I am currently in the process of updating many test sites on an old server so that they won't break when the old server gets discontinued in the next couple months. The contact form for one site in particular is already broken. When a user clicks on submit after filling in their information, they are presented with this error:
Server object error 'ASP 0177 : 800401f3'
Server.CreateObject Failed
/contactsubmit.asp, line 79
800401f3
Set Mailer = Server.CreateObject("SMTPsvg.Mailer")
Mailer.FromName = "Web Visitor"
If request("email") <> "" then
Mailer.replyto = request("email")
Else
Mailer.replyto = "noEmailEntered#domain.com"
End If
Mailer.FromAddress = "my#email.com"
Mailer.RemoteHost = "hostserver"
If TempTest = TRUE then
Else
Mailer.AddRecipient siteOwner, ContactEmail
If ContactCC <> "" then
Mailer.AddCC siteOwner, ContactCC
End If
End If
If DesignerEmail <> "" then
Mailer.AddBCC DesignerEmail, DesignerEmail
End If
Mailer.Subject = siteOwner & " Contact Form"
Mailer.ContentType = "text/html"
Mailer.BodyText = strBody
If Mailer.SendMail then
response.redirect "contact.asp?sent=yes"
Else
response.redirect "contact.asp?sent=no"
End If
I was told that SMTP isn't the way that emails need to get sent anymore so I tried changing it all to CDOSYS. But the funny thing is, there are a lot more sites on this server that I have tested using the same SMTP code that work.
Changes using CDOSYS:
Set Mailer = Server.CreateObject("CDO.Message")
Mailer.From = "Web Visitor <my#email.com>"
If request("email") <> "" then
Mailer.ReplyTo = request("email")
Else
Mailer.ReplyTo = "noEmailEntered#domain.com"
End If
Mailer.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "hostserver"
If TempTest = TRUE then
Else
Mailer.AddRecipient siteOwner, ContactEmail
If ContactCC <> "" then
Mailer.Cc siteOwner, ContactCC
End If
End If
If DesignerEmail <> "" then
Mailer.Bcc DesignerEmail, DesignerEmail
End If
Mailer.Subject = siteOwner & " Contact Form"
Mailer.HTMLBody = strBody
If Mailer.Send then
response.redirect "contact.asp?sent=yes"
Else
response.redirect "contact.asp?sent=no"
End If
But now I get this error:
Microsoft VBScript runtime error '800a01b6'
Object doesn't support this property or method: 'Mailer.AddRecipient'
/contactsubmit.asp, line 89
I have tried changing it to Mailer.Add and to Mailer.AddAddress with no luck. Does anyone know how I can get around this error and hopefully get this to work? I've never worked with mail servers before so I apologize if this is an easy fix, but I've searched for the past 3 hours and can't come up with a good alternative to .AddRecipient.
The CDO.Message object simply has the string properties of To, Cc and Bcc to which you assign a standard semi-colon delimited list of smtp email addresses for example:
"Joe Bloggs" <joeB#somecompany.com>; "Fred Smith" <fSmith#smiths.co.uk>
Try to execute the below simplest way of sending mail using CDO and then take the relevant fields from it and apply to your script:
Set myMail=CreateObject("CDO.Message")
myMail.Subject="Sending email with CDO"
myMail.From="mymail#mydomain.com"
myMail.To="someone#somedomain.com"
myMail.TextBody="This is a message."
myMail.Send
set myMail=nothing
As you can see the way to add recipient is like this:
myMail.To="someone#somedomain.com"
You can see more examples here
Hope this helps.
Related
I am really struggling with something which is pretty basic and need some help as it was not forthcoming from godaddy support!
For some reason the code below is not sending out any emails.
Code seems to be executed property and riddled it with lots of debug msgs but to no helping!
Te "From" email address is valid and has no issues! Any ideas? Port?
cheers, Jay
<%
Dim objNewMail
Set objNewMail = Server.CreateObject("CDO.Message")
objNewMail.From = "info#example.com"
objNewMail.To = "info#example.com"
objNewMail.Subject = "Interesting property sent by xxx"
objNewMail.TextBody = "Click the following link to see the property :" '& vbcr & vbcr & "http://www.maltawide.eu/default.asp?pid="
' GoDaddy SMTP Settings
'I had to remove the smpt settings as I dont have enough rep to post two links!
Response.Write ("Message sent successfully!")
%>
I'm not sure why your message failed, but here is code from a working mail form hosted at GoDaddy. All you need to do is build the form page to submit the form fields used in the script, or change the form field names in the script to match your existing form, or replace the forms with strings. Examples of both form entry and assigned variable values are included in the example's ' Create the message part of the code.
<%
Dim strBody
Dim strToAddress
Dim strFromAddress
Dim strReplyAddress
Dim strBlindCC
' Create the message
strBody = Request.Form("Message")
strToAddress = Request.Form("ToAddress")
strFromAddress = Request.Form("FromAddress")
strReplyAddress = "NoReply#WebSite.com"
strBlindCC = "BlindCC#WebSite.com"
' Include the schemas
sendUrl="http://schemas.microsoft.com/cdo/configuration/sendusing"
smtpUrl="http://schemas.microsoft.com/cdo/configuration/smtpserver"
' Set the mail server configuration
Set objConfig=CreateObject("CDO.Configuration")
objConfig.Fields.Item(sendUrl)=2 ' cdoSendUsingPort
objConfig.Fields.Item(smtpUrl)="relay-hosting.secureserver.net"
objConfig.Fields.Update
' Send the message
Set objMail=CreateObject("CDO.Message")
Set objMail.Configuration=objConfig
objMail.From=strFromAddress
objMail.ReplyTo=strReplyAddress
objMail.To=strToAddress
objMail.BCC=strBlindCC
objMail.Subject=strSubject
objMail.HTMLBody = strBody
objMail.Send
%>
I have a form that I validate that data with, and what I'm wondering is, do I need to sanitize the data JUST to send an email? The email will be sent to a predefined email address. Basically the form just ask for a name, email (of the person using the form), and a url.
Then this gets sent to the predefined email address. IS something like this safe enough to use? Is it vulnerable to use a simple ASP page like this:
<%
dim objMessage
dim FullName
FullName=Request.QueryString("name")
dim email
email=Request.QueryString("email")
dim videourl
videourl=Request.QueryString("video")
dim txtMessage
txtMessage="<b><br><br>Name: " & FullName & "<br>Email: " & email & "<br><br>Video URL: " & videourl
objMessage = CreateObject("CDO.Message")
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "localhost"
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objMessage.Configuration.Fields.Update
objMessage.Subject = "qContest Submission"
objMessage.From = email
objMessage.To = "predefined#email.org"
objMessage.HTMLBody = txtMessage
objMessage.Send
%>
NOTE: This is NOT using any database or anything like that...
Also this script is being called via AJAX, if that matters...
always use Server.HTMLEncode when showig user-posted data in HTML. In this case you put it in the HTMLBody of the email, so I would definitely HTMLEncode:
FullName = Server.HTMLEncode(Request.QueryString("name"))
etc. This avoids the possibility to post vulnerable things like Javascript as that could be executed when opening the email.
we have strange problem, we have single signon and we are trying to fetch unread email count from Exchange ews webservice, the problem is it always gets same count for all user which is actually for server user.
'it should now get for current user who requested the page
'but its always for server user where sharepoint is installed
Public Sub GetUnreadEmailCount()
Dim errormsg As String = String.Empty
Dim UnreadCount As Integer = 0
Dim esb As New ExchangeServiceBinding
Try
esb.RequestServerVersionValue = New RequestServerVersion
esb.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2007_SP1
esb.UseDefaultCredentials = True
esb.Url = Domain + "/EWS/Exchange.asmx"
ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf CertificateValidationCallBack)
Dim biArray(1) As BaseFolderIdType
Dim dfFolder As New DistinguishedFolderIdType
dfFolder.Id = DistinguishedFolderIdNameType.inbox
biArray(0) = dfFolder
Dim geGetFolder As New GetFolderType
geGetFolder.FolderIds = biArray
geGetFolder.FolderShape = New FolderResponseShapeType
geGetFolder.FolderShape.BaseShape = DefaultShapeNamesType.AllProperties
Dim gfResponse As GetFolderResponseType = esb.GetFolder(geGetFolder)
Dim rmta As ResponseMessageType() = gfResponse.ResponseMessages.Items
Dim rmt As FolderInfoResponseMessageType = DirectCast(rmta(0), FolderInfoResponseMessageType)
If rmt.ResponseClass = ResponseClassType.Success Then
Dim folder As FolderType = DirectCast(rmt.Folders(0), FolderType)
UnreadCount = folder.UnreadCount
End If
Label1.Text = vbCrLf + "Unread email count : " + UnreadCount.ToString
' Return UnreadCount
Catch ex As Exception
If Not ex.Message Is Nothing Then errormsg = ex.Message
Try
If Not ex.InnerException.Message Is Nothing Then errormsg = errormsg + " : " + ex.InnerException.Message
Catch e As Exception
End Try
Finally
If esb IsNot Nothing Then esb.Dispose() : esb = Nothing
If Not errormsg = String.Empty Then
Label1.Text = vbCrLf + "Error : " + errormsg
End If
End Try
End Sub
We were actually having the same problem, although we were not using single sign on. So I'm not sure this is exactly what you are experiencing.
The problem is that you can not have a user on Machine A give their credentials to Machine B (SharePoint?) and then have Machine B send those credentials on to Machine C
It's referred to as the "Double Hop" problem and is a security feature, however I'm not really into the technical side of it. Our solution was to use Kerberos.
I hope this helps you, if not, that it helps you rule out this specific issue :)
Your server side code is running as the AppPool's identity, which is your sharepoint service account. I'm assuming that's what you mean by 'the server user.'
esb.UseDefaultCredentials = true;
will use the creds of the context. I'm not sure of what's available in the EWS services, so if you can use a higher-privileged account and get based on the user coming in, i.e., HttpContext.Current.User.Identity as a parameter, then that may be the best way.
You could authenticate via javascript directly to the EWS services, skipping server-side code altogether, and write something that consumes & displays the server stuff as you need it.
You'd need to find a way to auth the user directly to the EWS services. Double-hop is an issue with NTLM, as your NTLM ticket is only valid for the first hop. Kerberos fixes that, but you still need to impersonate.
I have a site that is all static content except the "Contact" page. My hosting service has me on an IIS server, so they gave me generic cdosys.asp file. As you know if you've used a cdosys.asp, you point the form submit from the contact page at it, and the cdosys.asp shoots whatever the site visitor put in the form fields in an email to me, then relays the visitor to a "Thanks for writing" page.
Here's my glitch. The only server-side language I've learned is ColdFusion. No ASP. The cdosys file was simple enough to figure out that I changed a few text strings so it points to my mail server and then the thank-you page. But, my contact input form only requires one out of the three offered fields. Two are optional. But the cdosys is choking on that. It thinks all the fields are required. It only works if all three have content. I Googled all over trying to find an old ASP tutorial. Can some kindly ASP pro out there tell me how to edit the code below to allow two of my three form fields to have no content and still send me an email?
<%
For Field = 1 to Request.Form.Count - 3
FieldName = Replace(Request.Form.Key(Field),"_"," ")
FieldValue = Request.Form.Item(Field)
Body = Body & FieldName & ": " & FieldValue & VbCrLf
Next
'Dimension variables
Dim objCDOSYSCon
'Create the e-mail server object
Set objCDOSYSMail = Server.CreateObject("CDO.Message")
Set objCDOSYSCon = Server.CreateObject ("CDO.Configuration")
'Set and update fields properties
With objCDOSYSCon
'Outgoing SMTP server
.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.domain.com" 'was "SMTPSERVER"
.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 'CDO Port
.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 'Timeout
.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
.Fields.Update
End With
'Update the CDOSYS Configuration
Set objCDOSYSMail.Configuration = objCDOSYSCon
'Set and update email properties
With objCDOSYSMail
'0=Low, 1=Normal, 2=High
.Fields("urn:schemas:httpmail:importance").Value = 1
'Who the e-mail is from
.From = Request.Form("email_address")
'Who the e-mail is sent to
.To = "myname#domain.com"
'Who the e-mail is CC'd to
.Cc = ""
'The subject of the e-mail
.Subject = Request.Form("email_subject")
'Set the e-mail body format (HTMLBody=HTML TextBody=Plain)
.TextBody = Body
.Fields.Update
'Send the e-mail
.Send
End With
'Close the server mail object
Set objCDOSYSMail = Nothing
Set objCDOSYSCon = Nothing
'Rederect after sending email
Response.Redirect Request.Form("redirect_to")
%>
Try like this:
For Field = 1 to Request.Form.Count - 3
FieldName = Replace(Request.Form.Key(Field),"_"," ")
FieldValue = Request.Form.Item(Field)
if isnull(fieldvalue) then fieldvalue = "(null)"
Body = Body & FieldName & ": " & FieldValue & VbCrLf
Next
I am looking for a very simple solution to password protect an ASP.Net page.
I found exactly what I am looking for here but it is in ASP and I do not know the syntax to convert it to ASP.Net.
It simply creates a temporary cookie that will expire as soon as they close their browser window.
I am not looking to store the username / password in a db. I will manually change the password occasionally.
Simply helping me convert the following code to ASP.Net would be wonderful!
This goes on the logon.aspx page and pulls values from a form.
Username="Administrator"
Password="Admin"
Validated = "OK"
if Strcomp(Request.Form("User"),Username,1)=0 AND Request.Form("password") = Password then
Response.Cookies("ValidUser") = Validated
If (Request.QueryString("from")<>"") then
Response.Redirect Request.QueryString("from")
else
Response.Redirect "MyPage.aspx"
End if
Else
If Request.Form("User") <> "" then
Response.Write "<h3>Authorization Failed.</h3>" & "<br>" & _ "Please try again.<br> <br>"
End if
End if
This goes on the password protected page to confirm the cookie was created.
Validated = "OK"
if Request.Cookies("ValidUser") <> Validated then
dim s
s = "http://"
s = s & Request.ServerVariables("HTTP_HOST")
s = s & Request.ServerVariables("URL")
if Request.QueryString.Count > 0 THEN
s = s & "?" & Request.QueryString
end if
Response.Redirect "Logon.aspx"
End if
Just use the built-in forms authentication and setup your credentials store in the web.config.
Here's a quick and dirty example
Another example