|
<%
If Request.Form("action") <> "validate_login" Then
%>
<%
Else
Dim cnnLogin
Dim rstLogin
Dim strSQL
Dim strUsername, strPassword, strURL
strUsername = Request.Form("login")
strPassword = Request.Form("password")
If Len(strUsername) > 25 Or Len(strPassword) > 25 Then
strUsername = ""
strPassword = ""
Else
strUsername = Replace(strUsername, "'", "''")
strPassword = Replace(strPassword, "'", "''")
End If
strSQL = "SELECT * FROM tblLoginInfo " _
& "WHERE username='" & strUsername & "' " _
& "AND password='" & strPassword & "';"
Set cnnLogin = Server.CreateObject("ADODB.Connection")
cnnLogin.Open("DRIVER={Microsoft Access Driver (*.mdb)};" _
& "DBQ=" & Server.MapPath("/connections/db/dbcontrol.mdb"))
Set rstLogin = cnnLogin.Execute(strSQL)
session("logon_status") = "InActive"
If rstLogin.EOF Then
Session("username") = ""
strURL = ""
%>
Login Failed - Please verify username and password.
Try Again
<%
'Response.End
Else
Session("username") = rstLogin.Fields("username").Value
session("logon_status") = "Active"
strURL = rstLogin.Fields("destination").Value
Response.Redirect("/connections/destinations/" & strURL)
End If
' Clean Up
rstLogin.Close
Set rstLogin = Nothing
cnnLogin.Close
Set cnnLogin = Nothing
End If
%>
|
