if session("level")=1 then
response.redirect "user1.asp"
elseif session("level")=2 then
response.redirect "administrator1.asp"
elseif session("level")=3 then
response.redirect "webmaster1.asp"
end if
USERNAME<br>
<input type="text" name="us"><br>
PASSWORD<br>
<input type="password" name="pw"> <br>
<input type="hidden" name="menu" value="1">
<input type="submit" value="Login">
'=============================================================
Set Conn = Server.Createobject("ADODB.Connection")
Conn.Open "Driver={SQL Server};Server=;Database=;UID=;PWD=;"
'=============================================================
select case request("menu")
case 1 login
end select
sub login()
sql = "select * from usern where username = '"&request("us")&"' and password = '"&request("pw")&"' "
Set objRec = Server.CreateObject("ADODB.Recordset")
objRec.Open sql, Conn
if not objRec.eof then
session("username")=objRec("username")
session("name")=objRec("name")
session("level")=objRec("user_status")
if session("level")=1 then
response.redirect "User.asp"
elseif session("level")=2 then
response.redirect "Member.asp"
elseif session("level")=3 then
response.redirect "Administrator.asp"
end if
else
response.write "ชื่อหรือรหัสผ่านไม่ถูกต้อง"
end if
end sub
select case request("menu")
case 1 login
end select
sub login()
sql = "select * from user where username = '"&request("us")&"' and password = '"&request("pw")&"' "
Set objRec = Server.CreateObject("ADODB.Recordset")
objRec.Open sql, Conn
if not objRec.eof then
session("username")=objRec("username")
session("name")=objRec("name")
session("status")=objRec("user_status")
if session("status")=1 then
response.redirect "TEST_InsertBudgets.asp"
elseif session("status")=2 then
response.redirect "TEST_ShowDep_Admin.asp"
elseif session("status")=3 then
response.redirect "TEST_ShowDep_Administrator.asp"
elseif session("status")=4 then
response.redirect "Webmaster_ShowAll_Actual.asp"
end if
else
response.write "ชื่อหรือรหัสผ่านไม่ถูกต้อง"
end if
end sub
<%
If Request("Action") = LoginButton Then
Set DB = Connect()
SQL = "SELECT * FROM Login WHERE Username = '" + Request("Username") + "'"
Set RS = DB.Execute (SQL)
If (RS.EOF And RS.BOF) Then
Session (SiteID + "Authentication") = False
Response.Redirect ("login.asp?Error=ชื่อไม่ถูกต้องกรุณากรอกชื่อใหม่ใหม่ครับ!!!")
ElseIf RS("Password") <> Request ("Password") Then
Session (SiteID + "Authentication") = False
Response.Redirect ("login.asp?Error=รหัสผ่านไม่ถูกต้องครับ!!!")
Else
Session (SiteID + "Username") = RS("Username")
Session (SiteID + "FirstName") = RS("FirstName")
Session (SiteID + "LastName") = RS("LastName")
Session (SiteID + "Level") = RS("Level")
Session (SiteID + "Authentication") = True
If RS("Level") ="U" Then
Response.Redirect ("../user/default.asp")
End If
If RS("Level") ="A" Then
Response.Redirect ("../admin/default.asp")
End If
If RS("Level") ="M" Then
Response.Redirect ("../manager/default.asp")
)
End If
If RS("Level") ="Q" Then
Response.Redirect ("../qrs/deltopic.asp")
End If
If RS("Level") ="S" Then
Response.Redirect ("../administrator.asp")
))
End If
End If
End If
%>
ถ้าอย่างนั้นก็เปลี่ยน code สำหรับใช้เปรียบเทียบ ตรงหลัง คำสั่ง case เป็นตัวอักษร ตามนี้ครับ
Code (ASP)
Select Case Session("status")
Case "1" ' --- เปลี่ยนตรงนี้ และทุก case
Response.Redirect "page_level1.asp"
Case "2"
Response.Redirect "page_level2.asp"
Case "3"
Response.Redirect "page_level3.asp"
Case "4"
Response.Redirect "page_level4.asp"
End Select
Select Case Session("status")
Case "1"
Response.Redirect "user1.asp"
Case "2"
Response.Redirect "administrator1.asp"
Case "3"
Response.Redirect "webmaster1.asp"
Case else
Response.Redirect "Index.asp"
End Select