Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Function AuthenticateUser()
- 'Record SQL statement to find the entered student number
- 'sql = "SELECT * FROM users WHERE userId= '" & Request.Form("user") & "'"
- 'sql = "SELECT * FROM users WHERE password= '" & Request.Form("pword") & "'"
- Dim command As New SqlCommand(sql, conn)
- sql = "select * from users where userid=@CustLogin and password=@pword"
- Set rs = Server.CreateObject("ADODB.RecordSet")
- rs.cursorType = adOpenStatic
- 'rs.Open sql, conn
- conn.Open() command.ExecuteNonQuery() conn.Close()
- 'Test to determine if a record was found.
- If rs.RecordCount = 0 then
- Response.Write "[User ID not found]"
- 'check if user has has proper security level to change current record
- 'ElseIf rs("Level") > "3" then
- 'Response.Write "You do not have access to this account. See Administrator."
- 'closeall()
- Else
- user = rs("userId")
- Session("Admyn") = rs("Admin")
- End If
- Response.Redirect("logged_in_lol.asp")
- 'End If
- End Function
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement