<% Username = Request.Form("txtUserName")
Password = Request.Form("txtPassword")
Set Conn = Server.Createobject("ADODB.Connection")
Conn.Open "Driver={SQL Server};Server=L0820_WUTTISAA1;Database=OVCM;UID=ovcm;PWD=Ninekao9;"
set rs = server.CreateObject ("ADODB.Recordset")
rs.Open "SELECT * FROM Userlist where UserName='"& UserName &"'", conn, 1
If rs.recordcount = 0 then
rs.close
conn.close
set rs=nothing
set conn=nothing
Response.Redirect("index.asp?login=namefailed")
end if
if rs("password") = Password then
Session("name") = rs("fullname")
rs.Close
conn.Close
set rs=nothing
set conn=nothing
Response.Redirect("Home.asp")
else
rs.Close
conn.Close
set rs=nothing
set conn=nothing
Response.Redirect("index.asp?login=passfailed")
end if
%>