<% 'This file is part of ProductCart, an ecommerce application developed and sold by Early Impact LLC. ProductCart, its source code, the ProductCart name and logo are property of Early Impact, LLC. Copyright 2001-2003. All rights reserved. You are not allowed to use, alter, distribute and/or resell any parts of ProductCart's source code without the written consent of Early Impact. To contact Early Impact, please visit www.earlyimpact.com. %> <% response.Buffer=true %> <% on error resume next pcStrPageName = "contact.asp" 'Check to see if store has been turned off by admin, then display message If scStoreOff="1" then response.redirect "msg.asp?message=59" End If dim conntemp, query, rs, rs2, ErrCheckEmail, pcv_intSuccess Dim TurnOnSecurity '1 - Turn On (Default) '0 - Turn Off TurnOnSecurity=1 Dim pcSecurityPath, strSiteSecurityURL IF TurnOnSecurity=1 THEN pcSecurityPath=Request.ServerVariables("PATH_INFO") pcSecurityPath=mid(pcSecurityPath,1,InStrRev(pcSecurityPath,"/")-1) If UCase(Trim(Request.ServerVariables("HTTPS")))="OFF" then strSiteSecurityURL="http://" & Request.ServerVariables("HTTP_HOST") & pcSecurityPath & "/" Else strSiteSecurityURL="https://" & Request.ServerVariables("HTTP_HOST") & pcSecurityPath & "/" End if END IF call openDb() pIdCustomer=session("idCustomer") msg=getUserInput(request.querystring("msg"),0) pcv_isNameRequired=True pcv_isEmailRequired=True pcv_isTitleRequired=True pcv_isBodyRequired=True if request.form("updatemode")="1" then '//set error to zero pcv_intErr=0 pcs_ValidateEmailField "FromEmail", pcv_isEmailRequired, 0 pcs_ValidateTextField "FromName", pcv_isNameRequired, 0 pcs_ValidateTextField "MsgTitle", pcv_isTitleRequired, 0 pcs_ValidateTextField "MsgBody", pcv_isBodyRequired, 0 IF TurnOnSecurity=1 THEN Session("store_postnum")=replace(request("postnum"),"'","''") pcv_Test=0 if InStr(ucase(Request.ServerVariables("HTTP_REFERER")),ucase(strSiteSecurityURL & pcStrPageName))<>1 then session("store_postnum")="" session("store_num")="" pcv_test=1 end if if pcv_Test=1 then if session("AttackCount")="" then session("AttackCount")=0 end if session("AttackCount")=session("AttackCount")+1 if session("AttackCount")>=scAttackCount then session("AttackCount")=0%> <%end if response.redirect pcStrPageName & "?msg=security1" response.end end if if pcv_Test=0 then if session("store_num")&"" <> Session("store_postnum")&"" then session("store_postnum")="" session("store_num")="" pcv_test=1 end if end if if pcv_Test=1 then if session("AttackCount")="" then session("AttackCount")=0 end if session("AttackCount")=session("AttackCount")+1 if session("AttackCount")>=scAttackCount then session("AttackCount")=0%> <%end if response.redirect pcStrPageName & "?msg=security2" response.end end if END IF '//Email error for page If Session("ErrFromEmail")="" OR isNULL(Session("ErrFromEmail")) Then Session("ErrFromEmail")=0 if Session("ErrFromEmail")=1 then pcv_strGenericPageError = server.URLEncode(dictLanguage.Item(Session("language")&"_sendpassword_1")) else '//generic error for page pcv_strGenericPageError = server.URLEncode(dictLanguage.Item(Session("language")&"_Custmoda_18")) end if '///////////////////////////////////////////////////// '// Check for Validation Errors '///////////////////////////////////////////////////// If pcv_intErr>0 Then response.redirect pcStrPageName&"?msg="&pcv_strGenericPageError else CustName=Session("pcSFFromName") CustEmail=Session("pcSFFromEmail") MsgTitle=dictLanguage.Item(Session("language")&"_Contact_9") & Session("pcSFMsgTitle") MsgTitle=replace(MsgTitle,"''","'") '// Add variables to body MsgBody=MsgBody & dictLanguage.Item(Session("language")&"_Contact_6") & CustName & vbcrlf MsgBody=MsgBody & dictLanguage.Item(Session("language")&"_Contact_7") & CustEmail & vbcrlf '// IF customer is logged in, add more information if pIdCustomer>0 then '// Generate link to customer edit page SPath1=Request.ServerVariables("PATH_INFO") mycount1=0 do while mycount1<2 if mid(SPath1,len(SPath1),1)="/" then mycount1=mycount1+1 end if if mycount1<2 then SPath1=mid(SPath1,1,len(SPath1)-1) end if loop SPathInfo="http://" & Request.ServerVariables("HTTP_HOST") & SPath1 if Right(SPathInfo,1)="/" then else SPathInfo=SPathInfo & "/" end if dURL=SPathInfo & scAdminFolderName & "/login_1.asp?redirectUrl=" & Server.URLEnCode(SPathInfo & scAdminFolderName & "/modcusta.asp?idcustomer=" & pIdCustomer) MsgBody=MsgBody & dictLanguage.Item(Session("language")&"_Contact_8") & dURL & vbcrlf & vbcrlf end if '// END IF customer is logged in MsgBody=MsgBody & dictLanguage.Item(Session("language")&"_Contact_5") & vbcrlf & vbcrlf MsgBody=MsgBody & Session("pcSFMsgBody") MsgBody=replace(MsgBody,"''","'") call sendmail (CustName,CustEmail,scFrmEmail,MsgTitle,MsgBody) pcv_intSuccess=1 End If End If if pIdCustomer>0 AND msg="" then query="SELECT name,lastName,email FROM customers WHERE idCustomer=" &pIdCustomer set rs=Server.CreateObject("ADODB.Recordset") set rs=conntemp.execute(query) if err.number <> 0 then set rs=nothing call closeDb() response.redirect "techErr.asp?error="& Server.Urlencode("Error on contact.asp: "&Err.Description) end if Session("pcSFFromName")=rs("name") & " " & rs("lastName") Session("pcSFFromEmail")=rs("email") Session("pcSFMsgTitle")="" Session("pcSFMsgBody")="" set rs=nothing call closeDB() end if %> <% if pcv_intSuccess<>1 then %>

<%response.write dictLanguage.Item(Session("language")&"_CustPref_12")%>
<%response.write dictLanguage.Item(Session("language")&"_Contact_1")%>
<% If msg<>"" or request("msg")<>"" then %> <%if request("msg")="security1" then%>
<%response.write dictLanguage.Item(Session("language")&"_security_2")%>
<%else if request("msg")="security2" then%>
<%response.write dictLanguage.Item(Session("language")&"_security_6")%>
<%else if msg<>"" then%>
<%=msg%>
<%end if end if end if%> <% end if %>
<%IF TurnOnSecurity=1 THEN%> <%END IF%>

<%response.write dictLanguage.Item(Session("language")&"_Contact_2")%>

"> <% pcs_RequiredImageTag "FromName", pcv_isNameRequired %>

<%response.write dictLanguage.Item(Session("language")&"_Contact_3")%>

"> <% pcs_RequiredImageTag "FromEmail", pcv_isEmailRequired %>

<%response.write dictLanguage.Item(Session("language")&"_Contact_4")%>

"> <% pcs_RequiredImageTag "MsgTitle", pcv_isTitleRequired %>

<%response.write dictLanguage.Item(Session("language")&"_Contact_5")%>

<% pcs_RequiredImageTag "MsgBody", pcv_isBodyRequired %>

<%response.write dictLanguage.Item(Session("language")&"_security_1")%>


<%For k=1 to 6%><%Next%>

" id="submit">

">
<% else %>

<%response.write dictLanguage.Item(Session("language")&"_CustPref_12")%>
<%response.write dictLanguage.Item(Session("language")&"_Contact_10")%>

">
<% end if %>