"

From 2010.igem.org

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>

<%

' *** Validate request to log in to this site.

MM_LoginAction = Request.ServerVariables("URL")

If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString

MM_valUsername=CStr(Request.Form("EmailAddress"))

If MM_valUsername <> "" Then

MM_fldUserAuthorization=""

MM_redirectLoginSuccess="/pass.asp"

MM_redirectLoginFailed="/fail.asp"

MM_flag="ADODB.Recordset"

set MM_rsUser = Server.CreateObject(MM_flag)

MM_rsUser.ActiveConnection = MM_testing_STRING

MM_rsUser.Source = "SELECT EmailAddress, MyPassword"

If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization

MM_rsUser.Source = MM_rsUser.Source & " FROM admin WHERE EmailAddress='" & Replace(MM_valUsername,"'","") &"' AND MyPassword='" & Replace(Request.Form("MyPassword"),"'","") & "'"

MM_rsUser.CursorType = 0

MM_rsUser.CursorLocation = 2

MM_rsUser.LockType = 3

MM_rsUser.Open

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then

' username and password match - this is a valid user

Session("MM_Username") = MM_valUsername

If (MM_fldUserAuthorization <> "") Then

Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)

Else

Session("MM_UserAuthorization") = ""

End If

if CStr(Request.QueryString("accessdenied")) <> "" And false Then

MM_redirectLoginSuccess = Request.QueryString("accessdenied")

End If

MM_rsUser.Close

Response.Redirect(MM_redirectLoginSuccess)

End If

MM_rsUser.Close

Response.Redirect(MM_redirectLoginFailed)

End If

%>

Result