<%@ LANGUAGE=VBScript%> <% Response.Buffer=True Response.Expires="-1" Response.CacheControl = "no-cache" Response.AddHeader "Pragma", "no-cache" Dim username Dim tmpUsername Dim password Dim tmpPassword Dim rs Dim errore username = Trim(CStr(Request.Form("username"))) password = Trim(CStr(Request.Form("password"))) if username <> "" then OpenConn() tmpUsername = Replace(username, "'", "''") tmpPassword = Replace(password, "'", "''") sql = "SELECT * FROM utenti WHERE username LIKE '" & tmpUsername & "' AND password = '" & tmpPassword & "'" errore = 0 ' Set rs = ADOConn.Execute(sql) Set rs = Server.CreateObject("ADODB.Recordset") rs.cursorlocation = 2 err.clear rs.open sql, ADOConn if not (rs.EOF or rs.bof) then Session.Timeout = 25 Session("username") = CStr(rs("username")) Session("ruolo") = CStr(rs("ruolo")) rs.Close else errore = 1 end if Set rs=nothing CloseConn() Set ADOConn = nothing if errore=0 then Response.Redirect("./intro.htm") end if end if %>

<%if errore then%> <%end if%>