<%@LANGUAGE="VBSCRIPT"%> <% Dim rsLogin__strUserID rsLogin__strUserID = "xyz" if(Request.Form("UserID") <> "") then rsLogin__strUserID = Request.Form("UserID") Dim rsLogin__strPassword rsLogin__strPassword = "123" if(Request.Form("Password") <> "") then rsLogin__strPassword = Request.Form("Password") %> <% set rsLogin = Server.CreateObject("ADODB.Recordset") rsLogin.ActiveConnection = "dsn=enkido;" rsLogin.Source = "SELECT * FROM tblLogin WHERE UserID = '" + Replace(rsLogin__strUserID, "'", "''") + "' AND Password = '" + Replace(rsLogin__strPassword, "'", "''") + "'" rsLogin.CursorType = 0 rsLogin.CursorLocation = 2 rsLogin.LockType = 3 rsLogin.Open rsLogin_numRows = 0 %><% If rsLogin__strUserID <> "xyz" then If Not rsLogin.EOF Then Session("svUserID") = (rsLogin.Fields("UserID").Value) Session("svPassword") = (rsLogin.Fields("Password").Value) Session("svAccessGroup") = (rsLogin.Fields("AccessGroup").Value) Response.Redirect "LoginOK.asp" Else Response.Redirect "Register.asp" End If End If %>

User Id : Password: