<%@ LANGUAGE="VBScript"%> <% ' ----------------------------------------------------------------- ' Tell the script to continue execution if an error is encountered, ' to require variable declaration, and to buffer output. ' ----------------------------------------------------------------- Option Explicit Response.Buffer = True %> <% '-------------------------------------------------------------- '--- DECLARE ALL VARIABLES '-------------------------------------------------------------- Dim objEMail Dim strBody Dim strAuthor Dim strName Dim strEmail Dim strSubject Dim strComments Dim ctrlSection Dim strKey Dim araKeys, araVars Dim hshProcess Dim strValid Dim bolMsg ' --------------------------------------------------------------- ' Set all variables ' --------------------------------------------------------------- hshProcess = Trim(Request("hshProcess")) Dim objDictAuthor Set objDictAuthor = Server.CreateObject("Scripting.Dictionary") objDictAuthor.Add "Keeley, Page", "pkeeley@mmsa.org" objDictAuthor.Add "Eberle, Francis", "feberle@mmsa.org" strAuthor = Request("strAuthor") strName = Trim(Request("strName")) strEmail = Trim(Request("strEmail")) strSubject = Trim(Request("strSubject")) strComments = Trim(Request("strComments")) ' --------------------------------------------------------------- ' Create a dictionary object to hold the form variables ' properties. ' --------------------------------------------------------------- Dim objDictForm Set objDictForm = Server.CreateObject("Scripting.Dictionary") objDictForm.Add "strName", "1/1/NUL/Your Name" objDictForm.Add "strEmail", "1/1/EML/Your E-Mail Address" objDictForm.Add "strSubject", "1/1/NUL/Message Subject" objDictForm.Add "strComments", "1/1/NUL/Message Text" If Len(hshProcess) > 0 Then '-------------------------------------------------------------- '--- Validate the data. '-------------------------------------------------------------- Session("araKeys") = objDictForm.Keys() Session("araItems") = objDictForm.Items() strValid = chkForm() Session.Abandon() '-------------------------------------------------------------- '--- For security, make sure the to address is a valid address. '-------------------------------------------------------------- If Not objDictAuthor.Exists(strAuthor) Then If strValid = "PASS" Then strValid = "Unable to determine the person you wish to contact." Else strValid = strValid & "
Unable to determine the person you wish to contact." End If End If '-------------------------------------------------------------- '--- Using a simplified nonce system to prevent replay attacks '--- on this script. See nonce.asp for implementation details. '--- Check for a valid nonce from the form. '-------------------------------------------------------------- If (Not isNonceValid(hshProcess)) Then If strValid = "PASS" Then strValid = "" Else strValid = strValid & "
" End If strValid = strValid & "There was a problem processing your request." End If '-------------------------------------------------------------- '--- If the data is not valid then redisplay the form and '--- show the error message. '-------------------------------------------------------------- If Not strValid = "PASS" Then ctrlSection = "ERR" writeBody() Response.Flush() Response.End() End If '-------------------------------------------------------------- '--- Send the email to the staff member specified '-------------------------------------------------------------- Set objEMail = Server.CreateObject("CDONTS.NewMail") objEMail.To = objDictAuthor.Item(strAuthor) objEMail.From = """AAAS Project 2061"" " objEMail.Value("Reply-To") = """" & strName & """ <" & strEmail & ">" objEMail.Subject = strSubject strComments = "[Sent on behalf of " & strName & " <" & strEmail & ">]" & vbCrLf & vbCrLf & strComments objEMail.Body = strComments objEMail.Send() Set objEMail = Nothing '-------------------------------------------------------------- '--- Show results page. '-------------------------------------------------------------- objDictForm.RemoveAll() ctrlSection = "PASS" writeBody() Else '-------------------------------------------------------------- '--- Output the comment form. '-------------------------------------------------------------- ctrlSection = "FORM" writeBody() End If ' --------------------------------------------------------------- ' Clear the dictionary object and destroy the object. ' --------------------------------------------------------------- objDictForm.RemoveAll() Set objDictForm = Nothing objDictAuthor.RemoveAll() Set objDictAuthor = Nothing Response.Flush() %> <% ' --------------------------------------------------------------- ' Subprocedure to write the document title. ' --------------------------------------------------------------- Sub docTitle %> 2061 Connections - Contact Form <% End Sub ' --------------------------------------------------------------- ' Subprocedure to write the header script. ' --------------------------------------------------------------- Sub docHeader %> <% End Sub ' --------------------------------------------------------------- ' Subprocedure to write the footer script. ' --------------------------------------------------------------- Sub docFooter End Sub Function writeBody() %> <% End Function ' --------------------------------------------------------------- ' Subprocedure to write the document body. ' --------------------------------------------------------------- Sub docBody () If ctrlSection = "PASS" Then writeDocHead() writeSuccess() ElseIf ctrlSection = "ERR" Then writeDocHead() writeError() writeForm() Else writeDocHead() writeForm() End If End Sub Sub writeDocHead %>

2061 Connections
An electronic newsletter for the science education community

<% End Sub ' --------------------------------------------------------------- ' Subprocedure to write the form. ' --------------------------------------------------------------- Sub writeForm %>
" onSubmit="return chkForm(this);">

Contact form for the article PRISMS

Contact: <%=Server.HTMLEncode(strAuthor)%>





<% End Sub ' --------------------------------------------------------------- ' Subprocedure to write "success" message. ' --------------------------------------------------------------- Sub writeSuccess Response.Write("

Your communication has been sent to " & strAuthor & ".

") Response.Write("

Return to the article PRISMS.

") End Sub ' --------------------------------------------------------------- ' Subprocedure to write any validation errors. ' --------------------------------------------------------------- Sub writeError %>

Errors were found in the data submitted.
<%=strValid%>

<% End Sub ' --------------------------------------------------------------- ' Subprocedure to write out script processing errors. ' --------------------------------------------------------------- Sub subShowError ' Clear any response that may have been cached up to now. Response.Clear() %> Project 2061 : Page Error

Error Processing Request

An internal error was encountered while processing your registration. Please try refreshing this page or going back to a previous page using the browser navigation.

If the problem persists, please contact the site administrator at web2061@aaas.org and ask for assistance. When contacting us, please include the information below.


Page:<%=Request.ServerVariables("SCRIPT_NAME")%>
Source:<%=Err.Source%>
Description:(<%=Err.Number%>) <%=Err.Description%>
<% ' Send the response to the user and end the page processing. Response.Flush() Response.End() End Sub %>