<% if request.form = "" then %>
Morris Pickering & Sanner - Admin
Morris Pickering & Sanner - Login
<% else%>
<%
if request.form("username") <> "" and request.form("password") <> "" then
sqltext = "SELECT * FROM Pword WHERE Username = '" & request.form("username") & "' AND Password = '" & request.form("password") & "'"
rs.Open sqltext, Conn
if NOT rs.BOF then
session("username") = request.form("username")
session("password") = request.form("password")
session("adminid") = rs("pid")
response.redirect "index.asp"
else
response.write "Invalid Username and Password!"
end if
rs.close
end if
Conn.close
end if
%>