<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%> ENSEC Process Login <% 'declare 2 variables of type string dim strUsernam dim strPasswrd dim sConnString, connection, sSQL 'get information from login form and store it inside the variables strUsernam = replace(request.Form("txtUsername"),"'","''") strPasswrd = replace(request.Form("txtPassword"),"'","''") set conn=Server.CreateObject("ADODB.Connection") conn.Provider="Microsoft.Jet.OLEDB.4.0" conn.Open "D:\Sites\Pungo8\dadmin2\database\core.mdb" set rs = Server.CreateObject("ADODB.recordset") rs.open "SELECT * FROM users_tbl WHERE Usernam='" & strUsernam & "' AND Passwrd='" & strPasswrd & "'", conn, 2,2 If (not rs.BOF) and (not rs.EOF) then session("uservalid") = rs("firstnam") session("Security") = rs("security") response.redirect("contentsmainB.asp") else response.redirect("login.asp?error=Incorrect Login") end if rs.close set rs = nothing connection.close set connection = nothing %>