Using CDOsys with classic ASP

Discussion in 'ASP Snips' started by bro, Nov 10, 2005.

  1. bro

    bro Perch

    This code uses the CDOsys component to send an email from a form. I've tested it on a JH account, so it does work as written.

    Corrections and suggestions to improve this code are most welcome!

    Note: There are no security measures or validation implemented in this code. i.e. it does not attempt to validate any of the fields, or check that the mail is being sent legitimately. A hit on a page with this code as written, by a bot or a search engine, will send a mostly blank mail to the recipient. You should at least check that required fields are filled in correctly, and that the referring page is the one that contains your form, before allowing it to send mail. At best, you could use a 'Captcha' element on your form, and strip out illegal characters from form fields.

    As bot exploitation of mail forms has become more of a problem, I've stopped sending out automatic copies of mail to the form user. If you do need to use the CC or BCC fields, it's more important than ever to make sure that the code cannot easily be used by a script intended to send out spam.


    <%option explicit%>
    <%
    'Using CDOsys with Basic authentication in Classic ASP

    'assumes form includes at least:
    'form_name - senders name
    'form_mail - senders email
    'form_subject
    'form_body

    'Because this code uses authentication, it requires access to a mailbox on your account.


    'reports 'mailFailed' - true or false
    'and 'strErr' - Mail server error response
    'and 'strErrCode' - Mail server numerical error response (as string)

    'dimension all variables (essential if 'option expicit' used)
    dim strHost, strErr, mailFailed
    dim strBody, strName, strMail
    dim strSubject, strFrom, strTo, strCC, strBCC, strReplyTo
    dim strAutoMailbox, strEmPass

    'modify for yourDomain *********************************************

    'your mail server
    strHost = "mail.yourDomain.com"

    'address of your outgoing mailbox
    'this will appear in the headers as the originating mailbox
    strAutoMailbox = "automail@yourDomain.com"

    'password for your AutoMailbox
    strEmPass = "yourPassword"

    'the name and email that appears in the "From:" line (can be different to above)
    strFrom = "yourDomain Website Mail<mailform@yourDomain.com>"

    'where to send the mail
    strTo = "yourGoodSelf@yourDomain.com"

    'where to send copies (optional)
    strCC = ""
    strBCC = ""

    '**********************************************************************

    'collect details from the form ***************************
    strName = Request.Form("form_name")
    strMail = Request.Form("form_mail")

    'create the "Reply To:" i.e. the name and email of the form user
    strReplyTo = strName & "<" & strMail & ">"

    'create subject string
    strSubject = Request.Form("form_subject")

    'create Body string
    strBody = strBody & "Website mail from " & strReplyTo & vbCrLf & vbCrLf
    strBody = strBody & Request.Form("form_body") & vbcrLf & vbCrLf

    'add a footer (optional) *********************************************
    strBody = strBody & "----------------------------------------------------" & vbCrLf

    'Adds the referring page and the IP details of sender to the mail body (optional)
    strBody = strBody & "Requested from " & Request.ServerVariables("http_referer") & vbCrLf
    strBody = strBody & "by " & Request.ServerVariables("REMOTE_ADDR") _
    & " at " & Request.ServerVariables("REMOTE_HOST") _
    & ". Server time: " & time & " " & Date & " " & vbcrlf

    'note the '_' continuation character, if spreading code to the next line for readability


    'send the mail *********************************************************

    'initialise the error response string
    strErr = ""

    Const cdoBasic = 1 'Use basic (clear-text) authentication.
    Const cdoSendUsingPort = 2
    Dim iMsg
    Dim iConf
    Dim Flds
    Dim sMsg

    On Error Resume Next

    set iMsg = CreateObject("CDO.Message")
    set iConf = CreateObject("CDO.Configuration")
    Set Flds = iConf.Fields

    With Flds
    .Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = cdoBasic
    .Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = strAutoMailbox
    .Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = strEmPass
    .Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = cdoSendUsingPort
    .Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = strHost
    .Item("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 100
    .Update
    End With

    With iMsg
    Set .Configuration = iConf
    .To = strTo 'To
    .From = strFrom 'From:
    if strReplyTo <> "" then
    .ReplyTo = strReplyTo 'add ReplyTo: if exists
    end if
    if strCC <> "" then
    .CC = strCC 'add CC if exists
    end if
    if strBCC <> "" then
    .BCC = strBCC 'add BCC if exists
    end if
    .Subject = strSubject 'add the subject
    .TextBody = strBody 'add the body (this is plain text)
    .Send 'send the mail
    strErr = Err.description 'response (empty if no problems)
    'note: Err.number was not available when tested live
    End With

    'clean up
    Set iMsg = Nothing
    Set iConf = Nothing
    Set Flds = Nothing

    'prepare report flag and string
    if strErr = "" then
    mailFailed = false
    strErr = "Your mail has been sent."
    else
    mailFailed = true
    end if

    %>


    <%
    'report result
    response.write (strErr)
    %>

Share This Page

JodoHost - 26,000 hosting end-users in 100 countries
Plesk Web Hosting
VPS Hosting
H-Sphere Web Hosting
Other Services