<%@ Language=VBScript %> <%Option Explicit%> <% Const MK_SECTOR = "PL" Dim gstrRefercode, gstrHidHomeURL, gstrRoutes, gstrRoute1, gstrRoute2, gstrRoute3, gstrRoute4 Dim gstrLanguage, gstrPopUp, gstrCurrency, gstrBackground, gstrSelectwidth, gstrType, gstrBodyOnload Dim gstrCheckedReturn, gstrCheckedSingle, gstrPopUPQS, gstrCurrencyQS, gstrMulti, gstrHidHomeURLQS, gstrText Dim gobjDB, gDB, gstrCompareReferCode, gstrAgentID, gstrhidReferFlags Dim gstrRoutestring, gstrRoutestringex Dim objRS Dim strSQL Dim intI Dim strJourney Dim strTemp Dim intJ '* OWASP ********************** Dim gobjSec Set gobjSec = CreateObject("OWASP.Security") gObjSec.ExternalLocation = Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("SCRIPT_NAME") & "?" & Request.QueryString gObjSec.LogFailedTests = true '****************************** If Request.QueryString("refercode")<>"" Then gstrRefercode=Request.QueryString("refercode") Else gstrRefercode="AFRY" End If If Request.QueryString("routes")<>"" Then gstrRoutes=Request.QueryString("routes") Else gstrRoutes="TRANSCAM" End If gstrRoute1=Request.QueryString("route1") If Request.QueryString("language")<>"" Then gstrLanguage=Request.QueryString("language") Else gstrLanguage="GB" End If If Request.QueryString("background")<>"" Then gstrBackground= Request.QueryString("background") Else gstrBackground="FFFFFF" End If If Request.QueryString("text")<>"" Then gstrText=Request.QueryString("text") Else gstrText="000000" End If If Request.Form("hidSubmit") = "SEND" Then Call SendEmail() If Not OWASPValidate() Then Set gObjSec = Nothing Else Call CollectData() End If Call ShowResponse() Response.End End if %> Transcamion Cargo
<% '----------------------------------------------------------- Sub OpenDB(pstrDSN) Set gobjDB = CreateObject("ADODB.Connection") gobjDB.Open "DSN=" & pstrDSN & ";UID=sa;PWD=;" End Sub '----------------------------------------------------------- Sub CloseDB() gobjDB.Close Set gobjDB = Nothing End Sub '-------------------------------------- ' IsStageMode '-------------------------------------- Function IsStageMode() Dim strServerName strServerName = LCase(Request.ServerVariables("SERVER_NAME")) If instr (1,strServerName,"stage") > 0 Then IsStageMode = True Else IsStageMode = False End If End Function '-------------------------------------- ' IstestMode '-------------------------------------- Function IstestMode() Dim strServerName strServerName = LCase(Request.ServerVariables("SERVER_NAME")) If instr (1,strServerName,"ntest") > 0 Then IstestMode = True Else IstestMode = False End If End Function '-------------------------------------- ' IsDevelMode '-------------------------------------- Function IsDevelMode() Dim strServerName strServerName = LCase(Request.ServerVariables("SERVER_NAME")) If instr (1,strServerName,"redserver") > 0 Then IsDevelMode = True Else IsDevelMode = False End If End Function '------------------------------------ ' CollectData() '------------------------------------ Sub CollectData() Dim strSQL Dim rsAdd Dim strName On Error Resume Next strSQL = " INSERT TranscamionQuotes (DateRec," & _ "Name, " & _ "Tel, " & _ "Email, " & _ "VehType, " & _ "Route, " & _ "Message, " & _ "Market) " & _ "VALUES (getDate(), " & _ ToDB(Trim(Request.Form("txtName"))) & "," & _ ToDB(Trim(Request.Form("txtTelephone"))) & "," & _ ToDB(Trim(Request.Form("txtEmail"))) & "," & _ ToDB(Trim(Request.Form("txtVehType"))) & "," & _ ToDB(Trim(Request.Form("txtRoute1"))) & "," & _ ToDB(Trim(Request.Form("txtMessage"))) & "," & _ ToDB(MK_SECTOR) & ")" Call OpenDB("FerriesAFRY") Call gobjDB.Execute(strSQL) If Err Then Response.Write "błąd: telefon +49 (0)898 960 730
" Response.Write "Err=" & Err.number & "/" & Err.description & "
" Exit Sub End If Call CloseDB() On Error Goto 0 End Sub '------------------------------------------------ ' SendEmail() '------------------------------------------------ Sub SendEmail() Dim cdoConfig Dim strBody Dim strEmail, strFromEmail Dim rs Dim objEmail, objBodyPart Err.Clear On Error Resume Next Set objEmail = Server.CreateObject("CDO.Message") Set objBodyPart = objEmail.BodyPart objBodyPart.Charset = "UTF-8" Set cdoConfig = CreateObject("CDO.Configuration") With cdoConfig.Fields .Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 .Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mailgate.entee.co.uk" .Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 .Update End With Set objEmail.Configuration = cdoConfig If Err.Number Then On Error Goto 0 Response.Write "
błąd : SendEmail TranscamionPLcontactus: CDO.Message EmailToCustomer" Err.Clear Exit Sub End If strBody = "Transcamion Quote Request" & VBCRLF strBody = strBody & "---------------------------" & VBCRLF strBody = strBody & "Market: " & MK_SECTOR & VBCRLF strBody = strBody & "Name: " & Request.Form("txtName") & VBCRLF strBody = strBody & "Tel: " & Request.Form("txtTelephone") & VBCRLF strBody = strBody & "Email: " & Request.Form("txtEmail") & VBCRLF strBody = strBody & "VehType: " & Request.Form("txtVehType") & VBCRLF strBody = strBody & "Route: " & Request.Form("txtRoute1") & VBCRLF strBody = strBody & "Message: " & Request.Form("txtMessage") & VBCRLF strEmail = "ferry@transcamion.com" 'LIVE If Trim(Request.Form("txtEmail")) = "" Then strFromEmail = "NOREPLY@transcamion.com" Else strFromEmail = Trim(Request.Form("txtEmail")) End if objEmail.To = strEmail objEmail.CC = "promotion@transcamion.com" 'LIVE objEmail.BCC = "jameshd@entee.co.uk; sarahp@2mgroup.com" objEmail.From = strFromEmail objEmail.Subject = "Transcamion Quote - " & Request.Form("txtName") objEmail.TextBody = strBody objEmail.TextBodyPart.CharSet = "UTF-8" 'Extra bit for PL. objEmail.Send() If Err.Number Then Response.Write "" Err.Clear Set objEmail = Nothing Exit Sub End If Set objEmail = Nothing End Sub '------------------------------------------------ ' ShowResponse() '------------------------------------------------ Sub ShowResponse() %> Transcamion Cargo <%response.Write "
Dziękujemy za zapytanie. Jeden z naszych pracowników skontaktuje sie z Państwem jak najszybciej.
" %> <% End Sub '----------------------------------------------------------- ' OWASPValidate '----------------------------------------------------------- Function OWASPValidate() Dim OWASPErrMsg : OWASPErrMsg = "" Dim OWASPErrCnt : OWASPErrCnt = 0 Dim OWASPHeading If Not gObjSec.General(Request.Form("txtName")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "Nazwa firmy nie jest ważna." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.AlphaNumeric(Request.Form("txtTelephone")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "Numer telefonu jest nieprawidłowy." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.Email(Request.Form("txtEmail")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "Adres e-mail nie jest prawidłowy." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.Alpha(Request.QueryString("txtVehType")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "Typ pojazdu nie jest ważny." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.Alpha(Request.QueryString("txtRoute1")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "Informacje o trasie nie jest ważna." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If Not gObjSec.AlphaNumeric(Request.QueryString("txtMessage")) Then OWASPErrMsg = OWASPErrMsg & "
  • " & "Wiadomość nie jest ważna." & "
  • " & vbCRLF OWASPErrCnt = OWASPErrCnt + 1 End If If OWASPErrCnt > 0 Then OWASPHeading = "" & " Wystapił następujący problem" If OWASPErrCnt > 1 Then OWASPHeading = OWASPHeading & "y" OWASPHeading = OWASPHeading & ":
    " & vbCRLF OWASPErrMsg = "
    " & vbCRLF & _ OWASPHeading & "" & vbCRLF & "
    " & vbCRLF End If OWASPValidate = cBool(OWASPErrCnt = 0) End function '----------------------------------------------------- ' ToDB '----------------------------------------------------- Function ToDB(pstrIn) Dim strOut if instr(1,pstrIn, "'",vbtextcompare) > 0 then strOut = Replace(pstrIn, "'", "''", 1) ToDB = "'" & strOut & "'" else ToDB = "'" & pstrIn & "'" end if End Function %>