%@ Language=VBScript %>
<%Option Explicit%>
<%
Const MK_SECTOR = "RO"
Dim gstrRefercode, gstrHidHomeURL, gstrRoutes, gstrRoute1, gstrRoute2, gstrRoute3, gstrRoute4
Dim gstrLanguage, gstrPopUp, gstrCurrency, gstrBackground, gstrSelectwidth, gstrType, gstrBodyOnload
Dim gstrCheckedReturn, gstrCheckedSingle, gstrPopUPQS, gstrCurrencyQS, gstrMulti, gstrHidHomeURLQS, gstrText
Dim gobjDB, gDB, gstrCompareReferCode, gstrAgentID, gstrhidReferFlags
Dim gstrRoutestring, gstrRoutestringex
Dim objRS
Dim strSQL
Dim intI
Dim strJourney
Dim strTemp
Dim intJ
'* OWASP **********************
Dim gobjSec
Set gobjSec = CreateObject("OWASP.Security")
gObjSec.ExternalLocation = Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("SCRIPT_NAME") & "?" & Request.QueryString
gObjSec.LogFailedTests = true
'******************************
If Request.QueryString("refercode")<>"" Then
gstrRefercode=Request.QueryString("refercode")
Else
gstrRefercode="AFRY"
End If
If Request.QueryString("routes")<>"" Then
gstrRoutes=Request.QueryString("routes")
Else
gstrRoutes="TRANSCAM"
End If
gstrRoute1=Request.QueryString("route1")
If Request.QueryString("language")<>"" Then
gstrLanguage=Request.QueryString("language")
Else
gstrLanguage="GB"
End If
If Request.QueryString("background")<>"" Then
gstrBackground= Request.QueryString("background")
Else
gstrBackground="FFFFFF"
End If
If Request.QueryString("text")<>"" Then
gstrText=Request.QueryString("text")
Else
gstrText="000000"
End If
If Request.Form("hidSubmit") = "SEND" Then 'Form has been submitted
Call SendEmail()
If Not OWASPValidate() Then
Set gObjSec = Nothing
Else
Call CollectData()
End If
Call ShowResponse()
Response.End
End if
%>
Transcamion încărcătură
<%
'-----------------------------------------------------------
Sub OpenDB(pstrDSN)
Set gobjDB = CreateObject("ADODB.Connection")
gobjDB.Open "DSN=" & pstrDSN & ";UID=sa;PWD=;"
End Sub
'-----------------------------------------------------------
Sub CloseDB()
gobjDB.Close
Set gobjDB = Nothing
End Sub
'--------------------------------------
' IsStageMode
'--------------------------------------
Function IsStageMode()
Dim strServerName
strServerName = LCase(Request.ServerVariables("SERVER_NAME"))
If instr (1,strServerName,"stage") > 0 Then
IsStageMode = True
Else
IsStageMode = False
End If
End Function
'--------------------------------------
' IstestMode
'--------------------------------------
Function IstestMode()
Dim strServerName
strServerName = LCase(Request.ServerVariables("SERVER_NAME"))
If instr (1,strServerName,"ntest") > 0 Then
IstestMode = True
Else
IstestMode = False
End If
End Function
'--------------------------------------
' IsDevelMode
'--------------------------------------
Function IsDevelMode()
Dim strServerName
strServerName = LCase(Request.ServerVariables("SERVER_NAME"))
If instr (1,strServerName,"redserver") > 0 Then
IsDevelMode = True
Else
IsDevelMode = False
End If
End Function
'------------------------------------
' CollectData()
'------------------------------------
Sub CollectData()
Dim strSQL
Dim rsAdd
Dim strName
On Error Resume Next
strSQL = " INSERT TranscamionQuotes (DateRec," & _
"Name, " & _
"Tel, " & _
"Email, " & _
"VehType, " & _
"Route, " & _
"Message, " & _
"Market) " & _
"VALUES (getDate(), " & _
ToDB(Trim(Request.Form("txtName"))) & "," & _
ToDB(Trim(Request.Form("txtTelephone"))) & "," & _
ToDB(Trim(Request.Form("txtEmail"))) & "," & _
ToDB(Trim(Request.Form("txtVehType"))) & "," & _
ToDB(Trim(Request.Form("txtRoute1"))) & "," & _
ToDB(Trim(Request.Form("txtMessage"))) & "," & _
ToDB(MK_SECTOR) & ")"
Call OpenDB("FerriesAFRY")
Call gobjDB.Execute(strSQL)
If Err Then
Response.Write "ERROR: phone +49 (0)898 960 730 "
Response.Write "Err=" & Err.number & "/" & Err.description & " "
Exit Sub
End If
Call CloseDB()
On Error Goto 0
End Sub
'------------------------------------------------
' SendEmail()
'------------------------------------------------
Sub SendEmail()
Dim cdoConfig
Dim strBody
Dim strEmail, strFromEmail
Dim rs
Dim objEmail, objBodyPart
Err.Clear
On Error Resume Next
Set objEmail = Server.CreateObject("CDO.Message")
Set objBodyPart = objEmail.BodyPart
objBodyPart.Charset = "UTF-8"
Set cdoConfig = CreateObject("CDO.Configuration")
With cdoConfig.Fields
.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mailgate.entee.co.uk"
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
.Update
End With
Set objEMail.Configuration = cdoConfig
If Err.Number Then
On Error Goto 0
Response.Write " SendEmail afrycontactus: Failed to CreateObject CDO.Message EmailToCustomer"
Err.Clear
Exit Sub
End If
strBody = "Transcamion Quote Request" & VBCRLF
strBody = strBody & "---------------------------" & VBCRLF
strBody = strBody & "Market: " & MK_SECTOR & VBCRLF
strBody = strBody & "Name: " & Request.Form("txtName") & VBCRLF
strBody = strBody & "Tel: " & Request.Form("txtTelephone") & VBCRLF
strBody = strBody & "Email: " & Request.Form("txtEmail") & VBCRLF
strBody = strBody & "VehType: " & Request.Form("txtVehType") & VBCRLF
strBody = strBody & "Route: " & Request.Form("txtRoute1") & VBCRLF
strBody = strBody & "Message: " & Request.Form("txtMessage") & VBCRLF
strEmail = "garyc@entee.co.uk" 'TEST
If Trim(Request.Form("txtEmail")) = "" Then
strFromEmail = "NOREPLY@transcamion.com"
Else
strFromEmail = Trim(Request.Form("txtEmail"))
End if
objEMail.To = strEmail
objEmail.CC = "garyc@entee.co.uk" 'TEST
objEMail.From = strFromEmail
objEMail.Subject = "Transcamion Quote - " & Request.Form("txtName")
objEMail.TextBody = strBody
objEMail.Send()
If Err.Number Then
Response.Write ""
Err.Clear
Set objEMail = Nothing
Exit Sub
End If
Set objEmail = Nothing
End Sub
'------------------------------------------------
' ShowResponse()
'------------------------------------------------
Sub ShowResponse()
%>
Transcamion Freight
<%response.Write "
" %>
Vă multumim pentru cererea dvs. un expert din echipa noastră vă va contacta în cel mai scurt timp.
<%response.Write "
" %>
<%
End Sub
'-----------------------------------------------------------
' OWASPValidate
'-----------------------------------------------------------
Function OWASPValidate()
Dim OWASPErrMsg : OWASPErrMsg = ""
Dim OWASPErrCnt : OWASPErrCnt = 0
Dim OWASPHeading
If Not gObjSec.General(Request.Form("txtName")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Numele companiei nu este valid." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.AlphaNumeric(Request.Form("txtTelephone")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Numărul de telefon nu este valid." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.Email(Request.Form("txtEmail")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Adresa de email nu este valid." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.Alpha(Request.QueryString("txtVehType")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Tipul de vehicul nu este valid." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.Alpha(Request.QueryString("txtRoute1")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Prima rută nu este valid." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.AlphaNumeric(Request.QueryString("txtMessage")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Informațiile mesaj nu este valid." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If OWASPErrCnt > 0 Then
OWASPHeading = "" & "Aceste probleme "
If OWASPErrCnt > 1 Then OWASPHeading = OWASPHeading & "s"
OWASPHeading = OWASPHeading & " restituit : " & vbCRLF
OWASPErrMsg = "
" & vbCRLF & _
OWASPHeading & "
" & OWASPErrMsg & "
" & vbCRLF & "
" & vbCRLF
'Response.Write gObjSec.GenErrMsg(OWASPErrMsg, 0)
End If
OWASPValidate = cBool(OWASPErrCnt = 0)
End function
'-----------------------------------------------------
' ToDB
'-----------------------------------------------------
Function ToDB(pstrIn)
Dim strOut
if instr(1,pstrIn, "'",vbtextcompare) > 0 then
strOut = Replace(pstrIn, "'", "''", 1)
ToDB = "'" & strOut & "'"
else
ToDB = "'" & pstrIn & "'"
end if
End Function
%>