<% Session.timeout = 40 If IsObject(Session("umacus_conn")) Then Set conn = Session("umacus_conn") Else Set conn = Server.CreateObject("ADODB.Connection") conn.open "umacus","","" Set Session("umacus_conn") = conn End If varUserName = LCase(Trim(Request("Username"))) varUserName = Replace(varUserName, "@umacus.com", "") varPassword = Trim(Request("Password")) varUserName = Replace(varUserName, "'", "''") varPassword = Replace(varPassword, "'", "''") If Trim(varUserName) = "" then varUserName = "NoLoginNameGiven" End If If Trim(varPassword) = "" then varPassword = "NoPasswordGiven" End If Session("UserLoggedIn") = "False" sql = "SELECT * FROM tblUsers WHERE UserName='" & varUserName & "' and Password='" & varPassword & "'" Set rs = Server.CreateObject("ADODB.Recordset") rs.Open sql, conn, 3, 3 If rs.RecordCount <> 0 then rs.MoveFirst Session("UserID") = Trim(rs("ID")) Session("UserName") = Trim(rs("UserName")) Session("UserFirstName") = Trim(rs("FirstName")) Session("UserLastName") = Trim(rs("LastName")) Session("AccessLevel") = Trim(rs("AccessLevel")) Session("UserEmail") = Trim(rs("Email")) Session("UserPhone") = Trim(rs("Phone")) '=========================================================================================================================== ' Check Number of Logins and Increment NumLogins and LoginDate in tblUsers '=========================================================================================================================== varNumLogins = Trim(rs("NumLogins")) varDateLogin = Date() IF IsNumeric(varNumLogins) then varNumLogins = Int(varNumLogins) varNumLogins = varNumLogins + 1 Else varNumLogins = 1 End If SQL = "UPDATE tblUsers SET NumLogins = '" & varNumLogins & "', DateLogin = '" & varDateLogin & "' WHERE ID = '" & Session("UserID") & "' " Set rs2 = Conn.Execute(SQL) '=========================================================================================================================== '=========================================================================================================================== '=========================================================================================================================== Session("UserLoggedIn") = "True" Else Session("UserLoggedIn") = "False" End If set rs = Nothing if Session("UserLoggedIn") = "True" then Response.Redirect "welcome.php" Else Session("UserLoggedIn") = "False" Response.Redirect "login.php?Flag=Fail" End IF %>