<% Function CheckPwd( ID, Pwd ) Dim conn, param, rs Set conn = Server.CreateObject("ADODB.Connection") param = "driver={Microsoft Access Driver (*.mdb)};Pwd=" conn.Open param & ";dbq=" & Server.MapPath("itfuser.mdb") sql = "Select * From loginuser Where uname='" & ID & "' And upassword = '" & Pwd & "'" Set rs = conn.Execute( sql ) If rs.EOF Then CheckPwd = False Else CheckPwd = True End If End Function %> <% If IsEmpty(Session("Passed")) Then Session("Passed") = False Head = "Please input your login information:" ID = Request("ID") Pwd = Request("Pwd") If ID = "" Or Pwd = "" Then Head = "Please input your login information:" ElseIf Not CheckPwd( ID, Pwd ) Then Head = "Incorrect user name or password." Else Session("Passed") = True response.redirect "q1.html" End If If Not Session("Passed") Then %> head

<%=Head%>

Method=POST>
User Name: >
Password: >



<< main page >>

<% Response.End End If %>