I have a site that is all static content except the "Contact" page. My hosting service has me on an IIS server, so they gave me generic cdosys.asp file. As you know if you've used a cdosys.asp, you point the form submit from the contact page at it, and the cdosys.asp shoots whatever the site visitor put in the form fields in an email to me, then relays the visitor to a "Thanks for writing" page.
Here's my glitch. The only server-side language I've learned is ColdFusion. No ASP. The cdosys file was simple enough to figure out that I changed a few text strings so it points to my mail server and then the thank-you page. But, my contact input form only requires one out of the three offered fields. Two are optional. But the cdosys is choking on that. It thinks all the fields are required. It only works if all three have content. I Googled all over trying to find an old ASP tutorial. Can some kindly ASP pro out there tell me how to edit the code below to allow two of my three form fields to have no content and still send me an email?
<%
For Field = 1 to Request.Form.Count - 3
FieldName = Replace(Request.Form.Key(Field),"_"," ")
FieldValue = Request.Form.Item(Field)
Body = Body & FieldName & ": " & FieldValue & VbCrLf
Next
'Dimension variables
Dim objCDOSYSCon
'Create the e-mail server object
Set objCDOSYSMail = Server.CreateObject("CDO.Message")
Set objCDOSYSCon = Server.CreateObject ("CDO.Configuration")
'Set and update fields properties
With objCDOSYSCon
'Outgoing SMTP server
.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.domain.com" 'was "SMTPSERVER"
.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 'CDO Port
.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 'Timeout
.Fields("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 60
.Fields.Update
End With
'Update the CDOSYS Configuration
Set objCDOSYSMail.Configuration = objCDOSYSCon
'Set and update email properties
With objCDOSYSMail
'0=Low, 1=Normal, 2=High
.Fields("urn:schemas:httpmail:importance").Value = 1
'Who the e-mail is from
.From = Request.Form("email_address")
'Who the e-mail is sent to
.To = "myname#domain.com"
'Who the e-mail is CC'd to
.Cc = ""
'The subject of the e-mail
.Subject = Request.Form("email_subject")
'Set the e-mail body format (HTMLBody=HTML TextBody=Plain)
.TextBody = Body
.Fields.Update
'Send the e-mail
.Send
End With
'Close the server mail object
Set objCDOSYSMail = Nothing
Set objCDOSYSCon = Nothing
'Rederect after sending email
Response.Redirect Request.Form("redirect_to")
%>
Try like this:
For Field = 1 to Request.Form.Count - 3
FieldName = Replace(Request.Form.Key(Field),"_"," ")
FieldValue = Request.Form.Item(Field)
if isnull(fieldvalue) then fieldvalue = "(null)"
Body = Body & FieldName & ": " & FieldValue & VbCrLf
Next
Related
I'm having a difficult time understanding why email I send from my website by using SMTP is going to Outlook's junk mail. Here is my code:
Dim windowsLoginName As System.String = HttpContext.Current.User.Identity.Name
Dim split As String() = Nothing
Dim vname As String
'Get network login name (name only)
split = windowsLoginName.Split("\".ToCharArray)
vname = split(1)
'create the mail message
Dim mail As New MailMessage()
'set the addresses
mail.From = New MailAddress(vname & "#x.com")
mail.To.Add(txtWhoApproves.Text)
'set the content
Dim varstreason, vartxt, vartxt2, varbody As String
varstreason = DropDownList1.SelectedItem.Text
If TextBox1.Text = TextBox2.Text Then
If CheckBox1.Checked = True Then
varbody = TextBox3.Text & " has requested the following time off: " & System.Environment.NewLine & varstreason & " - " & TextBox1.Text & " - All Day"
Else
vartxt = varstreason & " - " & TextBox1.Text
vartxt2 = DropDownList2.SelectedValue & " to " & DropDownList3.SelectedValue
varbody = TextBox3.Text & " has requested the following time off: " & vartxt & " - " & vartxt2
End If
Else
varbody = TextBox3.Text & " has requested the following time off: " & varstreason & " - " & TextBox1.Text & " to " & TextBox2.Text
End If
mail.Subject = "Time Off Approval Requested"
mail.Body = varbody
'send the message
Dim smtp As New SmtpClient("(IP Address of email server)")
'to authenticate we set the username and password properites on the SmtpClient
'smtp.Credentials = New NetworkCredential("username", "secret")
smtp.Send(mail)
I have the email coming from whoever is logged onto the network. Since it's multiple people, I remarked out smtp.Credentials because the password is different for each user (and changes periodically). I'm thinking that this is somehow causing the email to sometimes go into the junk email.
And ideas? How can I prevent these emails from going into junk? We are using an Exchange 2010 server, and Outlook 2007, 2010, or 2013. Thanks in advance!
May be your website is listed as spamming in outlook security systems, or your email contain some spam words or links that causes emails to go in junk or spam box.
Spam filtering for email is based on the content of the subject, message, and attachments. It also filters based on things such as what host/IP you're sending from. If you attempt to send an email via SMTP using a host such as gmail, you'll likely notice it will inbox.
Based on your comments:
The email is coming from your website's SMTP using your domain.
The email is being received by your Exchange server which also uses the same domain.
The emails are only for an internal audience.
From here I would recommend 2 different solutions:
First Solution:
Instead of using your website's SMTP, instead use your Exchange server to send the email. This will work the same as joe#yourcompany.com sending an email to bob#yourcompany.com. The email will never need to leave the server or hit any filters(unless you set up internal filters), so it will not hit the spam box (unless an end user specifically sets it up this way). Check out this site for some help in how to accomplish this: https://www.emailarchitect.net/easendmail/kb/vbnet.aspx
Second Solution:
Use group policies to add the email address to safe senders list for all your users.(https://social.technet.microsoft.com/Forums/office/en-US/c0714d7d-2a42-4b0f-9f1d-63234c7278a0/appending-outlook-safe-senders-list-via-gpo) This seems like it should be an easy solution, but the issue is that it still may not work since you have 2 different servers using the same domain. So although the address may be added in, Outlook may view it as being a different address since it is not coming from the Exchange server. The other option in this solution is to have everyone that gets your email to add it to safe senders directly from the email they receive. That would do it, but hugely inefficient and manual.
For some more in-depth info into the processes and technology behind email, I would recommend checking out the "How Email Works" series of articles by Click-Z (part 1 - https://www.clickz.com/clickz/column/2411041/how-email-works-part-one-the-story-of-send)
I am really struggling with something which is pretty basic and need some help as it was not forthcoming from godaddy support!
For some reason the code below is not sending out any emails.
Code seems to be executed property and riddled it with lots of debug msgs but to no helping!
Te "From" email address is valid and has no issues! Any ideas? Port?
cheers, Jay
<%
Dim objNewMail
Set objNewMail = Server.CreateObject("CDO.Message")
objNewMail.From = "info#example.com"
objNewMail.To = "info#example.com"
objNewMail.Subject = "Interesting property sent by xxx"
objNewMail.TextBody = "Click the following link to see the property :" '& vbcr & vbcr & "http://www.maltawide.eu/default.asp?pid="
' GoDaddy SMTP Settings
'I had to remove the smpt settings as I dont have enough rep to post two links!
Response.Write ("Message sent successfully!")
%>
I'm not sure why your message failed, but here is code from a working mail form hosted at GoDaddy. All you need to do is build the form page to submit the form fields used in the script, or change the form field names in the script to match your existing form, or replace the forms with strings. Examples of both form entry and assigned variable values are included in the example's ' Create the message part of the code.
<%
Dim strBody
Dim strToAddress
Dim strFromAddress
Dim strReplyAddress
Dim strBlindCC
' Create the message
strBody = Request.Form("Message")
strToAddress = Request.Form("ToAddress")
strFromAddress = Request.Form("FromAddress")
strReplyAddress = "NoReply#WebSite.com"
strBlindCC = "BlindCC#WebSite.com"
' Include the schemas
sendUrl="http://schemas.microsoft.com/cdo/configuration/sendusing"
smtpUrl="http://schemas.microsoft.com/cdo/configuration/smtpserver"
' Set the mail server configuration
Set objConfig=CreateObject("CDO.Configuration")
objConfig.Fields.Item(sendUrl)=2 ' cdoSendUsingPort
objConfig.Fields.Item(smtpUrl)="relay-hosting.secureserver.net"
objConfig.Fields.Update
' Send the message
Set objMail=CreateObject("CDO.Message")
Set objMail.Configuration=objConfig
objMail.From=strFromAddress
objMail.ReplyTo=strReplyAddress
objMail.To=strToAddress
objMail.BCC=strBlindCC
objMail.Subject=strSubject
objMail.HTMLBody = strBody
objMail.Send
%>
I have a form that I validate that data with, and what I'm wondering is, do I need to sanitize the data JUST to send an email? The email will be sent to a predefined email address. Basically the form just ask for a name, email (of the person using the form), and a url.
Then this gets sent to the predefined email address. IS something like this safe enough to use? Is it vulnerable to use a simple ASP page like this:
<%
dim objMessage
dim FullName
FullName=Request.QueryString("name")
dim email
email=Request.QueryString("email")
dim videourl
videourl=Request.QueryString("video")
dim txtMessage
txtMessage="<b><br><br>Name: " & FullName & "<br>Email: " & email & "<br><br>Video URL: " & videourl
objMessage = CreateObject("CDO.Message")
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "localhost"
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objMessage.Configuration.Fields.Update
objMessage.Subject = "qContest Submission"
objMessage.From = email
objMessage.To = "predefined#email.org"
objMessage.HTMLBody = txtMessage
objMessage.Send
%>
NOTE: This is NOT using any database or anything like that...
Also this script is being called via AJAX, if that matters...
always use Server.HTMLEncode when showig user-posted data in HTML. In this case you put it in the HTMLBody of the email, so I would definitely HTMLEncode:
FullName = Server.HTMLEncode(Request.QueryString("name"))
etc. This avoids the possibility to post vulnerable things like Javascript as that could be executed when opening the email.
I am currently in the process of updating many test sites on an old server so that they won't break when the old server gets discontinued in the next couple months. The contact form for one site in particular is already broken. When a user clicks on submit after filling in their information, they are presented with this error:
Server object error 'ASP 0177 : 800401f3'
Server.CreateObject Failed
/contactsubmit.asp, line 79
800401f3
Set Mailer = Server.CreateObject("SMTPsvg.Mailer")
Mailer.FromName = "Web Visitor"
If request("email") <> "" then
Mailer.replyto = request("email")
Else
Mailer.replyto = "noEmailEntered#domain.com"
End If
Mailer.FromAddress = "my#email.com"
Mailer.RemoteHost = "hostserver"
If TempTest = TRUE then
Else
Mailer.AddRecipient siteOwner, ContactEmail
If ContactCC <> "" then
Mailer.AddCC siteOwner, ContactCC
End If
End If
If DesignerEmail <> "" then
Mailer.AddBCC DesignerEmail, DesignerEmail
End If
Mailer.Subject = siteOwner & " Contact Form"
Mailer.ContentType = "text/html"
Mailer.BodyText = strBody
If Mailer.SendMail then
response.redirect "contact.asp?sent=yes"
Else
response.redirect "contact.asp?sent=no"
End If
I was told that SMTP isn't the way that emails need to get sent anymore so I tried changing it all to CDOSYS. But the funny thing is, there are a lot more sites on this server that I have tested using the same SMTP code that work.
Changes using CDOSYS:
Set Mailer = Server.CreateObject("CDO.Message")
Mailer.From = "Web Visitor <my#email.com>"
If request("email") <> "" then
Mailer.ReplyTo = request("email")
Else
Mailer.ReplyTo = "noEmailEntered#domain.com"
End If
Mailer.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "hostserver"
If TempTest = TRUE then
Else
Mailer.AddRecipient siteOwner, ContactEmail
If ContactCC <> "" then
Mailer.Cc siteOwner, ContactCC
End If
End If
If DesignerEmail <> "" then
Mailer.Bcc DesignerEmail, DesignerEmail
End If
Mailer.Subject = siteOwner & " Contact Form"
Mailer.HTMLBody = strBody
If Mailer.Send then
response.redirect "contact.asp?sent=yes"
Else
response.redirect "contact.asp?sent=no"
End If
But now I get this error:
Microsoft VBScript runtime error '800a01b6'
Object doesn't support this property or method: 'Mailer.AddRecipient'
/contactsubmit.asp, line 89
I have tried changing it to Mailer.Add and to Mailer.AddAddress with no luck. Does anyone know how I can get around this error and hopefully get this to work? I've never worked with mail servers before so I apologize if this is an easy fix, but I've searched for the past 3 hours and can't come up with a good alternative to .AddRecipient.
The CDO.Message object simply has the string properties of To, Cc and Bcc to which you assign a standard semi-colon delimited list of smtp email addresses for example:
"Joe Bloggs" <joeB#somecompany.com>; "Fred Smith" <fSmith#smiths.co.uk>
Try to execute the below simplest way of sending mail using CDO and then take the relevant fields from it and apply to your script:
Set myMail=CreateObject("CDO.Message")
myMail.Subject="Sending email with CDO"
myMail.From="mymail#mydomain.com"
myMail.To="someone#somedomain.com"
myMail.TextBody="This is a message."
myMail.Send
set myMail=nothing
As you can see the way to add recipient is like this:
myMail.To="someone#somedomain.com"
You can see more examples here
Hope this helps.
I have added Two Factor Authentication to my Mobile ASP.Net Web App. When the user successfully enters their User Name and Password then a pin number is emailed to their email address which is stored in the database. The issue I am having is that after notifying the user that they don't have an email defined and then reload the login page but my code isn't notifying the user rather it is just reloading the Login.aspx page:
Private Sub GeneratePin()
Dim r As New Random(System.DateTime.Now.Millisecond)
_Pin = CStr(r.Next(1000, 99999))
_email = CIAppGlobals.CurrentUser.UsrContactEmail
With lblPin
.Text = "PIN has been emailed to the you please check your email now."
End With
If Not String.IsNullOrEmpty(_email) Then
Dim Message As String = " Your Mobile PIN number is " & _Pin & vbNewLine & "From IP Address: " & CIAppGlobals.AppSettings.ClientIP
Tools.SendEmail(CIAppGlobals.CurrentUser.UsrContactEmail, "Mobile App - Two Factor Authentication", Message)
Else
Dim sText As String = "Please contact the Administrator You do not have an email address defined within Application."
'DirectCast(HttpContext.Current.Handler, System.Web.UI.Page).ClientScript.RegisterStartupScript(Me.[GetType](), "test", "alert('" & sText & "')", True)
Response.Write("<script>alert('" & sText & "');</script>")
Thread.Sleep(5000)
'Session.Abandon()
'FormsAuthentication.SignOut()
Response.Redirect(ParentFolder & "/Login.aspx")
End If
End Sub
Your call to Response.Redirect() is causing anything you output not to be displayed. You need to remove that, then output a link or some javascript to go to the login page.
Also: you need to remove the call to Thread.Sleep(). That is causing a needless delay and keeping an asp.net thread busy doing nothing. It's not doing what you think it is...