<%@ Language=VBScript %> <%Option Explicit%> <% Const MK_SECTOR = "ES" Dim gstrRefercode, gstrHidHomeURL, gstrRoutes, gstrRoute1, gstrRoute2, gstrRoute3, gstrRoute4 Dim gstrLanguage, gstrPopUp, gstrCurrency, gstrBackground, gstrSelectwidth, gstrType, gstrBodyOnload Dim gstrCheckedReturn, gstrCheckedSingle, gstrPopUPQS, gstrCurrencyQS, gstrMulti, gstrHidHomeURLQS, gstrText Dim gobjDB, gDB, gstrCompareReferCode, gstrAgentID, gstrhidReferFlags Dim gstrRoutestring, gstrRoutestringex Dim objRS Dim strSQL Dim intI Dim strJourney Dim strTemp Dim intJ '* OWASP ********************** Dim gobjSec Set gobjSec = CreateObject("OWASP.Security") gObjSec.ExternalLocation = Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("SCRIPT_NAME") & "?" & Request.QueryString gObjSec.LogFailedTests = true '****************************** If Request.QueryString("refercode")<>"" Then gstrRefercode=Request.QueryString("refercode") Else gstrRefercode="AFRY" End If If Request.QueryString("routes")<>"" Then gstrRoutes=Request.QueryString("routes") Else gstrRoutes="TRANSCAM" End If gstrRoute1=Request.QueryString("route1") If Request.QueryString("language")<>"" Then gstrLanguage=Request.QueryString("language") Else gstrLanguage="GB" End If If Request.QueryString("background")<>"" Then gstrBackground= Request.QueryString("background") Else gstrBackground="FFFFFF" End If If Request.QueryString("text")<>"" Then gstrText=Request.QueryString("text") Else gstrText="000000" End If If Request.Form("hidSubmit") = "SEND" Then 'Form has been submitted Call SendEmail() If Not OWASPValidate() Then Set gObjSec = Nothing Else Call CollectData() End If Call ShowResponse() Response.End End if %> Transcamion Carga
<% '----------------------------------------------------------- Sub OpenDB(pstrDSN) Set gobjDB = CreateObject("ADODB.Connection") gobjDB.Open "DSN=" & pstrDSN & ";UID=sa;PWD=;" End Sub '----------------------------------------------------------- Sub CloseDB() gobjDB.Close Set gobjDB = Nothing End Sub '-------------------------------------- ' IsStageMode '-------------------------------------- Function IsStageMode() Dim strServerName strServerName = LCase(Request.ServerVariables("SERVER_NAME")) If instr (1,strServerName,"stage") > 0 Then IsStageMode = True Else IsStageMode = False End If End Function '-------------------------------------- ' IstestMode '-------------------------------------- Function IstestMode() Dim strServerName strServerName = LCase(Request.ServerVariables("SERVER_NAME")) If instr (1,strServerName,"ntest") > 0 Then IstestMode = True Else IstestMode = False End If End Function '-------------------------------------- ' IsDevelMode '-------------------------------------- Function IsDevelMode() Dim strServerName strServerName = LCase(Request.ServerVariables("SERVER_NAME")) If instr (1,strServerName,"redserver") > 0 Then IsDevelMode = True Else IsDevelMode = False End If End Function '------------------------------------ ' CollectData() '------------------------------------ Sub CollectData() Dim strSQL Dim rsAdd Dim strName On Error Resume Next strSQL = " INSERT TranscamionQuotes (DateRec," & _ "Name, " & _ "Tel, " & _ "Email, " & _ "VehType, " & _ "Route, " & _ "Message, " & _ "Market) " & _ "VALUES (getDate(), " & _ ToDB(Trim(Request.Form("txtName"))) & "," & _ ToDB(Trim(Request.Form("txtTelephone"))) & "," & _ ToDB(Trim(Request.Form("txtEmail"))) & "," & _ ToDB(Trim(Request.Form("txtVehType"))) & "," & _ ToDB(Trim(Request.Form("txtRoute1"))) & "," & _ ToDB(Trim(Request.Form("txtMessage"))) & "," & _ ToDB(MK_SECTOR) & ")" Call OpenDB("FerriesAFRY") Call gobjDB.Execute(strSQL) If Err Then Response.Write "ERROR: phone +49 (0)898 960 730
" Response.Write "Err=" & Err.number & "/" & Err.description & "
" Exit Sub End If Call CloseDB() On Error Goto 0 End Sub '------------------------------------------------ ' SendEmail() '------------------------------------------------ Sub SendEmail() Dim cdoConfig Dim strBody Dim strEmail, strFromEmail Dim rs Dim objEMail Err.Clear On Error Resume Next Set objEMail = Server.CreateObject("CDO.Message") Set cdoConfig = CreateObject("CDO.Configuration") With cdoConfig.Fields .Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 .Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mailgate.entee.co.uk" .Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 .Update End With Set objEMail.Configuration = cdoConfig If Err.Number Then On Error Goto 0 Response.Write "
SendEmail afrycontactus: Failed to CreateObject CDO.Message EmailToCustomer" Err.Clear Exit Sub End If strBody = "Transcamion Quote Request" & VBCRLF strBody = strBody & "---------------------------" & VBCRLF strBody = strBody & "Market: " & MK_SECTOR & VBCRLF strBody = strBody & "Name: " & Request.Form("txtName") & VBCRLF strBody = strBody & "Tel: " & Request.Form("txtTelephone") & VBCRLF strBody = strBody & "Email: " & Request.Form("txtEmail") & VBCRLF strBody = strBody & "VehType: " & Request.Form("txtVehType") & VBCRLF strBody = strBody & "Route: " & Request.Form("txtRoute1") & VBCRLF strBody = strBody & "Message: " & Request.Form("txtMessage") & VBCRLF strEmail = "garyc@entee.co.uk" 'TEST If Trim(Request.Form("txtEmail")) = "" Then strFromEmail = "NOREPLY@transcamion.com" Else strFromEmail = Trim(Request.Form("txtEmail")) End if objEMail.To = strEmail objEmail.CC = "garyc@entee.co.uk" 'TEST objEMail.From = strFromEmail objEMail.Subject = "Transcamion Quote - " & Request.Form("txtName") objEMail.TextBody = strBody objEMail.Send() If Err.Number Then Response.Write "" Err.Clear Set objEMail = Nothing Exit Sub End If Set objEMail = Nothing End Sub '------------------------------------------------ ' ShowResponse() '------------------------------------------------ Sub ShowResponse() %> Transcamion Freight <%response.Write "
" %> Gracias por su petición. Uno de nuestros equipos dedicados le contactará en breve. <%response.Write "
" %> <% End Sub '----------------------------------------------------------- ' OWASPValidate '----------------------------------------------------------- Function OWASPValidate() Dim OWASPErrMsg : OWASPErrMsg = "" Dim OWASPErrCnt : OWASPErrCnt = 0 Dim OWASPHeading If Not gObjSec.General(Request.Form("txtName")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "The company name is not valid." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.AlphaNumeric(Request.Form("txtTelephone")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "The Telephone no is not valid." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.Email(Request.Form("txtEmail")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "The email address is not valid." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.Alpha(Request.QueryString("txtVehType")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "The Vehicle type is not valid." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.Alpha(Request.QueryString("txtRoute1")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "The Route 1 information is not valid." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.AlphaNumeric(Request.QueryString("txtMessage")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "The message information is not valid." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If OWASPErrCnt > 0 Then OWASPHeading = "" & "The following problem" If OWASPErrCnt > 1 Then OWASPHeading = OWASPHeading & "s" OWASPHeading = OWASPHeading & " have been reported :
    " & vbCRLF OWASPErrMsg = "
    " & vbCRLF & _ OWASPHeading & "" & vbCRLF & "
    " & vbCRLF 'Response.Write gObjSec.GenErrMsg(OWASPErrMsg, 0) End If OWASPValidate = cBool(OWASPErrCnt = 0) End function '----------------------------------------------------- ' ToDB '----------------------------------------------------- Function ToDB(pstrIn) Dim strOut if instr(1,pstrIn, "'",vbtextcompare) > 0 then strOut = Replace(pstrIn, "'", "''", 1) ToDB = "'" & strOut & "'" else ToDB = "'" & pstrIn & "'" end if End Function %>