%@LANGUAGE="JAVASCRIPT"%> <% var rsCustomers = Server.CreateObject("ADODB.Recordset"); rsCustomers.ActiveConnection = MM_connAndes_STRING; rsCustomers.Source = "SELECT CustomerID, LastName, FirstName, Usergroup, Username, Password FROM Customers"; rsCustomers.CursorType = 0; rsCustomers.CursorLocation = 2; rsCustomers.LockType = 3; rsCustomers.Open(); var rsCustomers_numRows = 0; %> <% // *** Validate request to log in to this site. var MM_LoginAction = Request.ServerVariables("URL"); if (Request.QueryString!="") MM_LoginAction += "?" + Request.QueryString; var MM_valUsername=String(Request.Form("username")); if (MM_valUsername != "undefined") { var MM_fldUserAuthorization="Usergroup"; var MM_redirectLoginSuccess="product_search.asp"; var MM_redirectLoginFailed="loginfail.html"; var MM_flag="ADODB.Recordset"; var MM_rsUser = Server.CreateObject(MM_flag); MM_rsUser.ActiveConnection = "dsn=andescoffee;"; MM_rsUser.Source = "SELECT Username, Password"; if (MM_fldUserAuthorization != "") MM_rsUser.Source += "," + MM_fldUserAuthorization; MM_rsUser.Source += " FROM Customers WHERE Username='" + MM_valUsername + "' AND Password='" + String(Request.Form("password")) + "'"; MM_rsUser.CursorType = 0; MM_rsUser.CursorLocation = 2; MM_rsUser.LockType = 3; MM_rsUser.Open(); if (!MM_rsUser.EOF || !MM_rsUser.BOF) { // username and password match - this is a valid user Session("MM_Username") = MM_valUsername; if (MM_fldUserAuthorization != "") { Session("MM_UserAuthorization") = String(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value); } else { Session("MM_UserAuthorization") = ""; } if (String(Request.QueryString("accessdenied")) != "" && false) { MM_redirectLoginSuccess = Request.QueryString("accessdenied"); } MM_rsUser.Close(); Response.Redirect(MM_redirectLoginSuccess); } MM_rsUser.Close(); Response.Redirect(MM_redirectLoginFailed); } %>
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
|