<%
If not Session("logon") Then
DBPath="c:\Inetpub\wwwroot\Chap13\noi.mdb"
LoginPath="/Inetpub/wwwroot/Chap13/login.asp"
webpage=Request.Form("webpage")
If webpage="" Then
webpage=Request.ServerVariables("SCRIPT_NAME")
If InStr(webpage,"authenticate.asp")<>0 Then
webpage=""
End If
End If
If Username="" or Password="" Then
Username=Request.Cookies("Member")("Username")
Password=Request.Cookies("Member")("Password")
Else If Request.Form("remember")="on" Then
Response.Cookies("Member")("Username")=Username
Response.Cookies("Member")("Password")=Password
Response.Cookies("Member").Expires=Date+1
End If
End If
If Not (Username="" or Password ="") Then
Set Conn=Server.CreateObject("ADODB.Connection")
Conn.open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & DBPath
Sql="Select * From customer where Username='" & Username & "' and Password='" & Password & "'"
Set rs=Conn.Execute(Sql)
If Not rs.Eof Then
Session("logon")=true
If webpage<>"" Then
Response.Redirect webpage
Response.Redirect "userzone.asp"
End If
Else
Response.Redirect LoginPath & "?webpage=" & Server.URLEncode(webpage)
End If
Else
Response.Redirect LoginPath & "?webpage=" & Server.URLEncode(webpage)
End If
End If
%>