<%
if request.Form("user1")="" and request.Form("Xpass")="" then
session("SysError") = ""
response.redirect("Login.asp")
end if
if request.Form("user1")="" or request.Form("Xpass")="" then
session("SysError") = "**** YOU MUST INSERT ALL DATA *****"
response.redirect("Login.asp")
end if
dim dbconn,rst,sql
Set dbconn=Server.CreateObject("ADODB.Connection")
dbconn.open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ="&Server.mappath("Register.mdb")
dim x
sql="select * from user where UserName='"& request.Form("user1") &"'"
Set rst =Server.CreateObject("ADODB.Recordset")
rst.open sql,dbconn,1,3
x = rst.recordcount
if x<1 then
session("SysError") = "äÁèÁÕ UserName ¹Õé"
response.redirect("Login.asp")
end if
sql="select * from user where UserName='"& request.Form("user1") &"' and Upassword='"& request.Form("Xpass") &"'"
Set rst =Server.CreateObject("ADODB.Recordset")
rst.open sql,dbconn,1,3
x = rst.recordcount
if x<=0 then
session("Xuser") = request.form("user1")
session("SysError")="Password äÁè¶Ù¡µéͧ"
response.redirect("Login.asp")
else
session("User") = rst("UserName")
session("UnameSurname") = rst("Uname")
response.redirect("MainUser.asp")
end if
%>
--------------------------
ไฟลืที่3 mainuser.asp
<%
if session("User")="" then
session("SysError") ="·èÒ¹äÁèÁÕÊÔ·¸Ôì㹡ÒÃãªéÃкº"
response.redirect("Login.asp")
end if
%>
<html>
<head><title>User</title></head>
<body>
Welcome to website ~ <%=session("UnameSurname")%> ~<br>
You successful in login <br>
<a href="Login.asp">LogOut</a>