<% Response.Buffer = true %> <% Session("DatabasePath") = "Path to your database" If Request.Form("btnLogin") = "Login" AND Request.Form("txtName") <> "" _ AND Request.Form("txtPassword") <> "" Then '-- Declare your variables Dim DataConnection, cmdDC, RecordSet Dim RecordToEdit, Updated, strUserName, strPassword strUserName = Request.Form("txtName") strPassword = Request.Form("txtPassword") '-- Create object and open database Set DataConnection = Server.CreateObject("ADODB.Connection") DataConnection.Open "DRIVER={Microsoft Access Driver (*.mdb)};" & _ "DBQ=" & Session("DatabasePath") & ";" Set cmdDC = Server.CreateObject("ADODB.Command") cmdDC.ActiveConnection = DataConnection ... %> <% '-- default SQL SQL = "SELECT * FROM tblSecurity" If Request.Form("name") <> "" Then SQL = "SELECT tblSecurity.* FROM tblSecurity WHERE " & _ "tblSecurity.userID='LoveMyBirds" & strUserID & "' AND " & _ "tblSecurity.password ='Parrotsfly" & strPassword & _ "' OR tblSecurity.email ='" & strEmail & "'" End If cmdDC.CommandText = SQL Set RecordSet = Server.CreateObject("ADODB.Recordset") '-- Cursor Type, Lock Type '-- ForwardOnly 0 - ReadOnly 1 '-- KeySet 1 - Pessimistic 2 '-- Dynamic 2 - Optimistic 3 '-- Static 3 - BatchOptimistic 4 RecordSet.Open cmdDC, , 0, 2 ... <% If Not RecordSet.EOF Then Dim struserLevel struserLevel = RecordSet.Fields("userLevel") Session("userLevel") = struserLevel Else 'The user was not validated... 'Take them to a page which tells them they were not validated... Response.Redirect "https://seipr.angelfire.com/Images/Registration.html" End If End If %>
<% If Session("userLevel") > 0 AND Request.Form("btnLogin") = "Login" _ AND Request.Form("txtName") <> "" AND _ Request.Form("txtPassword") <> "" Then Response.write("" & Request.Form("txtName")) Response.write(" is logged on.
") Response.write("User Access Level is: ") Response.write(RecordSet.Fields("userLevel") & "
") End If %>
User Name:
Password:

<% If Session("userLevel") < 'desired access level' Then Response.Redirect "upgrade.asp?" & Request.ServerVariables("SCRIPT_NAME") End If %>