ok. Im making an updating area for my bands site.
i think something is really wrong with my code. Im a newb, so dont be TOO harsh on myy coding
this is tha page where you log in
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"[http://www.w3.org/TR/html4/loose.dtd](http://www.w3.org/TR/html4/loose.dtd)">
<html>
<head>
<link rel="stylesheet" type="text/css" href="standard.css">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Dinkum : Admin</title>
</head>
<%
method = Request.QueryString("s")
Select Case s
Case "badinfo"
%>
<table width="750" height="279" border="0">
<tr>
<td width="210" valign="top"><div class="module" id="side"><img src="images/menu.gif" width="162" height="34"><br>
<a href="default.asp">Home</a><br>
<a href="news">News</a><br>
<a href="../street">Street Team</a><br>
<a href="../list">Mailing List</a><br>
</div></td>
<td width="530" valign="top"><div class="module" id="main"><strong>Error : Invalid Username or Password. <br>
<br>
</strong>
<form action="logincheck.asp" method="post" name="login" id="login">
<table width="163">
<tr>
<td width="59">Username : </td>
<td width="92">
<input name="username" type="text" id="username" size="15">
</td>
</tr>
<tr>
<td width="59">Password : </td>
<td><input name="password" type="password" id="password" size="15"></td>
</tr>
</table>
<input name="go" type="submit" class="module" id="go" value="go">
</form>
<strong><br>
</strong>
</div></td>
</tr>
</table>
</div>
<%
CASE "loggedin"
%>
<%
set username = Session("username")
%>
<table width="750" height="279" border="0">
<tr>
<td width="210" valign="top"><div class="module" id="side"><img src="images/menu.gif" width="162" height="34"><br>
<a href="default.asp">Home</a><br>
<a href="news">News</a><br>
<a href="../street">Street Team</a><br>
<a href="../list">Mailing List</a><br><br>
<img src="images/news.gif" width="161" height="28"><br>
<a href="add.asp">Add a News Update</a> <br>
<a href="edit.asp">Edit a News Update</a><br>
<a href="delete.asp">Delete a News Update</a> <br>
</div></td>
<td width="530" valign="top"><div class="module" id="main"><strong>Welcome to Dinkum's Updating Control Panel, <%Response.Write ""& username &"" %>
.</strong><strong><br>
</strong>
</div></td>
</tr>
</table>
</div>
<%
Case else
%>
<table width="750" height="279" border="0">
<tr>
<td width="210" valign="top"><div class="module" id="side"><img src="images/menu.gif" width="162" height="34"><br>
<a href="default.asp">Home</a><br>
<a href="news">News</a><br>
<a href="../street">Street Team</a><br>
<a href="../list">Mailing List</a><br>
</div></td>
<td width="530" valign="top"><div class="module" id="main"><strong>Login to Dinkum's Updating Control Panel.<br>
<br>
</strong>
<form action="logincheck.asp" method="post" name="login" id="login">
<table width="163">
<tr>
<td width="59">Username : </td>
<td width="92">
<input name="username" type="text" id="username" size="15">
</td>
</tr>
<tr>
<td width="59">Password : </td>
<td><input name="password" type="password" id="password" size="15"></td>
</tr>
</table>
<input name="go" type="submit" class="module" id="go" value="go">
</form>
<strong><br>
</strong>
</div></td>
</tr>
</table>
</div>
<%
end select
%>
</body>
</html>
then this is the logincheck.asp page
<html>
<head>
<%
username = Request.Form("username")
password = Request.Form("password")
Set Conn = Server.CreateObject("ADODB.Connection")
lpath = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("main.mdb")
Conn.Open(lpath)
set RS = Server.CreateObject("ADODB.Recordset")
RS.Open "SELECT username, password, level FROM members WHERE username LIKE"& username &"AND password LIKE "& password &";", Conn
If Not(RS.EOF) then
Session("username") = RS("username")
Session("login") = "1"
Session("level") = RS("level")
Response.Redirect("default.asp?s=loggedin")
ELSE
Response.Redirect("default.asp?s=badinfo")
RS.close
set Rs = nothing
Conn.close
set Conn = nothing
%>
</head>
<body>
</body>
</html>
its probably ALL wrong.
thanks for any help,
-Naaman
