<% action=Request("action") if action = "logout" then Session("user_id")="" Session("fullname")="" Response.Redirect Request.ServerVariables("HTTP_REFERER") end if If action="" AND session("user_id") = "" AND NOT Request("inpSubmit")="Login" then displayLoginForm Request.ServerVariables("HTTP_REFERER"),"" End If If action="" AND NOT session("user_id")="" then displayLogout() End If if action = "login" then sEmail = Request("inpEmail") sPassword = Request("inpPassword") sTarget = Request("inpTarget") set adoCn = createobject("ADODB.Connection") adoCn.Open strConn set adoRs = Server.CreateObject("ADODB.Recordset") adoRs.Open "SELECT * FROM users where email='"& sEmail &"'", adoCn, 1 If adoRs.recordcount = 0 then adoRs.close adoCn.close set adoRs=nothing set adoCn=nothing displayLoginForm sTarget,"Wrong Email!" response.end end if if adoRs("password") = sPassword then Session("user_id") = adoRs("user_id") Session("fullname") = adoRs("fullname") adoRs.close adoCn.close set adoRs=nothing set adoCn=nothing if Not sTarget="" then Response.Redirect sTarget else displayLogout() end if else adoRs.close adoCn.close set adoRs=nothing set adoCn=nothing displayLoginForm sTarget, "Wrong Password!" response.end end if end if sub displayLoginForm(sTarget,sMsg) %>
<%=sMsg%> Login - Korektiv
Email:
Password:
<% } end sub sub displayLogout() %>
MANAGE WEBSITE

Logout
<% end sub %>