<% connString = "Provider=SQLOLEDB;" & _ "Data Source=65.17.204.5;" & _ "Initial Catalog=irsa_dnn_01;" & _ "Network=DBMSSOCN;" & _ "User Id=irsa_dnn;" & _ "Password=irsa,3212" Sub SendHTMLEmail(SenderName,EmailFrom,ToName,EmailTo,EmailSubject,EmailBody) EmailFrom = Trim(EmailFrom) EmailFrom = Replace(EmailFrom,";",",") EmailTo = Trim(EmailTo) EmailTo = Replace(EmailTo,";",",") Dim EmailFromArray If InStr(EmailFrom,",") > 0 Then EmailFromArray = Split(EmailFrom,",") EmailFrom = Trim(EmailFromArray(0)) End If Dim Mail 'On Error Resume Next SET Mail = Server.Createobject("Persits.Mailsender") Mail.IsHtml = True Mail.Host = "65.17.204.25" Mail.From = EmailFrom Mail.FromName = SenderName Mail.Subject = EmailSubject Mail.body = EmailBody Dim EmailToArray If InStr(EmailTo,",") > 0 Then EmailToArray = Split(EmailTo,",") EmailTo = "" for each e in EmailToArray Mail.AddAddress Trim(e) next Else Mail.AddAddress EmailTo End If Mail.Send SET Mail = nothing Err.Clear End Sub Function SQL_Stripper(SQLString) If SQLString = "" Then SQL_Stripper = "" Exit Function End If 'BadChars = Array("select", "drop", ";", "--", "insert", "delete", "sp_", "#", "/", "\", "%", "null", """", "'") CleanSQL = SQLString 'For i = 0 To UBound(BadChars) ' If Instr(LCase(CleanSQL), BadChars(i)) > 0 Then ' SQL_Stripper = "" ' Exit Function ' End If ' CleanSQL = Replace(CleanSQL, BadChars(i), "", 1, -1, 1) ' If CleanSQL = "" Then Exit For 'Next If CleanSQL <> "" Then CleanSQL = Replace(CleanSQL, "'", "''") 'CleanSQL = Replace(CleanSQL,"""", """) CleanSQL = Trim(CleanSQL) End If SQL_Stripper = CleanSQL End Function %> <% function ValidateCaptcha(byval valSession, byval valCaptcha) dim tmpSession valSession = Trim(valSession) valCaptcha = Trim(valCaptcha) if (valSession = vbNullString) or (valCaptcha = vbNullString) then ValidateCaptcha = false else tmpSession = valSession valSession = Trim(Session(valSession)) Session(tmpSession) = vbNullString if valSession = vbNullString then ValidateCaptcha = false else valCaptcha = Replace(valCaptcha,"i","I") if StrComp(valSession,valCaptcha,1) = 0 then ValidateCaptcha = true else ValidateCaptcha = false end if end if end if end function showForm=true if request.Form("Submit")<>"" then if ValidateCaptcha("ASPCAPTCHA", Request.Form("captchacode")) then Set ConnMDB = Server.CreateObject("ADODB.Connection") ConnMDB.Open connString 'Set rs = Server.CreateObject("ADODB.Recordset") connMDB.Execute("insert into contactEntries (toEmail,fromEmail,fromName,disease,questions,phone) VALUES ('" & SQL_Stripper(request.form("toemail")) & "','" & SQL_Stripper(request.form("useremail")) & "','" & SQL_Stripper(request.form("name")) & "','" & SQL_Stripper(request.form("disease")) & "','" & SQL_Stripper(request.form("questions")) & "','" & SQL_Stripper(request.form("phone")) & "') ") 'rs.Close 'Set rs = Nothing ConnMDB.Close Set ConnMDB = Nothing bodyEmail="" bodyEmail=BodyEmail & "" bodyEmail=BodyEmail & "
" bodyEmail=BodyEmail & "" bodyEmail=BodyEmail & "


" bodyEmail=BodyEmail & "This email courtesy of IRSA's Website
" bodyEmail=BodyEmail & "
" bodyEmail=BodyEmail & "Phone: 717-260-9808,
Fax: 717-260-9809
office1@irsa.org


" bodyEmail=BodyEmail & "
" bodyEmail=BodyEmail & "Name:         " & request.form("name") & "
" bodyEmail=BodyEmail & "Email:         " & request.form("useremail") & "
" bodyEmail=BodyEmail & "Phone:         " & request.form("Phone") & "
" bodyEmail=BodyEmail & "Disease:      " & request.form("disease") & "
" bodyEmail=BodyEmail & "Comment:   " & request.form("Questions") & "
" bodyEmail=BodyEmail & "
" sendHTMLEmail request.Form("name"),request.Form("useremail"),"",request.form("toemail"),"IRSA Contact Form",bodyEmail showForm=false end if end if %>
<% if showForm<>false then %>
" />

Centers of ExcellenceContact the Medical Staff

Name:

eMail Required:
" />

Enter phone number for a return phone call:
" />

Brain Tumor or Disorder:
" />

Question or Comment:

Write the numbers from the image below


Change Image

<% if not IsEmpty(Request.Form("Submit")) then if not ValidateCaptcha("ASPCAPTCHA", Request.Form("captchacode")) then Response.Write("You entered the wrong code. Please try again") end if end if %>

 

<% else %>

Thank you
Your message has been sent!


<% end if %>
© Copyright IRSA® 1995-2015
Terms of Service     |     Medical Advisors     |     Resources     |     About Us     |    Homepage
This information may be copied for personal usage only. Reprints of any portions hereof must obtain prior approval.