<% if Session("email")="" or Session("password")="" then Response.Redirect("index.asp") set conn=Server.CreateObject("ADODB.Connection") conn.Provider="Microsoft.Jet.OLEDB.4.0" on error resume next conn.Open "c:\Inetpub\database\users.mdb" if err<>0 then Session("errormessage")=err.description Response.Redirect("errormessage.asp") end if set rs=Server.CreateObject("ADODB.recordset") rs.Open "Select * from users where email='" & session("email") & "'", conn if rs.EOF or rs.fields("auth")= False then rs.close conn.close Response.Redirect("http://www.undergroundguides.com") end if if Session("password") <> rs.fields("pass_word") then Session("action")="Wrong Password - " & Session("password") Response.Redirect("badpass.asp") end if Session("User_Name") = rs.fields("first_name") & " " & rs.fields("last_name") Session("action")="Successful Login" rs.close conn.close %>