Advertisement
Guest User

Untitled

a guest
Jun 8th, 2017
73
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASP 1.00 KB | None | 0 0
  1. Function AuthenticateUser()
  2.  
  3.         'Record SQL statement to find the entered student number
  4.     '   sql = "SELECT * FROM users WHERE userId= '" & Request.Form("user") & "'" and "Password= '" & Request.Form("pass") & "'"
  5.    
  6.     sql = "select * from users where userid=@CustLogin and password=@pword"
  7.     Set rs = Server.CreateObject("ADODB.RecordSet")
  8.         rs.cursorType = adOpenStatic
  9.         rs.Open sql, conn
  10.    
  11.             'Test to determine if a record was found.
  12.             If rs.RecordCount = 0 then
  13.                 Response.Write "[User ID not found]"
  14.                
  15.                
  16.             'check if user has has proper security level to change current record
  17.             'ElseIf rs("Level") > "3" then
  18.                 'Response.Write "You do not have access to this account. See Administrator."
  19.                 'closeall()
  20.             Else
  21.             Response.Redirect("logged_in_lol.asp")
  22.                 user = rs("userId")
  23.                 admin = rs("Admin")
  24.                
  25.                     if admin = "1" Then     'admin auth confirmed
  26.                     Session("Admyn")    =   "1"
  27.                     End If
  28.                    
  29.                     'Response.Redirect("logged_in_lol.asp")
  30.                    
  31.             End If
  32. End Function
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement