taylor01/gist:2cf5a1834ec23fe024b6

## gistfile1.asp
<%@ Language=VBScript %>
<%
pageTitle = "Photos"
pageName = "photos"
%>

<!--#include file="include/i_header.asp"-->

	<!--Content Start - 650 px wide-->

		<table width="100%" border="0" cellspacing="0" cellpadding="0">

			<tr>
				<td valign="top">
				<%
				authToken = ""

				strPassword = "!#@!avauth"
				strUserName = lcase(request.Cookies("UserGUID"))

				'response.write strUserName & "<br>"

				if not isnull(strUserName) and strUserName <> "" then

					sqlText = _
					"SELECT RTRIM(LTRIM(user_fname)) + ' ' + RTRIM(LTRIM(user_lname)) AS fullname " & _
					"FROM dbo.hms_user " & _
					"WHERE (user_id = ':1')"

					if isGUID(strUserName) then
						sqlText = replace(sqlText,":1",strUserName)
					else
						response.Redirect "http://www.teamhendrick.com"
					end if

					set rsName = Server.CreateObject("ADODB.Recordset")
					cmdTemp.CommandText = sqlText
					rsName.Open cmdTemp, ,adOpenStatic, adLockReadOnly

					if not rsName.EOF then
						strFullName = rsName("fullname")
					else
						strFullName = "TeamHendrick User"
					end if

					rsName.Close
					set rsName = nothing

					strUserName = replace(replace(strUserName,"{",""),"}","")

				else
		 			response.redirect "http://www.teamhendrick.com"

		 		end if

		 		'response.write "test <br>"
		 		'response.write strPassword & "<br>"
		 		'response.write strUserName & "<br>"
		 		'response.write "test <br>"

				set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
				objHttp.open "POST", "https://images.teamhendrick.com/cgi-bin/WebObjects/HendrickMotorsports.woa/wa/generateAuthToken", false
				objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
				objHttp.Send "pw="&strPassword&"&userName="&strUserName

				testString = objHttp.responseText
				'response.write testString & "<br>"

				if not isnull(testString) and testString <> "" then
					testString = replace(testString," ","")
				end if
				if instr(testString,"authTokenstatus=""ok""") > 0 then
					bTokenGood = true
					authToken = replace(testString,"<authTokenstatus=""ok""value=""","")
					authToken = replace(authToken,"""/>","")
					authToken = left(authToken,36)
				end if

				'Check validation
				if bTokenGood then

				 	'for testing
				 	'response.write authToken & "<br>"
				 	'response.write strUserName & "<br><br>"
				 	'response.Write    "https://images.teamhendrick.com/cgi-bin/WebObjects/HendrickMotorsports.woa/wa/authTokenLogin?userName="&strUserName&"&authToken="&trim(authToken)&"&fullName="&strFullName
					'response.end

					'redirect here
					response.redirect "https://images.teamhendrick.com/cgi-bin/WebObjects/HendrickMotorsports.woa/wa/authTokenLogin?userName="&strUserName&"&authToken="&trim(authToken)&"&fullName="&strFullName

				else

					'for testing
					'response.write "An error occured"
					'response.end

					'redirect here
					response.redirect "http://www.teamhendrick.com"

				end if

				set objHttp = nothing
				%>
				</td>
			</tr>

		</table>

	<!--End Content-->

<!--#include file="include/i_footer.asp"-->
	<%@ Language=VBScript %>
	<%
	pageTitle = "Photos"
	pageName = "photos"
	%>

	<!--#include file="include/i_header.asp"-->

	<!--Content Start - 650 px wide-->

	<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr>
	<td valign="top">
	<%
	authToken = ""

	strPassword = "!#@!avauth"
	strUserName = lcase(request.Cookies("UserGUID"))

	'response.write strUserName & "<br>"

	if not isnull(strUserName) and strUserName <> "" then

	sqlText = _
	"SELECT RTRIM(LTRIM(user_fname)) + ' ' + RTRIM(LTRIM(user_lname)) AS fullname " & _
	"FROM dbo.hms_user " & _
	"WHERE (user_id = ':1')"

	if isGUID(strUserName) then
	sqlText = replace(sqlText,":1",strUserName)
	else
	response.Redirect "http://www.teamhendrick.com"
	end if

	set rsName = Server.CreateObject("ADODB.Recordset")
	cmdTemp.CommandText = sqlText
	rsName.Open cmdTemp, ,adOpenStatic, adLockReadOnly

	if not rsName.EOF then
	strFullName = rsName("fullname")
	else
	strFullName = "TeamHendrick User"
	end if

	rsName.Close
	set rsName = nothing

	strUserName = replace(replace(strUserName,"{",""),"}","")

	else
	response.redirect "http://www.teamhendrick.com"

	end if

	'response.write "test <br>"
	'response.write strPassword & "<br>"
	'response.write strUserName & "<br>"
	'response.write "test <br>"

	set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
	objHttp.open "POST", "https://images.teamhendrick.com/cgi-bin/WebObjects/HendrickMotorsports.woa/wa/generateAuthToken", false
	objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
	objHttp.Send "pw="&strPassword&"&userName="&strUserName

	testString = objHttp.responseText
	'response.write testString & "<br>"

	if not isnull(testString) and testString <> "" then
	testString = replace(testString," ","")
	end if
	if instr(testString,"authTokenstatus=""ok""") > 0 then
	bTokenGood = true
	authToken = replace(testString,"<authTokenstatus=""ok""value=""","")
	authToken = replace(authToken,"""/>","")
	authToken = left(authToken,36)
	end if

	'Check validation
	if bTokenGood then

	'for testing
	'response.write authToken & "<br>"
	'response.write strUserName & "<br><br>"
	'response.Write "https://images.teamhendrick.com/cgi-bin/WebObjects/HendrickMotorsports.woa/wa/authTokenLogin?userName="&strUserName&"&authToken="&trim(authToken)&"&fullName="&strFullName
	'response.end

	'redirect here
	response.redirect "https://images.teamhendrick.com/cgi-bin/WebObjects/HendrickMotorsports.woa/wa/authTokenLogin?userName="&strUserName&"&authToken="&trim(authToken)&"&fullName="&strFullName

	else

	'for testing
	'response.write "An error occured"
	'response.end

	'redirect here
	response.redirect "http://www.teamhendrick.com"

	end if

	set objHttp = nothing
	%>
	</td>
	</tr>

	</table>

	<!--End Content-->

	<!--#include file="include/i_footer.asp"-->