<%@ LANGUAGE="VBSCRIPT" %> <%Response.Buffer=TRUE%> <% If Request.querystring("mode") = "login" then Dim rsCheckUser Dim strSQL Dim strUserName strUserName = Replace(Request.Form("txtUserName"), "'", "''") Set rsCheckUser = Server.CreateObject("ADODB.Recordset") strSQL = "SELECT password, username FROM tblusers WHERE username ='" & strUserName & "'" rsCheckUser.Open strSQL, adoCon If NOT rsCheckUser.EOF Then If md5(Request.Form("txtUserPass")) = rsCheckUser("password") Then Session("userName") = rsCheckUser("username") Session("userAdmin") = 1 End If If Session("userName") = "sdksrl" Then Session("userLevel") = 1 End If If NOT Session("userName") = "sdksrl" Then Session("userLevel") = 0 End If Session("userCompany") = Session("userName") rsCheckUser.Close Set rsCheckUser = Nothing Set adoCon = Nothing Response.Redirect"downloadadmin.asp?mode=listdownload" End If rsCheckUser.Close Set rsCheckUser = Nothing Set adoCon = Nothing Session("userAdmin") = 0 Response.Redirect"default.asp" Else If Request.querystring("mode") = "logout" then Session("userAdmin") = false %>

You have been logged out.

User name:
Password:
	Recupera password

<% Else %>

User name:
Password:
	Recupera password

<% End If End If %>