<% Response.Expires=0 Response.Buffer = True bmsUsername = Request.Form("bmsUsername") bmsPassword = Request.Form("bmsPassword") 'dateLogged = Day(Date) & "-" & Monthname(Month(Date)) & "-" & Year(Date) 'timeLogged = Hour(Now) & ":" & Minute(Now) & ":" & Second(Now) If bmsUsername = "" OR bmsPassword = "" Then %> <% Response.End End If strQ = "SELECT bmsWebUsers.id_bmsUsers,bmsWebUsers.bmsUsername,bmsWebUsers.bmsFirstName,bmsWebUsers.bmsSurname " & _ "FROM bmsWebUsers WHERE bmsUsername = '" & bmsUsername & "' and bmsPassword = '" & bmsPassword & "' ;" %> <% DIM objConn DIM rsLogin Set objConn = Server.CreateObject("ADODB.Connection") objConn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("btlsa.mdb") Set rsLogin = objConn.Execute(strQ) If rsLogin.EOF Then %> <% Response.End End If Session("userID") = rsLogin("id_bmsUsers") Session("bmsUser") = rsLogin("bmsUsername") Session("bmsName") = rsLogin("bmsFirstName") Session("bmsSurname") = rsLogin("bmsSurname") rsLogin.Close Set rsLogin = Nothing objConn.Close Set objConn = Nothing Response.Redirect ("../includes/redirect.asp") %>