<%@ LANGUAGE="VBScript" %>
<%
OPTION EXPLICIT
' Insert the compact P3P header before assigning any cookies
response.expires = 0
response.addheader "P3P","CP=""NON STP DSP COR ADM CUR OUR CNT COM NAV STA"""
'*******************************************************************************
'*
'* Name: Contact Form
'* Author: Brian Hanifin
'* Date Created: 01.04.2002
'* Purpose: Allow users to contact the company.
'*
'* File: /contact.asp
'* Called By: /contact.asp
'*
'* ============================================================================
'*
'* Modifications:
'* (Date) (Author) - (Reason)
'*
'*******************************************************************************
%>
<%
' Define the number of required fields on this form
CONST REQ_FIELDCOUNT = 4
CONST LOG_FILE = "..\..\database\contact.csv"
CONST DEFAULT_CONTACT = "brian+contactform@hanifin.net"
DIM objRS, objDB
DIM strSQL
DIM strName, strEmail, strSubject, strMessage
DIM strMessageBody, strContact, strContactEmail, strQueryString
DIM strError, strSpecialError
DIM i, j, intErrorCount
DIM bolSubmitted, bolCC
DIM arrError
REDIM arrError(REQ_FIELDCOUNT)
PUBLIC FUNCTION AddError(ByVal strMessage, ByVal intErrorCount)
intErrorCount = intErrorCount + 1
arrError(intErrorCount) = strMessage
AddError = intErrorCount
END FUNCTION
PUBLIC SUB DisplayContent()
%><%
END SUB
' Destroy the Database object (objDB), then Close the database
PUBLIC SUB DBClose()
objDB.close
SET objDB = nothing
END SUB
PUBLIC SUB DSNOpen(ByVal strSystemDSN)
SET objDB = Server.CreateObject("ADODB.Connection")
objDB.Open strSystemDSN
END SUB
PUBLIC SUB FormToLocals()
strQueryString = Request.QueryString
if Request("qs") <> "" then strQueryString = Request("qs")
strName = Request.Form("name")
strEmail = Request.Form("email")
strSubject = Request("subject")
strMessage = Request.Form("message")
'response.write "strSubject = " & strSubject & "
"
' Has the form been submitted?
if Request.Form("submitted") <> "" then
bolSubmitted = TRUE
else
bolSubmitted = FALSE
end if
' Did the sender request to be copied?
if Request("cc") <> "" then
bolCC = TRUE
else
bolCC = FALSE
end if
END SUB
PUBLIC FUNCTION GetLogBody()
DIM strLogBody
strLogBody = FormatCSV(strContactEmail) & "," & _
FormatCSV(strName) & "," & _
FormatCSV(strEmail) & "," & _
FormatCSV(strSubject) & "," & _
FormatCSV(strMessage)
'response.write "" & strLogBody & "
"
'response.end
GetLogBody = strLogBody
END FUNCTION
PUBLIC SUB GetRecipient()
' If no info is specified, then the Email should be directed to me.
strContactEmail = DEFAULT_CONTACT
strContact = "Brian Hanifin"
' Retrieve the contact's Email address
'if strQueryString = "" then
'else
if strQueryString <> "" AND InStr(strQueryString,"=") = 0 then
' Assume the recipient has an address @hanifin.net
strContactEmail = strQueryString & "@hanifin.net"
' Define the name
strContact = UCase(Left(strQueryString,1)) & Mid(strQueryString,2)
SELECT CASE LCase(strQueryString)
CASE "brian", "dave", "david", "melissa"
strContact = strContact & " " & "Hanifin"
END SELECT
elseif Request("mid") <> "" then
' Retrieve the Contact Info from the Message database
GetRecipientFromMessage(Request("mid"))
elseif Request("gid") <> "" then
' Retrieve the Contact Info from the Guestbook database
GetRecipientFromGuestbook(Request("gid"))
end if
END SUB
PUBLIC SUB GetRecipientFromGuestbook(ByVal intID)
' Define the query
strSQL = "SELECT name, email FROM log WHERE id=" & intID & ";"
' Execute the query
'Call RSOpen(strSQL, "HanifinGuestbook")
DSNOpen("HanifinGuestbook")
SET objRS = objDB.Execute(strSQL)
'if objRS.RecordCount > 0 then
strContact = objRS("name")
strContactEmail = objRS("email")
'end if
RSClose()
DBClose()
END SUB
PUBLIC SUB GetRecipientFromMessage(ByVal intID)
' Define the query
strSQL = "SELECT fldName, fldEmail, fldTitle, fldBody FROM tblBulletin WHERE fldAuto=" & intID & ";"
' Execute the query
'Call RSOpen(strSQL, "HanifinBulletin")
DSNOpen("HanifinBulletin")
SET objRS = objDB.Execute(strSQL)
'if objRS.RecordCount > 0 then
strContact = objRS("fldName")
strContactEmail = objRS("fldEmail")
if strSubject = "" then strSubject = objRS("fldTitle")
'strMessage = objRS("fldBody")
' Prepend a reguarding before the message subject
if UCase(Left(strSubject,2)) <> "RE" then
strSubject = "RE: " & strSubject
end if
'end if
RSClose()
DBClose()
END SUB
PUBLIC SUB RSOpen(ByVal strSQL, ByVal strDSN)
SET objRS = Server.CreateObject("ADODB.Recordset")
objRS.Open strSQL, strDSN, adOpenStatic, adLockReadOnly, adCmdText
END SUB
' Close the RecordSet object (objRS) then Destroy it
PUBLIC SUB RSClose()
objRS.close
SET objRS = nothing
END SUB
PUBLIC SUB SendEmail()
DIM strCC
' Define a generic subject when one was not provided by the sender.
if strSubject = "" then strSubject = "Email from a hanifin.net visitor"
' CC the sender when requested.
if bolCC then strCC = strEmail
' Email contents of form to the recipient
CDONTS_Mail strContactEmail, strName, strEmail, strCC, "", strSubject, strMessage
END SUB
' Verify the form was filled out correctly.
PUBLIC FUNCTION ValidateForm()
' Initialize the error count to 0
intErrorCount = 0
if strName = "" then intErrorCount = AddError("Please enter your Name.", intErrorCount)
if strEmail = "" then
intErrorCount = AddError("Please enter your Email address.", intErrorCount)
elseif NOT IsEmail(strEmail) then
intErrorCount = AddError("You must enter a valid Email address.", intErrorCount)
end if
if strMessage = "" then intErrorCount = AddError("Please enter a Message.", intErrorCount)
' Return the value of the error message
ValidateForm = intErrorCount
END FUNCTION
PRIVATE SUB WriteLog(ByVal strLogFile, ByVal strBody)
DIM strLeftChar
'response.write Server.MapPath(strLogFile)
' Find the Physical path to the log file
strLogFile = Replace(strLogFile, "\", "/")
strLeftChar = Left(strLogFile, 1)
If strLeftChar <> "." OR strLeftChar <> "/" Then strLogFile = "./" & strLogFile
strLogFile = Replace(strLogFile,"//","/")
strLogFile = Server.MapPath(strLogFile)
' Add Date/Time
strBody = FormatCSV(Now()) & "," & strBody
' Append the text to the bottom of the file
Call WriteFile(strBody, strLogFile)
END SUB
' Try to work past the error. The user doesn't need to see the detailed report.
ON Error Resume Next
' Retrieve the form values
FormToLocals()
' Retrieve the recipient's contact information
GetRecipient()
' When the form is submitted
if bolSubmitted then
' SECURITY MEASURE: don't send the message if the referrer is not the localhost!
if InStr(Request.ServerVariables("HTTP_REFERER"),"hanifin.net") > 0 then
' Validate the form
intErrorCount = ValidateForm()
' If there are no errors, send the Email
if intErrorCount = 0 then
SendEmail()
' Only log my personal Emails
if strContactEmail = "brian@hanifin.net" OR strContactEmail = DEFAULT_CONTACT then
Call WriteLog(LOG_FILE, GetLogBody())
end if
' Store the user's contact info in cookies
Response.Cookies("Hanifin")("Name") = strName
Response.Cookies("Hanifin")("Email") = strEmail
end if
end if
else
' Set default form values
strName = Request.Cookies("Hanifin")("Name")
strEmail = Request.Cookies("Hanifin")("Email")
bolCC = TRUE
end if
' When an error occurs, display a friendly error message and notify the development team so action can be taken.
if Err.Number <> 0 then
SELECT CASE Err.Number
CASE 3021
if strQueryString <> "" then
strSpecialError = "We're sorry, this message has been deleted so we are unable to retrieve that user's Email address. If you'd like you may contact the webmaster instead."
end if
CASE ELSE
' Execute the error handler
RunErrorHandler()
END SELECT
end if
%>