%@ Language=VBScript %>
<%Option Explicit%>
<%
Const MK_SECTOR = "PL"
Dim gstrRefercode, gstrHidHomeURL, gstrRoutes, gstrRoute1, gstrRoute2, gstrRoute3, gstrRoute4
Dim gstrLanguage, gstrPopUp, gstrCurrency, gstrBackground, gstrSelectwidth, gstrType, gstrBodyOnload
Dim gstrCheckedReturn, gstrCheckedSingle, gstrPopUPQS, gstrCurrencyQS, gstrMulti, gstrHidHomeURLQS, gstrText
Dim gobjDB, gDB, gstrCompareReferCode, gstrAgentID, gstrhidReferFlags
Dim gstrRoutestring, gstrRoutestringex
Dim objRS
Dim strSQL
Dim intI
Dim strJourney
Dim strTemp
Dim intJ
'* OWASP **********************
Dim gobjSec
Set gobjSec = CreateObject("OWASP.Security")
gObjSec.ExternalLocation = Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("SCRIPT_NAME") & "?" & Request.QueryString
gObjSec.LogFailedTests = true
'******************************
If Request.QueryString("refercode")<>"" Then
gstrRefercode=Request.QueryString("refercode")
Else
gstrRefercode="AFRY"
End If
If Request.QueryString("routes")<>"" Then
gstrRoutes=Request.QueryString("routes")
Else
gstrRoutes="TRANSCAM"
End If
gstrRoute1=Request.QueryString("route1")
If Request.QueryString("language")<>"" Then
gstrLanguage=Request.QueryString("language")
Else
gstrLanguage="GB"
End If
If Request.QueryString("background")<>"" Then
gstrBackground= Request.QueryString("background")
Else
gstrBackground="FFFFFF"
End If
If Request.QueryString("text")<>"" Then
gstrText=Request.QueryString("text")
Else
gstrText="000000"
End If
If Request.Form("hidSubmit") = "SEND" Then
Call SendEmail()
If Not OWASPValidate() Then
Set gObjSec = Nothing
Else
Call CollectData()
End If
Call ShowResponse()
Response.End
End if
%>
Transcamion Cargo
Konto towarowy prom:
<%
'-----------------------------------------------------------
Sub OpenDB(pstrDSN)
Set gobjDB = CreateObject("ADODB.Connection")
gobjDB.Open "DSN=" & pstrDSN & ";UID=sa;PWD=;"
End Sub
'-----------------------------------------------------------
Sub CloseDB()
gobjDB.Close
Set gobjDB = Nothing
End Sub
'--------------------------------------
' IsStageMode
'--------------------------------------
Function IsStageMode()
Dim strServerName
strServerName = LCase(Request.ServerVariables("SERVER_NAME"))
If instr (1,strServerName,"stage") > 0 Then
IsStageMode = True
Else
IsStageMode = False
End If
End Function
'--------------------------------------
' IstestMode
'--------------------------------------
Function IstestMode()
Dim strServerName
strServerName = LCase(Request.ServerVariables("SERVER_NAME"))
If instr (1,strServerName,"ntest") > 0 Then
IstestMode = True
Else
IstestMode = False
End If
End Function
'--------------------------------------
' IsDevelMode
'--------------------------------------
Function IsDevelMode()
Dim strServerName
strServerName = LCase(Request.ServerVariables("SERVER_NAME"))
If instr (1,strServerName,"redserver") > 0 Then
IsDevelMode = True
Else
IsDevelMode = False
End If
End Function
'------------------------------------
' CollectData()
'------------------------------------
Sub CollectData()
Dim strSQL
Dim rsAdd
Dim strName
On Error Resume Next
strSQL = " INSERT TranscamionQuotes (DateRec," & _
"Name, " & _
"Tel, " & _
"Email, " & _
"Message, " & _
"Market) " & _
"VALUES (getDate(), " & _
ToDB(Trim(Request.Form("txtName"))) & "," & _
ToDB(Trim(Request.Form("txtTelephone"))) & "," & _
ToDB(Trim(Request.Form("txtEmail"))) & "," & _
ToDB(Trim(Request.Form("txtMessage"))) & "," & _
ToDB(MK_SECTOR) & ")"
Call OpenDB("FerriesAFRY")
Call gobjDB.Execute(strSQL)
If Err Then
Response.Write "ERROR: phone +49 (0)898 960 730 "
Response.Write "Err=" & Err.number & "/" & Err.description & " "
Exit Sub
End If
Call CloseDB()
On Error Goto 0
End Sub
'------------------------------------------------
' SendEmail()
'------------------------------------------------
Sub SendEmail()
Dim cdoConfig
Dim strBody
Dim strEmail, strFromEmail
Dim rs
Dim objEMail
Err.Clear
On Error Resume Next
Set objEMail = Server.CreateObject("CDO.Message")
Set cdoConfig = CreateObject("CDO.Configuration")
With cdoConfig.Fields
.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mailgate.entee.co.uk"
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
.Update
End With
Set objEMail.Configuration = cdoConfig
If Err.Number Then
On Error Goto 0
Response.Write " SendEmail afrycontactus: Failed to CreateObject CDO.Message EmailToCustomer"
Err.Clear
Exit Sub
End If
strBody = "Transcamion Account Request" & VBCRLF
strBody = strBody & "---------------------------" & VBCRLF
strBody = strBody & "Market: " & MK_SECTOR & VBCRLF
strBody = strBody & "Name: " & Request.Form("txtName") & VBCRLF
strBody = strBody & "Tel: " & Request.Form("txtTelephone") & VBCRLF
strBody = strBody & "Email: " & Request.Form("txtEmail") & VBCRLF
strBody = strBody & "Message: " & Request.Form("txtMessage") & VBCRLF
strEmail = "garyc@entee.co.uk" 'TEST
If Trim(Request.Form("txtEmail")) = "" Then
strFromEmail = "NOREPLY@transcamion.com"
Else
strFromEmail = Trim(Request.Form("txtEmail"))
End if
objEMail.To = strEmail
objEmail.CC = "garyc@entee.co.uk" 'TEST
objEMail.From = strFromEmail
objEMail.Subject = "Transcamion Account Enquiry - " & Request.Form("txtName")
objEMail.TextBody = strBody
objEMail.Send()
If Err.Number Then
Response.Write ""
Err.Clear
Set objEMail = Nothing
Exit Sub
End If
Set objEMail = Nothing
End Sub
'------------------------------------------------
' ShowResponse()
'------------------------------------------------
Sub ShowResponse()
%>
Transcamion Cargo
<%response.Write "
" %>
Dziękujemy za zapytanie. Jeden z naszych pracowników skontaktuje sie z Państwem jak najszybciej.
<%response.Write "
" %>
<%
End Sub
'-----------------------------------------------------------
' OWASPValidate
'-----------------------------------------------------------
Function OWASPValidate()
Dim OWASPErrMsg : OWASPErrMsg = ""
Dim OWASPErrCnt : OWASPErrCnt = 0
Dim OWASPHeading
If Not gObjSec.General(Request.Form("txtName")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Nazwa firmy nie jest ważna." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.AlphaNumeric(Request.Form("txtTelephone")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Numer telefonu jest nieprawidłowy." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.Email(Request.Form("txtEmail")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Adres e-mail nie jest prawidłowy." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.Alpha(Request.QueryString("txtVehType")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Typ pojazdu nie jest ważny." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.Alpha(Request.QueryString("txtRoute1")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Informacje o trasie nie jest ważna." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If Not gObjSec.AlphaNumeric(Request.QueryString("txtMessage")) Then
OWASPErrMsg = OWASPErrMsg & "
" & "Wiadomość nie jest ważna." & "
" & vbCRLF
OWASPErrCnt = OWASPErrCnt + 1
End If
If OWASPErrCnt > 0 Then
OWASPHeading = "" & " Wystapił następujący problem"
If OWASPErrCnt > 1 Then OWASPHeading = OWASPHeading & "y"
OWASPHeading = OWASPHeading & ": " & vbCRLF
OWASPErrMsg = "
" & vbCRLF & _
OWASPHeading & "
" & OWASPErrMsg & "
" & vbCRLF & "
" & vbCRLF
End If
OWASPValidate = cBool(OWASPErrCnt = 0)
End function
'-----------------------------------------------------
' ToDB
'-----------------------------------------------------
Function ToDB(pstrIn)
Dim strOut
if instr(1,pstrIn, "'",vbtextcompare) > 0 then
strOut = Replace(pstrIn, "'", "''", 1)
ToDB = "'" & strOut & "'"
else
ToDB = "'" & pstrIn & "'"
end if
End Function
%>