<%
If Request.Form("action") <> "validate_login" Then
%>
Back to Main Page
<%
Else
Dim cnnLogin
Dim rstLogin
Dim strSQL
Dim strUsername, strPassword, strURL
strUsername = Request.Form("login")
strPassword = Request.Form("password")
If Len(strUsername) > 25 Or Len(strPassword) > 25 Then
strUsername = ""
strPassword = ""
Else
strUsername = Replace(strUsername, "'", "''")
strPassword = Replace(strPassword, "'", "''")
End If
strSQL = "SELECT * FROM tblLoginInfo " _
& "WHERE username='" & strUsername & "' " _
& "AND password='" & strPassword & "';"
Set cnnLogin = Server.CreateObject("ADODB.Connection")
cnnLogin.Open("DRIVER={Microsoft Access Driver (*.mdb)};" _
& "DBQ=" & Server.MapPath("public/login.mdb"))
Set rstLogin = cnnLogin.Execute(strSQL)
If rstLogin.EOF Then
Session("username") = ""
strURL = ""
'
'
'
'Login Failed - Please verify username and password.
'
'
'
'
'Try Again
'
'
'
'Response.End
Else
Session("username") = rstLogin.Fields("username").Value
strURL = rstLogin.Fields("destination").Value
Response.Redirect(strURL)
End If
' Clean Up
rstLogin.Close
Set rstLogin = Nothing
cnnLogin.Close
Set cnnLogin = Nothing
End If
%>
|