% Response.Buffer = True sadmin= request.form("admin") sPwd= request.form("pwd") objConn.open ConnectString %> <% IF len(sadmin)=0 and len(sPwd)=0 then %>
AREA RISERVATA
<% else Set objRS =Server.createobject("ADODB.Recordset") sqlString = "SELECT * FROM tblAdmin WHERE admin='" & replace(sadmin,"'","''") & "' and password='" & replacE(spwd,"'","''") &"'" objRS.Open sqlString, objConn, adOpenStatic, adLockReadOnly, adCmdText if objRS.eof then %>AREA RISERVATA
Attenzione! UserId o password errati!
<% else session("userlogged")= True response.redirect("pannelloOfferte.asp" ) end if objRs.close End if objConn.close set objConn = nothing %>