<%@LANGUAGE="JAVASCRIPT" CODEPAGE="950"%> <% vName = Request.Form("staffID"); vPwd = Request.Form("password"); var rsLogin = Server.CreateObject("ADODB.Recordset"); rsLogin.ActiveConnection = MM_rsConnect_STRING; rsLogin.Source = "SELECT * FROM User WHERE StaffID = '" + vName + "'"; rsLogin.CursorType = 0; rsLogin.CursorLocation = 2; rsLogin.LockType = 1; rsLogin.Open(); var rsLogin_numRows = 0; var login_message= "welcom"; if (rsLogin.EOF){ login_message = "Login fail, Please try again"; }else{ if(rsLogin.Fields.Item("Password").Value == vPwd){ if (rsLogin.Fields.Item("State").Value == "Staff"){ Response.Redirect("userlogin.asp"); }else { Response.Redirect("adminlogin.asp"); } }else { login_message = "Login fail, Wrong Password"; } } %> Untitled Document Login <%= login_message %>

Staff ID:

Password:

<% rsLogin.Close(); %>