex::isValidToken() !== true) {
             SC_Utils::sfDispError('');
         }
@@ -233,5 +233,5 @@
             $this->arrErr = $arrErr;
             // トランザクショントークンの取得
-            $this->transactionid = $this->getToken();
+            $this->transactionid = SC_Helper_Session_Ex::getToken();
             return;
         }
Index: /branches/camp/camp-2_5-E/data/class/pages/admin/ownersstore/LC_Page_Admin_OwnersStore_Settings.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/admin/ownersstore/LC_Page_Admin_OwnersStore_Settings.php	(revision 18701)
+++ /branches/camp/camp-2_5-E/data/class/pages/admin/ownersstore/LC_Page_Admin_OwnersStore_Settings.php	(revision 19341)
@@ -72,5 +72,5 @@
 
         // トランザクションIDの取得
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
 
         // $_POST['mode']によってアクション振り分け
@@ -124,5 +124,5 @@
      */
     function execRegisterMode() {
-        if ($this->isValidToken() !== true) {
+        if (SC_Helper_Session_Ex::isValidToken() !== true) {
             SC_Utils_Ex::sfDispError('');
         }
@@ -136,5 +136,5 @@
             $this->arrErr  = $arrErr;
             $this->arrForm = $this->objForm->getHashArray();
-            $this->transactionid = $this->getToken();
+            $this->transactionid = SC_Helper_Session_Ex::getToken();
             return;
         }
@@ -147,5 +147,5 @@
 
         $this->tpl_onload = "alert('登録しました。')";
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
     }
 
Index: /branches/camp/camp-2_5-E/data/class/pages/cart/LC_Page_Cart.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/cart/LC_Page_Cart.php	(revision 19162)
+++ /branches/camp/camp-2_5-E/data/class/pages/cart/LC_Page_Cart.php	(revision 19341)
@@ -69,4 +69,5 @@
      */
     function process() {
+        parent::process();
         $this->action();
         $this->sendResponse();
@@ -134,5 +135,6 @@
                 $objCartSess->saveCurrentCart($uniqid, $cartKey);
                 // 購入ページへ
-                $this->sendRedirect(URL_SHOP_TOP);
+                $this->objDisplay->redirect(URL_SHOP_TOP);
+                #$this->sendRedirect(URL_SHOP_TOP);
                 exit;
             }
@@ -183,4 +185,5 @@
      */
     function mobileProcess() {
+        parent::mobileProcess();
         $this->mobileAction();
         $this->sendResponse();
Index: /branches/camp/camp-2_5-E/data/class/pages/abouts/LC_Page_Abouts.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/abouts/LC_Page_Abouts.php	(revision 19097)
+++ /branches/camp/camp-2_5-E/data/class/pages/abouts/LC_Page_Abouts.php	(revision 19341)
@@ -55,4 +55,5 @@
      */
     function process() {
+        parent::process();
         $this->action();
         $this->sendResponse();
Index: /branches/camp/camp-2_5-E/data/class/pages/entry/LC_Page_Entry.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/entry/LC_Page_Entry.php	(revision 19124)
+++ /branches/camp/camp-2_5-E/data/class/pages/entry/LC_Page_Entry.php	(revision 19341)
@@ -225,5 +225,5 @@
         if ($_SERVER["REQUEST_METHOD"] == "POST") {
 
-            if (!$this->isValidToken()) {
+            if (!SC_Helper_Session_Ex::isValidToken()) {
                 SC_Utils_Ex::sfDispSiteError(PAGE_ERROR, "", true);
             }
@@ -342,5 +342,5 @@
         }
 
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
     }
 
Index: /branches/camp/camp-2_5-E/data/class/pages/entry/LC_Page_Entry_Complete.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/entry/LC_Page_Entry_Complete.php	(revision 19124)
+++ /branches/camp/camp-2_5-E/data/class/pages/entry/LC_Page_Entry_Complete.php	(revision 19341)
@@ -76,5 +76,5 @@
     function action() {
         // transaction check
-        if (!$this->isValidToken()) {
+        if (!SC_Helper_Session_Ex::isValidToken()) {
             SC_Utils_Ex::sfDispSiteError(PAGE_ERROR, "", true);
         }
Index: /branches/camp/camp-2_5-E/data/class/pages/frontparts/LC_Page_FrontParts_LoginCheck.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/frontparts/LC_Page_FrontParts_LoginCheck.php	(revision 18701)
+++ /branches/camp/camp-2_5-E/data/class/pages/frontparts/LC_Page_FrontParts_LoginCheck.php	(revision 19341)
@@ -55,7 +55,17 @@
      */
     function process() {
+        $this->action();
+        $this->sendResponse();
+    }
+
+    /**
+     * Page のアクション.
+     *
+     * @return void
+     */
+    function action() {
         $objCustomer = new SC_Customer();
         // 不正なURLがPOSTされた場合はエラー表示
-        if (!$this->isValidToken()) {
+        if (!SC_Helper_Session_Ex::isValidToken()) {
             GC_Utils_Ex::gfPrintLog('invalid access :login_check.php $POST["url"]=' . $_POST['url']);
             SC_Utils_Ex::sfDispSiteError(PAGE_ERROR);
Index: /branches/camp/camp-2_5-E/data/class/pages/frontparts/bloc/LC_Page_FrontParts_Bloc_Login.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/frontparts/bloc/LC_Page_FrontParts_Bloc_Login.php	(revision 18701)
+++ /branches/camp/camp-2_5-E/data/class/pages/frontparts/bloc/LC_Page_FrontParts_Bloc_Login.php	(revision 19341)
@@ -82,5 +82,5 @@
         $this->tpl_disable_logout = $this->lfCheckDisableLogout();
         $objSubView = new SC_SiteView(false);
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
         $objSubView->assignobj($this);
         $objSubView->display($this->tpl_mainpage);
Index: /branches/camp/camp-2_5-E/data/class/pages/products/LC_Page_Products_Review.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/products/LC_Page_Products_Review.php	(revision 19227)
+++ /branches/camp/camp-2_5-E/data/class/pages/products/LC_Page_Products_Review.php	(revision 19341)
@@ -83,5 +83,5 @@
 
         if ($_SERVER["REQUEST_METHOD"] == "POST") {
-            if (!$this->isValidToken()) {
+            if (!SC_Helper_Session_Ex::isValidToken()) {
                 SC_Utils_Ex::sfDispSiteError(PAGE_ERROR, "", true);
             }
@@ -177,5 +177,5 @@
         }
 
-        $this->transactionid = $this->getToken();
+        $this->transactionid = SC_Helper_Session_Ex::getToken();
         //$objView->assignobj($this);
         //$objView->display($this->tpl_mainpage);
Index: /branches/camp/camp-2_5-E/data/class/pages/order/LC_Page_Order.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/order/LC_Page_Order.php	(revision 19157)
+++ /branches/camp/camp-2_5-E/data/class/pages/order/LC_Page_Order.php	(revision 19341)
@@ -59,4 +59,5 @@
      */
     function process() {
+        parent::process();
         $this->action();
         $this->sendResponse();
@@ -94,4 +95,5 @@
      */
     function mobileProcess() {
+        parent::mobileProcess();
         $this->mobileAction();
         $this->sendResponse();
Index: /branches/camp/camp-2_5-E/data/class/pages/LC_Page.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/pages/LC_Page.php	(revision 19331)
+++ /branches/camp/camp-2_5-E/data/class/pages/LC_Page.php	(revision 19341)
@@ -93,5 +93,5 @@
 
         // ディスプレイクラス生成
-        $this->objDisp = new SC_Display();
+        $this->objDisplay = new SC_Display();
 
         // プラグインクラス生成
@@ -120,6 +120,6 @@
      */
     function sendResponse() {
-        $this->objDisp->hoge($this);
-        $this->objDisp->response->response();
+        $this->objDisplay->hoge($this);
+        $this->objDisplay->response->response();
     }
 
@@ -160,4 +160,6 @@
      */
     function sendRedirect($url, $isMobile = false) {
+echo "SC_Response.php::sendRedirect()に移行してね。";
+exit;
 
         if (preg_match("/(" . preg_quote(SITE_URL, '/')
@@ -204,4 +206,6 @@
      */
     function getToken() {
+echo "SC_Helper_Session.php::getToken()に移行してね。";
+exit;
         if (empty($_SESSION[TRANSACTION_ID_NAME])) {
             $_SESSION[TRANSACTION_ID_NAME] = $this->createToken();
@@ -221,4 +225,6 @@
      */
     function isValidToken() {
+echo "SC_Helper_Session.php::isValidToken()に移行してね。";
+exit;
 
         $checkToken = "";
Index: /branches/camp/camp-2_5-E/data/class/helper/SC_Helper_Session.php
===================================================================
--- /branches/camp/camp-2_5-E/data/class/helper/SC_Helper_Session.php	(revision 18820)
+++ /branches/camp/camp-2_5-E/data/class/helper/SC_Helper_Session.php	(revision 19341)
@@ -132,4 +132,64 @@
          return true;
     }
+
+    /**
+     * トランザクショントークンを生成し, 取得する.
+     *
+     * 悪意のある不正な画面遷移を防止するため, 予測困難な文字列を生成して返す.
+     * 同時に, この文字列をセッションに保存する.
+     *
+     * この関数を使用するためには, 生成した文字列を次画面へ渡すパラメータとして
+     * 出力する必要がある.
+     *
+     * 例)
+     * <input type="hidden" name="transactionid" value="この関数の返り値" />
+     *
+     * 遷移先のページで, LC_Page::isValidToken() の返り値をチェックすることにより,
+     * 画面遷移の妥当性が確認できる.
+     *
+     * @access protected
+     * @return string トランザクショントークンの文字列
+     */
+    function getToken() {
+        if (empty($_SESSION[TRANSACTION_ID_NAME])) {
+            $_SESSION[TRANSACTION_ID_NAME] = $this->createToken();
+        }
+        return $_SESSION[TRANSACTION_ID_NAME];
+    }
+
+    /**
+     * トランザクショントークンの妥当性をチェックする.
+     *
+     * 前画面で生成されたトランザクショントークンの妥当性をチェックする.
+     * この関数を使用するためには, 前画面のページクラスで LC_Page::getToken()
+     * を呼んでおく必要がある.
+     *
+     * @access protected
+     * @return boolean トランザクショントークンが有効な場合 true
+     */
+    function isValidToken() {
+
+        $checkToken = "";
+
+        // $_POST の値を優先する
+        if (isset($_POST[TRANSACTION_ID_NAME])) {
+
+            $checkToken = $_POST[TRANSACTION_ID_NAME];
+        } elseif (isset($_GET[TRANSACTION_ID_NAME])) {
+
+            $checkToken = $_GET[TRANSACTION_ID_NAME];
+        }
+
+        $ret = false;
+        // token の妥当性チェック
+        if ($checkToken === $_SESSION[TRANSACTION_ID_NAME]) {
+
+            $ret = true;
+        }
+
+        unset($_SESSION[TRANSACTION_ID_NAME]);
+        return $ret;
+    }
+
 }
 ?>
