Solved

Formmail - Error in firefox - Microsoft VBScript runtime  error '800a0009'

Posted on 2006-11-03
6
2,777 Views
Last Modified: 2007-11-27
Hey,
I am using the formmail script and it works perfectly in IE (appart from realname not displaying in the email - but thats another post....)

I have the following problem when running the formail script in firefox:

Microsoft VBScript runtime  error '800a0009'

Subscript out of range: '[number: 1]'

/scripts/formmail/formmail.asp, line 164

I cannot find the error in the code and have looked at some simlilar posts but have had no joy.

Hopefully someone has come across this problem before

Thanks

Andrew

FORMMAIL CODE:


<%@ Language = vbscript%>
<%option explicit %>
<%server.scripttimeout = 600 %>
<%
'------------------------------------------- FORMMAIL V1.3 ------------------------------------------

'----------------------------------------------------------------------------------------------------
'copyright information
'----------------------------------------------------------------------------------------------------
'Copyright 2002: Sorted Sites http://www.sortedsites.com
'Authors Jonas Tornqvist, David Parkes and Karl Snares
'This script is Freeware, which means you are free to use and modify
'the script for your own use.
'The only condition is this copyright header remain intact and you don't
'try and sell this script for profit without first asking us.
'And of course also ask Matt Wright who wrote the original perl version of Formmail.

'----------------------------------------------------------------------------------------------------
'license agreement - Important
'----------------------------------------------------------------------------------------------------
'By using this script you agree to indeminfy the developers - Sorted Sites of any loss
'or damages that may arise from its use or missue.
'This script is provided as is with all faults - no warranties and no guarantees.
'basically its free - use it at your own risk and cost.
'No warranties and no tech support - if you need help with this don't ask us!
'The documentation is provided as is with all the help we can offer.
'As we develop this script we shall post updates hopefully fix any bugs
'We are not obliged to release any future versions and we might not bother...
'By using this script you accept this license agreement!

'----------------------------------------------------------------------------------------------------
'documentation v1.3
'----------------------------------------------------------------------------------------------------

'####################################################################################################
'this is where the code starts for real
'####################################################################################################

'----------------------------------------------------------------------------------------------------
'declare variables
'----------------------------------------------------------------------------------------------------
Dim strFrom, strTo, strSubject, strBody
Dim objMessage, objConfig, strServer, intPort
Dim recipient, redirect, subject, realname, email, required, strEmail1, strEmail2
Dim referer, url, url_verified, icounter, query, iloop, query2, query3, i, agree, validation, error0, error0ok

'############################## CONFIGURATION VARIABLES ####################################

'These are the only lines you will need to change
'----------------------------------------------------------------------------------------------------
strServer = "ITD-SV.ITD.local" 'set which smtp server will be used to send the email. enter ip address or domain name. eg: "xxx.xxx.xxx.xxx" or "smtp.your-domain.com"
intPort = 25 'set the smtp port to be used when sending mail (by default port 25 is used)
'Referrer's Array is defined here. Enter the valid domains which may use this script.
url = Array("xxxxx.co.nz:81")'Set which urls that will be accepted. http://xxxxx/
     'Seperate multiple domains by commas
     'eg: url= Array("www.your-domain.com","your-domain.com","www.my-domain.com")
     'computer names can be used instead of domains if this script is being run locally
     'eg: url = Array("computername")

'######################################### IMPORTANT NOTICE #########################################
'IMPORTANT: do not modify anything below this line unless you know what you are doing!!
'######################################### IMPORTANT NOTICE #########################################
     
'----------------------------------------------------------------------------------------------------
'information type and CDOSYS constants
'----------------------------------------------------------------------------------------------------
%>
<!--METADATA TYPE="typelib"
UUID="CD000000-8B95-11D1-82DB-00C04FB1625D"
NAME="CDO for Windows 2000 Library" -->
<!--METADATA TYPE="typelib"
UUID="00000205-0000-0010-8000-00AA006D2EA4"
NAME="ADODB Type Library" -->
<%
'----------------------------------------------------------------------------------------------------
'retrieved default fields
'----------------------------------------------------------------------------------------------------
recipient = request("recipient")
redirect = request("redirect")
subject = request("subject")
email = request("email")
required = request("required")
if required = "" then
     required = "recipient,subject,email,redirect"
else
     required = "recipient,subject,email,redirect," & required
end if

'----------------------------------------------------------------------------------------------------
'verify the referer
'----------------------------------------------------------------------------------------------------
referer = request.ServerVariables("HTTP_REFERER")
referer = split(referer,"/")
url_verified = "no"
for icounter = Lbound(url) to Ubound(url) '
     if referer(2) = url(icounter) then
          url_verified = "yes"
     end if
next
if not url_verified = "yes" then
     response.write("The url specified is invalid!")
     response.End
end if

'----------------------------------------------------------------------------------------------------
'verify the recipient(not tested)
'----------------------------------------------------------------------------------------------------
'trimed_referer = split(referer(2),".")'
'response.write recipient & "<br>" & referer(2) & "=" & trimed_referer(0) & "<br>"
'if trimed_referer(0) = "www" then
'     if InStr(1,recipient,trimed_referer(1),1) = 0 then
'          response.write "recipient don't match the referer"
'          response.end
'     end if
'else
'     if InStr(1,recipient,trimed_referer(0),1) = 0 then
'          response.write "recipient don't match the referer"
'          response.end
'     end if
'end if

'----------------------------------------------------------------------------------------------------
'retrieve form contents and create email fields
'----------------------------------------------------------------------------------------------------
query = Request.ServerVariables("QUERY_STRING")
query = split(query,"&")
query3 = split(required,",")
     For iLoop = Lbound(query) to UBound(query)
          query2 = split(query(iloop),"=")
     
'----------------------------------------------------------------------------------------------------
'form validation, checks required fields are not null
'----------------------------------------------------------------------------------------------------
          for i = LBound(query3) to UBound(query3)
               if query3(i) = query2(0) then
                    if query2(1) = "" then
                         response.write ("you must enter a valid ") & query2(0)
                         response.end
                    end if
               end if
               
               'if query2(0) = "agree" then
                    'if query2(1) <> "on" or query2(1) = "" then
                    '     response.write("You must agree to terms and conditions to enable Formmailv1.3 to execute!")
                    'response.end
                    'end if
               'end if
               
'----------------------------------------------------------------------------------------------------
'form validation, checks a valid email address has been specified
'----------------------------------------------------------------------------------------------------              
               if query2(0) = "email" then
                    trim(query2(0))
                    if len(query2(1))<8 then
                         response.Write("You must specify a valid ") & query2(0)
                         response.end
                    end if
                    if instr(query2(1),"@")=0 and instr(query2(1),".")=0 then
                         response.write query2(1)
                         response.Write("You must specify a valid ") & query2(0)
                         response.end
                    end if
                    strEmail1 = split(query2(1),"@")
                    if len(strEmail1(1))<3 then
                         response.Write("You must specify a valid ") & query2(0)
                         response.end
                    end if
                    strEmail2 = split(strEmail1(1),".")
                    if len(strEmail2(0))<3 then
                         response.Write("You must specify a valid ") & query2(0)
                         response.end
                    end if
                    if len(strEmail2(1))<2 then
                         response.Write("You must specify a valid ") & query2(0)
                         response.end
                    end if
               end if

'----------------------------------------------------------------------------------------------------
'form validation, checks terms and conditions checkbox has been ticked
'----------------------------------------------------------------------------------------------------
               
          Next
          if not query2(0) = "recipient" and not query2(0) = "redirect" and not query2(0) = "subject" and not query2(0) = "realname" and not query2(0) = "email" and not query2(0) = "required" and not query2(0) = "agree" then
               strBody = strBody & vbnewline & vbnewline & query2(0) &": " & query2(1)
          end if
     Next
if email = "" then
     email = "formmail@" & referer(2)
end if
'----------------------------------------------------------------------------------------------------
'replaces any special characters parsed through the query string
'----------------------------------------------------------------------------------------------------
strbody = replace(strbody, "+"," ")
strbody = replace(strbody, "%26%238364%3B","€")
strbody = replace(strbody, "%A1","¡")
strbody = replace(strbody, "%A3","£")
strbody = replace(strbody, "%A8","¨")
strbody = replace(strbody, "%AA","ª")
strbody = replace(strbody, "%AC","¬")
strbody = replace(strbody, "%B4","´")
strbody = replace(strbody, "%B7","·")
strbody = replace(strbody, "%BA","º")
strbody = replace(strbody, "%BF","¿")
strbody = replace(strbody, "%C7","Ç")
strbody = replace(strbody, "%E7","ç")
strbody = replace(strbody, "%0D%0A",vbnewline)
strbody = replace(strbody, "%21","!")
strbody = replace(strbody, "%23","#")
strbody = replace(strbody, "%24","$")
strbody = replace(strbody, "%25","%")
strbody = replace(strbody, "%26","&")
strbody = replace(strbody, "%27","'")
strbody = replace(strbody, "%28","(")
strbody = replace(strbody, "%29",")")
strbody = replace(strbody, "%2B","+")
strbody = replace(strbody, "%2C",",")
strbody = replace(strbody, "%2D","-")
strbody = replace(strbody, "%2E",".")
strbody = replace(strbody, "%2F","/")
strbody = replace(strbody, "%3A",":")
strbody = replace(strbody, "%3B",";")
strbody = replace(strbody, "%3C","<")
strbody = replace(strbody, "%3D","=")
strbody = replace(strbody, "%3E",">")
strbody = replace(strbody, "%3F","?")
strbody = replace(strbody, "%5B","[")
strbody = replace(strbody, "%5C","\")
strbody = replace(strbody, "%5D","]")
strbody = replace(strbody, "%5E","^")
strbody = replace(strbody, "%5F","_")
strbody = replace(strbody, "%60","`")
strbody = replace(strbody, "%7B","{")
strbody = replace(strbody, "%7C","|")
strbody = replace(strbody, "%7D","}")
strbody = replace(strbody, "%7E","~")

'----------------------------------------------------------------------------------------------------
'this creates the body of the mail message, the text in quotes can be modified accordingly
'---------------------------------------------------------------------------------------------------
strBody = "Here is the results of your form submitted from " & referer(2)  & vbnewline & vbnewline & "Name: " & realname & vbnewline &  vbnewline & "Email: " & email & vbnewline & strBody & vbnewline &  vbnewline & "############# End Formmail Tranmission #############"

'----------------------------------------------------------------------------------------------------
'checks if a smtp port has been specified, if not it uses the default port 25
'----------------------------------------------------------------------------------------------------
if intport <> 25 then
     intport = intport
else
     intport = 25
end if

'----------------------------------------------------------------------------------------------------
'send the mail message
'----------------------------------------------------------------------------------------------------    
set objMessage = CreateObject("CDO.Message")
objMessage.To = recipient
objMessage.From = email
objMessage.Subject = subject
objMessage.Sender = email
objMessage.Textbody = strBody

'----------------------------------------------------------------------------------------------------
'cdosys configuration setup
'----------------------------------------------------------------------------------------------------
set objConfig = CreateObject("CDO.Configuration")
objConfig.Fields(cdoSendUsingMethod) = cdoSendUsingPort
objConfig.Fields(cdoSMTPServer) = strServer
objConfig.Fields(cdoSMTPServerPort) = intPort
objConfig.Fields(cdoSMTPAuthenticate) = cdoAnonymous
objConfig.Fields.Update
set objMessage.Configuration = objConfig

'----------------------------------------------------------------------------------------------------
'define error handling procedures
'----------------------------------------------------------------------------------------------------
On Error Resume Next
     objMessage.Send
If Err.Number = 0 then
     response.write("Formmail v1.3 processed all operations successfully!")
else
     response.write("Formmail v1.3 detected the following errors:")& "<br>"
     response.write("error no.: ")&err.number & "<br>"
     response.write("description: ")&err.description & "<br>"
     response.end
End If
On Error Goto 0
     
'----------------------------------------------------------------------------------------------------
'send them to the page specified
'----------------------------------------------------------------------------------------------------
Response.Redirect redirect

'####################################################################################################
'This is where the code ends
'####################################################################################################
%>
<!-- That's All Folks -->
<!-- Happy Surfing -->
<!-- Credits -->
<!-- David Parkes - Project Planning -->
<!-- Jonas Tornqvist - Lead Programmer version 1-->
<!-- Karl Snares - Lead Programmer version 1.2 & 1.3
<!-- Matt Wright - Original Formmail CGI Developer -->










Contact_asp.asp CODE:

<%@ LANGUAGE="VBScript" %>
<%
'- Customization of these values is required, see documentation. -----------

   referers   = Array("")
   mailComp   = "ASPMail"
   smtpServer = "ITD-SV.ITD.local"
   fromAddr   = "xxx@xxxx.co.nz"

'- End required customization section. -------------------------------------

   Response.Buffer = true
   errorMsgs = Array()

   'Check for form data.

   if Request.ServerVariables("Content_Length") = 0 then
     call AddErrorMsg("No form data submitted.")
   end if

   'Check if referer is allowed.

   if UBound(referers) >= 0 then
     validReferer = false
     referer = GetHost(Request.ServerVariables("HTTP_REFERER"))
     for each host in referers
       if host = referer then
         validReferer = true
       end if
     next
     if not validReferer then
       if referer = "" then
         call AddErrorMsg("No referer.")
       else
         call AddErrorMsg("Invalid referer: '" & referer & "'.")
       end if
     end if
   end if

   'Check for the recipients field.

   if Request.Form("_recipients") = "" then
     call AddErrorMsg("Missing email recipient.")
   end if

   'Check all recipient email addresses.

   recipients = Split(Request.Form("_recipients"), ",")
   for each name in recipients
     name = Trim(name)
     if not IsValidEmailAddress(name) then
       call AddErrorMsg("Invalid email address in recipient list: " & name & ".")
     end if
   next
   recipients = Join(recipients, ",")

   'Get replyTo email address from specified field, if given, and check it.

   name = Trim(Request.Form("_replyToField"))
   if name <> "" then
     replyTo = Request.Form(name)
   else
     replyTo = Request.Form("_replyTo")
   end if
   if replyTo <> "" then
     if not IsValidEmailAddress(replyTo) then
       call AddErrorMsg("Invalid email address in reply-to field: " & replyTo & ".")
     end if
   end if

   'Get subject text.

   subject = Request.Form("_subject")

   'If required fields are specified, check for them.

   if Request.Form("_requiredFields") <> "" then
     required = Split(Request.Form("_requiredFields"), ",")
     for each name in required
       name = Trim(name)
       if Left(name, 1) <> "_" and Request.Form(name) = "" then
         call AddErrorMsg("Missing value for " & name)
       end if
     next
   end if

   'If a field order was given, use it. Otherwise use the order the fields were
   'received in.

   str = ""
   if Request.Form("_fieldOrder") <> "" then
     fieldOrder = Split(Request.Form("_fieldOrder"), ",")
     for each name in fieldOrder
       if str <> "" then
         str = str & ","
       end if
       str = str & Trim(name)
     next
     fieldOrder = Split(str, ",")
   else
     fieldOrder = FormFieldList()
   end if

   'If there were no errors, build the email note and send it.

   if UBound(errorMsgs) < 0 then

     'Build table of form fields and values.

     body = "<table border=""0"" cellpadding=""2"" cellspacing=""0"">" & vbCrLf
     for each name in fieldOrder
       body = body _
            & "<tr valign=""top"">" _
            & "<td><b>" & name & ":</b></td>" _
            & "<td>" & Request.Form(name) & "</td>" _
            & "</tr>" & vbCrLf
     next
     body = body & "</table>" & vbCrLf

     'Add a table for any requested environmental variables.

     if Request.Form("_envars") <> "" then
       body = body _
            & "<p>&nbsp;</p>" & vbCrLf _
            & "<table border=""0"" cellpadding=""2"" cellspacing=""0"">" & vbCrLf
       envars = Split(Request.Form("_envars"), ",")
       for each name in envars
         name = Trim(name)
         body = body _
              & "<tr valign=""top"">" _
              & "<td><b>" & name & ":</b></td>" _
              & "<td>" & Request.ServerVariables(name) & "</td>" _
              & "</tr>" & vbCrLf
       next
       body = body & "</table>" & vbCrLf
     end if

     'Send it.

     str = SendMail()
     if str <> "" then
       AddErrorMsg(str)
     end if

     'Redirect if a URL was given.

     if Request.Form("_redirect") <> "" then
       Response.Redirect(Request.Form("_redirect"))
     end if

   end if %>
<html><head><title>the urban garden - auckland's indoor plant hire specialists - contact us</title>


<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="index_files/styles.css" type="text/css">
<style type="text/css">
<!--
.style2 {color: #FFFFFF}
.style3 {color: #000000}
.style5 {
     font-size: 12px;
     font-weight: bold;
}
.style6 {font-weight: bold}
.style7 {font-size: 16px; font-family: Verdana, Arial, Helvetica, sans-serif; color: #000000;}
-->
</style>
</head><body leftmargin="0" topmargin="0" bgcolor="#999999" marginheight="0" marginwidth="0">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="780">
  <tbody><tr>
    <td height="120" bgcolor="#000000" class="logo style2" background="index_files/header1.jpg">&nbsp;</td>
  </tr>
</tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="780">
  <tbody><tr>
    <td bgcolor="#cccccc" height="250" valign="top" width="160"><table border="0" cellpadding="8" cellspacing="0" width="160">
      <tbody>
        <tr>
          <td class="text"><p class="style5 style8">&nbsp;</p></td>
        </tr>
        <tr>
          <div class="nav_main">
            <td class="nav_main"><a href="index.htm" class="text">&#9679; home</a> <a href="company.htm" class="text">&#9679; company</a> <a href="plants_1.htm" class="text">&#9679;  plants</a> <a href="planters_square_1.htm" class="text">&#9679; planters</a> <a href="services.htm" class="text">&#9679; services</a> <a href="benefits.htm" class="text">&#9679; benefits</a> <span class="nav_main_current">&#9679; contact</span> </td>
          </div>
        </tr>
       
        <tr>
          <div class="nav">
            <td class="text"><a href="index.htm" class="nav"></a></td>
          </div>
        </tr>
      </tbody>
    </table>
      </td>
    <td bgcolor="#eeeeee" height="250" valign="top">
      <table align="center" border="0" cellpadding="0" cellspacing="10" width="610">
        <tbody><tr>
          <td valign="top" width="150"><div align="center">
            <p><img src="index_files/quadro_table_small.jpg" width="100" height="124"></p>
            <p><img src="index_files/veranda_small.jpg" width="100" height="123"><br>          
              <br>          
              </p>
          </div></td>
          <td valign="top" class="text style6">
            <p class="style3"><span class="style7">how to contact the urban garden</span></p>
            <hr>
fill out the form below and we'll be in contact with you as soon as possible.
<form action="/scripts/formmail/formmail.asp" method="post">
<input type="hidden" name="recipient" value="xxxxx@xxxxx.co.nz">
<input type="hidden" name="redirect" value="http://xxxxxxSITE_DEVELOPMENT/ITD_DEVELOPMENT_SITES/Formmail_ASP_Development/Contact_asp.asp">
<input type="hidden" name="subject" value="Website Enquiry">
<input type="hidden" name="required" value="name,email">
<br>
name<br>
<input type=text size=45 name="name" value=""><p>
company name<br>
<input type=text size=45 name="company" value=""><p>
email<br>
<input type=text size=45 name="email" value=""><p>
phone<br>
<input type=text size=45 name="phone" value=""><p>
message<br>
<textarea name="message" value="" rows=6 cols=45></textarea><P>
<input type="submit" value="submit" />
<input type="reset" value="reset form" />
</p>
</form>
            </td>
        </tr>
      </tbody></table>    </td>
  </tr>
</tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" height="40" width="780">
  <tbody><tr>
    <td height="24" align="center" bgcolor="#333333" class="text style2">copyright &copy;
      2006 the urban garden<br>
      <a href="http://www.infomedix.co.nz"><img src="index_files/info medix logo_small.jpg" width="74" height="20" border="0"></a></td>
  </tr>
</tbody></table>
</body></html>

<% '---------------------------------------------------------------------------
   ' Subroutines and functions.
   '---------------------------------------------------------------------------

   sub AddErrorMsg(msg)

     dim n

    'Add an error message to the list.

     n = UBound(errorMsgs)
     Redim Preserve errorMsgs(n + 1)
     errorMsgs(n + 1) = msg

   end sub

   function GetHost(url)

     dim i, s

     GetHost = ""

     'Strip down to host or IP address and port number, if any.

     if Left(url, 7) = "http://" then
       s = Mid(url, 8)
     elseif Left(url, 8) = "https://" then
       s = Mid(url, 9)
     end if
     i = InStr(s, "/")
     if i > 1 then
       s = Mid(s, 1, i - 1)
     end if

     getHost = s

   end function

   'Define the global list of valid TLDs.

   dim validTlds

   function IsValidEmailAddress(emailAddr)

     dim i, localPart, domain, charCode, subdomain, subdomains, tld

     'Check for valid syntax in an email address.

     IsValidEmailAddress = true

     'Parse out the local part and the domain.

     i = InStrRev(emailAddr, "@")
     if i <= 1 then
       IsValidEmailAddress = false
       exit function
     end if
     localPart = Left(emailAddr, i - 1)
     domain = Mid(emailAddr, i + 1)
     if Len(localPart) < 1 or Len(domain) < 3 then
       IsValidEmailAddress = false
       exit function
     end if

     'Check for invalid characters in the local part.

     for i = 1 to Len(localPart)
       charCode = Asc(Mid(localPart, i, 1))
       if charCode < 32 or charCode >= 127 then
         IsValidEmailAddress = false
         exit function
       end if
     next

     'Check for invalid characters in the domain.

     domain = LCase(domain)
     for i = 1 to Len(domain)
       charCode = Asc(Mid(domain, i, 1))
       if not ((charCode >= 97 and charCode <= 122) or (charCode >= 48 and charCode <= 57) or charCode = 45 or charCode = 46) then
         IsValidEmailAddress = false
         exit function
       end if
     next

     'Check each subdomain.

     subdomains = Split(domain, ".")
     for each subdomain in subdomains
       if Len(subdomain) < 1 then
         IsValidEmailAddress = false
         exit function
       end if
     next

     'Last subdomain should be a TDL.

     tld = subdomains(UBound(subdomains))
     if not IsArray(validTlds) then
       call SetValidTlds()
     end if
     for i = LBound(validTlds) to UBound(validTlds)
       if tld = validTlds(i) then
         exit function
       end if
     next
     IsValidEmailAddress = false

   end function

   sub setValidTlds()

     'Load the global list of valid TLDs.

     validTlds = Array("aero", "biz", "com", "coop", "edu", "gov", "info", "int", "mil", "museum", "name", "net", "org", "pro", _
       "ac", "ad", "ae", "af", "ag", "ai", "al", "am", "an", "ao", "aq", "ar", "as", "at", "au", "aw", "az", _
       "ba", "bb", "bd", "be", "bf", "bg", "bh", "bi", "bj", "bm", "bn", "bo", "br", "bs", "bt", "bv", "bw", "by", "bz", _
       "ca", "cc", "cd", "cf", "cg", "ch", "ci", "ck", "cl", "cm", "cn", "co", "cr", "cu", "cv", "cx", "cy", "cz", _
       "de", "dj", "dk", "dm", "do", "dz", "ec", "ee", "eg", "eh", "er", "es", "et", _
       "fi", "fj", "fk", "fm", "fo", "fr", _
       "ga", "gd", "ge", "gf", "gg", "gh", "gi", "gl", "gm", "gn", "gp", "gq", "gr", "gs", "gt", "gu", "gw", "gy", _
       "hk", "hm", "hn", "hr", "ht", "hu", _
       "id", "ie", "il", "im", "in", "io", "iq", "ir", "is", "it", _
       "je", "jm", "jo", "jp", _
       "ke", "kg", "kh", "ki", "km", "kn", "kp", "kr", "kw", "ky", "kz", _
       "la", "lb", "lc", "li", "lk", "lr", "ls", "lt", "lu", "lv", "ly", _
       "ma", "mc", "md", "mg", "mh", "mk", "ml", "mm", "mn", "mo", "mp", "mq", "mr", "ms", "mt", "mu", "mv", "mw ", "mx", "my", "mz", _
       "na", "nc", "ne", "nf", "ng", "ni", "nl", "no", "np", "nr", "nu", "nz", _
       "om", _
       "pa", "pe", "pf", "pg", "ph", "pk", "pl", "pm", "pn", "pr", "ps", "pt", "pw", "py", _
       "qa", _
       "re", "ro", "ru", "rw", _
       "sa", "sb", "sc", "sd", "se", "sg", "sh", "si", "sj", "sk", "sl", "sm", "sn", "so", "sr", "st", "sv", "sy", "sz", _
       "tc", "td", "tf", "tg", "th", "tj", "tk", "tm", "tn", "to", "tp", "tr", "tt", "tv", "tw", "tz", _
       "ua", "ug", "uk", "um", "us", "uy", "uz", _
       "va", "vc", "ve", "vg", "vi", "vn", "vu", _
       "wf", "ws", _
       "ye", "yt", "yu", _
       "za", "zm", "zw")

   end sub

   function FormFieldList()

     dim str, i, name

     'Build an array of form field names ordered as they were received.

     str = ""
     for i = 1 to Request.Form.Count
       for each name in Request.Form
         if Left(name, 1) <> "_" and Request.Form(name) is Request.Form(i) then
           if str <> "" then
             str = str & ","
           end if
           str = str & name
           exit for
         end if
       next
     next
     FormFieldList = Split(str, ",")

   end function

   function SendMail()

     dim mailObj, cdoMessage, cdoConfig
     dim addrList

     'Send email based on mail component. Uses global variables for parameters
     'because there are so many.

     SendMail = ""

     'Send email (CDONTS version). Note: CDONTS has no error checking.

     if mailComp = "CDONTS" then
       set mailObj = Server.CreateObject("CDONTS.NewMail")
       mailObj.BodyFormat = 0
       mailObj.MailFormat = 0
       mailObj.From = fromAddr
       mailObj.Value("Reply-To") = replyTo
       mailObj.To = recipients
       mailObj.Subject = subject
       mailObj.Body = body
       mailObj.Send
       set mailObj = Nothing
       exit function
     end if

     'Send email (CDOSYS version).

     if mailComp = "CDOSYS" then
       set cdoMessage = Server.CreateObject("CDO.Message")
       set cdoConfig = Server.CreateObject("CDO.Configuration")
       cdoConfig.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
       cdoConfig.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = smtpServer
       cdoConfig.Fields.Update
       set cdoMessage.Configuration = cdoConfig
       cdoMessage.From =  fromAddr
       cdoMessage.ReplyTo = replyTo
       cdoMessage.To = recipients
       cdoMessage.Subject = subject
       cdoMessage.HtmlBody = body
       on error resume next
       cdoMessage.Send
       if Err.Number <> 0 then
         SendMail = "Email send failed: " & Err.Description & "."
       end if
       set cdoMessage = Nothing
       set cdoConfig = Nothing
       exit function
     end if

     'Send email (JMail version).

     if mailComp = "JMail" then
       set mailObj = Server.CreateObject("JMail.SMTPMail")
       mailObj.Silent = true
       mailObj.ServerAddress = smtpServer
       mailObj.Sender = fromAddr
       mailObj.ReplyTo = replyTo
       mailObj.Subject = subject
       addrList = Split(recipients, ",")
       for each addr in addrList
         mailObj.AddRecipient Trim(addr)
       next
       mailObj.ContentType = "text/html"
       mailObj.Body = body
       if not mailObj.Execute then
         SendMail = "Email send failed: " & mailObj.ErrorMessage & "."
       end if
       exit function
     end if

     'Send email (ASPMail version).

     if mailComp = "ASPMail" then
       set mailObj = Server.CreateObject("SMTPsvg.Mailer")
       mailObj.RemoteHost  = smtpServer
       mailObj.FromAddress = fromAddr
       mailObj.ReplyTo = replyTo
       for each addr in Split(recipients, ",")
         mailObj.AddRecipient "", Trim(addr)
       next
       mailObj.Subject = subject
       mailObj.ContentType = "text/html"
       mailObj.BodyText = body
       if not mailObj.SendMail then
         SendMail = "Email send failed: " & mailObj.Response & "."
       end if
       exit function
    end if

   end function %>
0
Comment
Question by:amorpeth
  • 3
  • 2
6 Comments
 
LVL 22

Expert Comment

by:WMIF
Comment Utility
the script is looking for email addresses in the querystring according to the code around line 164.  lets add a couple lines of code to the top of the formmail.asp page.  please post what you see on the page.

<%@ Language = vbscript%>
<%option explicit %>
<%server.scripttimeout = 600 %>
<%
response.write Request.ServerVariables("QUERY_STRING")
response.end()
0
 

Author Comment

by:amorpeth
Comment Utility
Hey,

Thanks for the quick reply.

I added the code to the top of formmail.asp as you told me to. Below are the outcomes in both Firefox and IE.

IN FIREFOX:

recipient=amorpeth%40itdoctors.co.nz&redirect=http%3A%2F%2Fwebdev.itdoctors.co.nz%3A81%2FSITE_DEVELOPMENT%2FITD_DEVELOPMENT_SITES%2FFormmail_ASP_Development%2FContact_asp2.asp&subject=Website+Enquiry&required=name%2Cemail&name=Andrew&company=ITD&email=test%40ihug.co.nz&phone=5555&message=HELLO

IN IE:

recipient=amorpeth@itdoctors.co.nz&redirect=http%3A%2F%2Fwebdev.itdoctors.co.nz%3A81%2FSITE_DEVELOPMENT%2FITD_DEVELOPMENT_SITES%2FFormmail_ASP_Development%2FContact_asp2.asp&subject=Website+Enquiry&required=name%2Cemail&name=Andrew&company=ITD&email=test@ihug.co.nz&phone=555&message=HELLO

Thanks!
0
 
LVL 6

Expert Comment

by:gete
Comment Utility
The problem is because Firefox encoded "@" character to "%40", e.g.:
Firefox: email=test%40ihug.co.nz
IE: email=test@ihug.co.nz

Both usage are valid in URL but you must provide some decoding mechanism in interpreting the actual query, e.g. Replace(str, "%40", "@") (a quick-and-dirty fix). And even it's decoded nicely, you have an assuming code happening in line 164:

                    if len(strEmail1(1))<3 then

Here the code always assume the array strEmail always have at least 2 element (the index 1), while in the previous line:

                    strEmail1 = split(query2(1),"@")

it can happen that the string query2(1) doesn't contain the character "@" so that the array strEmail only has 1 element: strEmail(0).

Tracing further back to line 158, the code is not supposed to be reached if it doesn't contain any "@" character:

                    if instr(query2(1),"@")=0 and instr(query2(1),".")=0 then

but it uses boolean operator "and" instead of "or" thus only preventing the code to continue if the query does not contain both "@" AND ".". Try changing the code above to:

                    if instr(query2(1),"@")=0 or instr(query2(1),".")=0 then

Having the above code modified, please note you still need to decode "%40" back to "@", otherwise it will always be invalidated at line 158-162.

Regarding query string, why don't you use the built in Request.Querystring object instead of decoding it yourself?
For example:

...
For Each qVariable In Request.QueryString
      qValue = Request.QueryString(qVariable)
      
      If qVariable = "email" Then
            qVariable = Trim(qVariable)
            If Len(qValue) < 8 Then
                  Response.Write "You must specify a valid " & qVariable
                  Response.End
            End If
            
            '.. the rest of email validation goes here
      End If
      
      '.. the rest of validation goes here
Next
...
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:amorpeth
Comment Utility
Hey,

I have replaced the AND with OR and now firefox returns :

amorpeth%40ihug.co.nzYou must specify a valid email

Now I can see the problem. You suggested adding - Replace(str, "%40", "@") Where in the code do I place this?

I must appologise, I am a novice when it comes to coding and my business partner is away at the moment so im stuck here doing it.

As for the below, I think that is probably a bit tricky for me and again im not sure where it would fit in the code.
...
For Each qVariable In Request.QueryString
     qValue = Request.QueryString(qVariable)
     
     If qVariable = "email" Then
          qVariable = Trim(qVariable)
          If Len(qValue) < 8 Then
               Response.Write "You must specify a valid " & qVariable
               Response.End
          End If
         
          '.. the rest of email validation goes here
     End If
     
     '.. the rest of validation goes here
Next
...

Thanks for all your help so far you have been a great help in explaining the problems I have here

Andrew
0
 
LVL 6

Accepted Solution

by:
gete earned 500 total points
Comment Utility
Andrew, for a quick fix, you can add the last line like the code below:

'----------------------------------------------------------------------------------------------------
'form validation, checks a valid email address has been specified
'----------------------------------------------------------------------------------------------------              
               if query2(0) = "email" then
                    query2(1) = Replace(query2(1), "%40", "@")

This will specifically handle the problem due to Firefox encoding.
0
 

Author Comment

by:amorpeth
Comment Utility
Thanks Gete! I really do appreciate your help.

I have another post on the same formmail script we discused here. The realname variable is not recognised for some reason and as a result when I recieve the email the "Name:" is empty. If you have any ideas on this your help would be appreciated. You can find the post at the below URL:

http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_22047540.html

Thanks again

Andrew
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now