<%@LANGUAGE="JAVASCRIPT"%> <% // *** Validate request to log in to this site. var MM_LoginAction = Request.ServerVariables("URL"); if (Request.QueryString != "") MM_LoginAction += "?" + Server.HTMLEncode(Request.QueryString); var MM_valUsername = String(Request.Form("txtUserName")); if (MM_valUsername != "undefined") { var MM_fldUserAuthorization = ""; var MM_redirectLoginSuccess = "www.spoontiques.com"; var MM_redirectLoginFailed = "www.snapper.net"; var MM_loginSQL = "SELECT AccLevel, Pword"; if (MM_fldUserAuthorization != "") MM_loginSQL += "," + MM_fldUserAuthorization; MM_loginSQL += " FROM employees WHERE AccLevel = ? AND Pword = ?"; var MM_rsUser_cmd = Server.CreateObject ("ADODB.Command"); MM_rsUser_cmd.ActiveConnection = MM_myEmployees_STRING; MM_rsUser_cmd.CommandText = MM_loginSQL; MM_rsUser_cmd.Parameters.Append(MM_rsUser_cmd.CreateParameter("param1", 5, 1, -1, MM_valUsername)); // adDouble MM_rsUser_cmd.Parameters.Append(MM_rsUser_cmd.CreateParameter("param2", 200, 1, 50, Request.Form("txtPassword"))); // adVarChar MM_rsUser_cmd.Prepared = true; var MM_rsUser = MM_rsUser_cmd.Execute(); if (!MM_rsUser.EOF || !MM_rsUser.BOF) { // username and password match - this is a valid user Session("MM_Username") = MM_valUsername; if (MM_fldUserAuthorization != "") { Session("MM_UserAuthorization") = String(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value); } else { Session("MM_UserAuthorization") = ""; } if (String(Request.QueryString("accessdenied")) != "undefined" && false) { MM_redirectLoginSuccess = Request.QueryString("accessdenied"); } MM_rsUser.Close(); Response.Redirect(MM_redirectLoginSuccess); } MM_rsUser.Close(); Response.Redirect(MM_redirectLoginFailed); } %>

User Name
Password

this is the asp version