<% var BlackList, ErrorPage, s; BlackList = new Array("--", "/*", "*/", "@@", "@", "char", "nchar", "varchar", "nvarchar", "alter", "begin", "cast", "create", "cursor", "declare", "delete", "drop", "end", "exec", "execute", "fetch", "insert", "kill", "open", "select", "sys", "sysobjects", "syscolumns", "table", "update"); ErrorPage = "/"; //''''''''''''''''''''''''''''''''''''''''''''''''''' //' This function does not check for encoded characters //' since we do not know the form of encoding your application //' uses. Add the appropriate logic to deal with encoded characters //' in here //''''''''''''''''''''''''''''''''''''''''''''''''''' function CheckStringForSQL(str) { str = str+""; if ( ("null" == str) || "undefined" == str) { return false; } var tmp = str.toLowerCase(); for(i=0; i < BlackList.length;i++) { if(str.toLowerCase().indexOf(BlackList[i]) != -1) { return true; } } return false; } function CheckColection(collection) { items = new Enumerator(collection); while(!items.atEnd()) { item = items.item(); if(CheckStringForSQL(collection(item))) { Response.Redirect(ErrorPage); } items.moveNext(); } } CheckColection(Request.Form); CheckColection(Request.QueryString); CheckColection(Request.Cookies); %> <% var gstrConnectionString="Provider=SQLOLEDB; Data Source=66.102.130.75; Initial Catalog=tokenya; uid=ifani; Password=kinos;"; //var gstrConnectionString="Provider=SQLOLEDB; Data Source=localhost; Initial Catalog=tokenya; uid=sa; Password=altoros2;"; var gstrConnKenyaString="Provider=SQLOLEDB; Data Source=66.102.130.75; Initial Catalog=kenyaDB; uid=ifani; Password=kinos;"; //var gstrConnKenyaString="Provider=SQLOLEDB; Data Source=localhost; Initial Catalog=kenya; uid=sa; Password=altoros2;"; var garrAdminMailAddr = new Array ("travel@kenya.com"); var gstrFromMailAddr="travel@kenya.com"; var gstrFaresToMainPage=5; var gstrSafarisForPage=15; var gstrOrdersForPage=15; var gstrApplicationsForPage=5; var gintTax=395; %> <% //-------------------------------------------------------------------- // Microsoft ADO // // (c) 1996-1998 Microsoft Corporation. All Rights Reserved. // // // // ADO varants include file for JScript // //-------------------------------------------------------------------- //---- CursorTypeEnum Values ---- var adOpenForwardOnly = 0; var adOpenKeyset = 1 var adOpenDynamic = 2 var adOpenStatic = 3 //---- LockTypeEnum Values ---- var adLockReadOnly = 1 var adLockPessimistic = 2 var adLockOptimistic = 3 var adLockBatchOptimistic = 4 //---- CursorLocationEnum Values ---- var adUseServer = 2 var adUseClient = 3 //---- DataTypeEnum Values ---- var adEmpty = 0 var adTinyInt = 16 var adSmallInt = 2 var adInteger = 3 var adBigInt = 20 var adUnsignedTinyInt = 17 var adUnsignedSmallInt = 18 var adUnsignedInt = 19 var adUnsignedBigInt = 21 var adSingle = 4 var adDouble = 5 var adCurrency = 6 var adDecimal = 14 var adNumeric = 131 var adBoolean = 11 var adError = 10 var adUserDefined = 132 var adVariant = 12 var adIDispatch = 9 var adIUnknown = 13 var adGUID = 72 var adDate = 7 var adDBDate = 133 var adDBTime = 134 var adDBTimeStamp = 135 var adBSTR = 8 var adChar = 129 var adVarChar = 200 var adLongVarChar = 201 var adWChar = 130 var adVarWChar = 202 var adLongVarWChar = 203 var adBinary = 128 var adVarBinary = 204 var adLongVarBinary = 205 var adChapter = 136 var adFileTime = 64 var adDBFileTime = 137 var adPropVariant = 138 var adVarNumeric = 139 //---- GetRowsOptionEnum Values ---- var adGetRowsRest = -1 //---- PositionEnum Values ---- var adPosUnknown = -1 var adPosBOF = -2 var adPosEOF = -3 //---- enum Values ---- var adBookmarkCurrent = 0 var adBookmarkFirst = 1 var adBookmarkLast = 2 //---- MarshalOptionsEnum Values ---- var adMarshalAll = 0 var adMarshalModifiedOnly = 1 //---- AffectEnum Values ---- var adAffectCurrent = 1 var adAffectGroup = 2 var adAffectAll = 3 var adAffectAllChapters = 4 //---- ResyncEnum Values ---- var adResyncUnderlyingValues = 1 var adResyncAllValues = 2 //---- CompareEnum Values ---- var adCompareLessThan = 0 var adCompareEqual = 1 var adCompareGreaterThan = 2 var adCompareNotEqual = 3 var adCompareNotComparable = 4 //---- FilterGroupEnum Values ---- var adFilterNone = 0 var adFilterPendingRecords = 1 var adFilterAffectedRecords = 2 var adFilterFetchedRecords = 3 var adFilterPredicate = 4 var adFilterConflictingRecords = 5 //---- SearchDirectionEnum Values ---- var adSearchForward = 1 var adSearchBackward = -1 //---- PersistFormatEnum Values ---- var adPersistADTG = 0 var adPersistXML = 1 //---- StringFormatEnum Values ---- var adStringXML = 0 var adStringHTML = 1 var adClipString = 2 //---- ConnectPromptEnum Values ---- var adPromptAlways = 1 var adPromptComplete = 2 var adPromptCompleteRequired = 3 var adPromptNever = 4 //---- ConnectModeEnum Values ---- var adModeUnknown = 0 var adModeRead = 1 var adModeWrite = 2 var adModeReadWrite = 3 var adModeShareDenyRead = 4 var adModeShareDenyWrite = 8 //---- ParameterDirectionEnum Values ---- var adParamUnknown = 0 var adParamInput = 1 var adParamOutput = 2 var adParamInputOutput = 3 var adParamReturnValue = 4 //---- CommandTypeEnum Values ---- var adCmdUnknown = 8 var adCmdText = 1 var adCmdTable = 2 var adCmdStoredProc = 4 //---- EventReasonEnum Values ---- var adRsnAddNew = 1 var adRsnDelete = 2 var adRsnUpdate = 3 var adRsnUndoUpdate = 4 var adRsnUndoAddNew = 5 var adRsnUndoDelete = 6 var adRsnRequery = 7 var adRsnResynch = 8 var adRsnClose = 9 var adRsnMove = 10 var adRsnFirstChange = 11 var adRsnMoveFirst = 12 var adRsnMoveNext = 13 var adRsnMovePrevious = 14 var adRsnMoveLast = 15 //---- SchemaEnum Values ---- var adSchemaProviderSpecific = -1 var adSchemaAsserts = 0 var adSchemaCatalogs = 1 var adSchemaCharacterSets = 2 var adSchemaCollations = 3 var adSchemaColumns = 4 var adSchemaCheckvarraints = 5 var adSchemavarraintColumnUsage = 6 var adSchemavarraintTableUsage = 7 var adSchemaKeyColumnUsage = 8 var adSchemaReferentialvarraints = 9 var adSchemaTablevarraints = 10 var adSchemaColumnsDomainUsage = 11 var adSchemaIndexes = 12 var adSchemaColumnPrivileges = 13 var adSchemaTablePrivileges = 14 var adSchemaUsagePrivileges = 15 var adSchemaProcedures = 16 var adSchemaSchemata = 17 var adSchemaSQLLanguages = 18 var adSchemaStatistics = 19 var adSchemaTables = 20 var adSchemaTranslations = 21 var adSchemaProviderTypes = 22 var adSchemaViews = 23 var adSchemaViewColumnUsage = 24 var adSchemaViewTableUsage = 25 var adSchemaProcedureParameters = 26 var adSchemaForeignKeys = 27 var adSchemaPrimaryKeys = 28 var adSchemaProcedureColumns = 29 var adSchemaDBInfoKeywords = 30 var adSchemaDBInfoLiterals = 31 var adSchemaCubes = 32 var adSchemaDimensions = 33 var adSchemaHierarchies = 34 var adSchemaLevels = 35 var adSchemaMeasures = 36 var adSchemaProperties = 37 var adSchemaMembers = 38 //---- ADCPROP_UPDATECRITERIA_ENUM Values ---- var adCriteriaKey = 0 var adCriteriaAllCols = 1 var adCriteriaUpdCols = 2 var adCriteriaTimeStamp = 3 //---- ADCPROP_ASYNCTHREADPRIORITY_ENUM Values ---- var adPriorityLowest = 1 var adPriorityBelowNormal = 2 var adPriorityNormal = 3 var adPriorityAboveNormal = 4 var adPriorityHighest = 5 //---- CEResyncEnum Values ---- var adResyncNone = 0 var adResyncAutoIncrement = 1 var adResyncConflicts = 2 var adResyncUpdates = 4 var adResyncInserts = 8 var adResyncAll = 15 //---- ADCPROP_AUTORECALC_ENUM Values ---- var adRecalcUpFront = 0 var adRecalcAlways = 1 %> <% var locations=""; var locations_parks="" var hotelsystems=""; var conn=Server.CreateObject("ADODB.Connection"); conn.Open (gstrConnectionString); var rs=Server.CreateObject("ADODB.Recordset"); //var strSQL="SELECT * FROM tbLocations WHERE lct_parent_id IS NULL AND CHARINDEX('" + intKenyaSiteId + "', lct_sites)>0"; var strSQL="SELECT * FROM tbLocations WHERE lct_parent_id IS NULL"; rs.Open(strSQL, conn) if (!rs.BOF) { while(!rs.EOF) { locations+="[\"" + String(rs.Fields("lct_name").Value).toUpperCase() + "\", \"location.asp?id=" + rs.Fields("lct_id").Value + "\"]," locations_parks+="[\"" + String(rs.Fields("lct_name").Value).toUpperCase() + "\", \"parks.asp\"]," rs.MoveNext() } } rs.Close() //strSQL="SELECT * FROM tbHotelSystems WHERE CHARINDEX('" + intKenyaSiteId + "', htls_sites)>0 ORDER BY htls_name DESC" strSQL="SELECT * FROM tbHotelSystems ORDER BY htls_name DESC" rs.Open(strSQL, conn) if (!rs.BOF) { while (!rs.EOF) { hotelsystems+="[\""+ String(rs.Fields("htls_name").Value).toUpperCase() + "\", \"hotelsystem.asp?id=" + rs.Fields("htls_id").Value + "\"]," rs.MoveNext() } } rs.Close() rs=null; conn.Close() conn=null; %>
www.tokenya.com
Current time in Nairobi:

Click for Nairobi Jomo, Kenya Forecast
Privacy Policy

Kenya.com, Inc. respects your privacy. We have created this privacy statement in order to demonstrate our commitment to you, our customer. This privacy statement discloses the privacy practices for this site, www.tokenya.com.

We do not rent our mailing list to 3rd parties.

We only send email and postal mail to those who have elected to receive it from us. You can opt-out of receiving these notices by writing to us under the subject heading Remove from Notice List" Addressed to travel@kenya.com.

If you have questions or concerns regarding this statement, you should first contact Kenya.com Inc. at travel@kenya.com or call (714) 848-5800.

We will never give any information about you to others without your express permission. Our site uses forms in which you give us contact information (like your name, address, and email address) so you can place orders, request information and support, and make product suggestions. We use your customer information only when it will be important for us to contact you regarding functionality changes to our products, our web site, new Go Daddy services, and special offers we think you'll find valuable. If you would rather not receive this information, please see the "Updating Your Information" section below on how to change your preferences.

We use information gathered about you from our site statistics (for example your IP address) to help diagnose problems with our server, and to administer our Web site. We also gather broad demographic information from this data to help us improve our site and make your browsing and purchasing experience more enjoyable. This is not linked to any personally identifiable information.

Our site uses cookies to keep track of your shopping cart and receipts. We use cookies to identify you so you don't have to login each time you visit our site.

This site also contains links to other sites. Unfortunately Kenya.com Inc. responsible for the privacy practices or the content of such Web sites.
Security
This site has security measures in place to protect the loss, misuse and alteration of the information under our control. Please view our Secure Ordering page for further details.

Updating Your Information
As a customer of Kenya.com, you may alter your customer information or opt-out of receiving communications from us and our partners at any time. We have the following options for changing and modifying your customer information.
- You may send an email to travel@kenya.com
- You may send mail to Kenya.com Inc at the following postal address: 16152 Beach Blvd, Suite 117, Huntington Beach, CA 92647 USA
- You may call us at: (714) 848-5800
- Or you may fax us at (714) 464-4521

Sending Emails
We use emails to communicate with you, to confirm your placed orders, and to send information that you have requested. We also provide email links, as on our "Contact Kenya.com" page, to allow you to contact us directly. We strive to promptly reply to your messages.

The information you send to us may be stored and used to improve this site and our products, or it may be reviewed and discarded. However, your information will only be shared with third parties with your explicit permission.

Only If We Have To
As stated previously in this policy, we will never give out your information without your permission. The only exceptions to this are, when we are required by law, in the good-faith belief that such action is necessary in order to conform to the edicts of the law, or we must comply with a legal process served on our web site.

Changes In Our Practices
If we change our information handling practices or other privacy aspects, we will post those changes on this privacy statement, at least 30 days prior to their implementation. We will also notify you directly via email.

Service Provider
We use a credit card processing company to bill users for goods and services. These companies do not retain or share or store or use personally identifiable information for any secondary purposes.

Contest
From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of this site.

Tell-A-Friend
If a user elects to use our referral service for informing a friend about our site, we ask them for the friend's name and email address. Kenya.com will automatically send the friend a one-time email inviting them to visit the site. Kenya.com stores this information for the sole purpose of sending this one-time email. The friend may contact Kenya.com Inc. at travel@kenya.com to request the removal of this information from our database.

Contacting the Web Site
If you have any questions about our privacy statement, the practices of this site, or your dealings with this Web site, you can contact:

Manager
Kenya.com, Inc.
16152 Beach Blvd
Suite 117
Huntington Beach, CA 92647
USA
travel@kenya.com

Thank you for your business.
Sincerely, Kenya.com Inc. Team
Home | Contact | Privacy Policy | Terms and Conditions
CST#:2064740-40 | ©<%=new Date().getYear()%> Kenya.com Inc | Web Design by Altoros