<%
if multiemfblockmessage="" then multiemfblockmessage="I'm sorry. We are experiencing temporary difficulties at the moment. Please try again later."
function checkemfuserblock()
if blockmultiemf="" then blockmultiemf=20
multiemfblocked=FALSE
theip = trim(replace(left(request.servervariables("REMOTE_ADDR"), 48), "'", ""))
if theip = "" then theip = "none"
if blockmultiemf<>"" then
cnn.Execute("DELETE FROM multibuyblock WHERE lastaccess<" & datedelim & VSUSDateTime(Now()-1) & datedelim)
sSQL = "SELECT ssdenyid,sstimesaccess FROM multibuyblock WHERE ssdenyip = '" & "EMF " & theip & "'"
rs.Open sSQL,cnn,0,1
if NOT rs.EOF then
cnn.Execute("UPDATE multibuyblock SET sstimesaccess=sstimesaccess+1,lastaccess=" & datedelim & VSUSDateTime(Now()) & datedelim & " WHERE ssdenyid=" & rs("ssdenyid"))
if rs("sstimesaccess") >= blockmultiemf then multiemfblocked=TRUE
else
cnn.Execute("INSERT INTO multibuyblock (ssdenyip,lastaccess) VALUES ('" & "EMF " & theip & "'," & datedelim & VSUSDateTime(Now()) & datedelim & ")")
end if
rs.Close
end if
if theip = "none" then
sSQL = "SELECT "&IIfVr(mysqlserver<>true,"TOP 1","")&" dcid FROM ipblocking"&IIfVr(mysqlserver=true," LIMIT 0,1","")
else
sSQL = "SELECT dcid FROM ipblocking WHERE (dcip1=" & ip2long(theip) & " AND dcip2=0) OR (dcip1 <= " & ip2long(theip) & " AND " & ip2long(theip) & " <= dcip2 AND dcip2 <> 0)"
end if
rs.Open sSQL,cnn,0,1
if NOT rs.EOF then multiemfblocked = TRUE
rs.Close
checkemfuserblock = multiemfblocked
end function
if request.form("posted")="1" then
success=TRUE
referer = request.servervariables("HTTP_REFERER")
host = request.servervariables("HTTP_HOST")
if instr(referer, host)=0 then
xxEFThk="I'm sorry but your email could not be sent at this time."
else
if htmlemails=true then emlNl = " " else emlNl=vbCrLf
theprodid = trim(left(request.form("id"),50))
Set rs = Server.CreateObject("ADODB.RecordSet")
Set cnn=Server.CreateObject("ADODB.Connection")
cnn.open sDSN
if useemailfriend<>TRUE then
xxEFThk="Email friend not enabled."
elseif checkemfuserblock() then
xxEFThk="" & multiemfblockmessage & ""
response.status = "403 Forbidden"
response.end
else
sSQL="SELECT adminEmail,smtpserver,emailUser,emailPass,adminStoreURL,emailObject FROM admin WHERE adminID=1"
rs.Open sSQL,cnn,0,1
emailAddr = rs("adminEmail")
themailhost = Trim(rs("smtpserver")&"")
theuser = Trim(rs("emailUser")&"")
thepass = Trim(rs("emailPass")&"")
adminStoreURL = rs("adminStoreURL")
if (left(LCase(adminStoreURL),7) <> "http://") AND (left(LCase(adminStoreURL),8) <> "https://") then
adminStoreURL = "http://" & adminStoreURL
end if
if Right(adminStoreURL,1) <> "/" then adminStoreURL = adminStoreURL & "/"
emailObject = rs("emailObject")
rs.Close
friendsemail = left(request.form("friendsemail"),50)
yourname = left(request.form("yourname"),50)
youremail = left(request.form("youremail"),50)
seBody = xxEFYF1 & yourname & " (" & youremail & ")" & xxEFYF2
if trim(request.form("yourcomments"))<>"" then
seBody = seBody & xxEFYF3 & emlNl
seBody = seBody & trim(left(request.form("yourcomments"),2000)) & emlNl
else
seBody = seBody & "." & emlNl
end if
produrl = "proddetail.asp?prod=" & theprodid
if theprodid<>"" then
sSQL = "SELECT pName,pStaticPage FROM products WHERE pID='" & replace(theprodid,"'","''") & "'"
rs.Open sSQL,cnn,0,1
if NOT rs.EOF then
if cint(rs("pStaticPage"))<>0 then produrl = cleanforurl(rs("pName"))&".asp"
end if
rs.Close
end if
if htmlemails=true then
storeLink = adminStoreURL
if Trim(Request.Form("id")) <> "" then storeLink = storeLink & produrl
seBody = seBody & emlNl & "" & storeLink & ""
else
seBody = seBody & emlNl & adminStoreURL
if Trim(Request.Form("id")) <> "" then seBody = seBody & produrl
end if
seBody = seBody & emlNl
call DoSendEmailEO(friendsemail,emailAddr,youremail,yourname & xxEFRec,seBody,emailObject,themailhost,theuser,thepass)
end if
cnn.Close
set rs = nothing
set cnn = nothing
end if
%>