<% dim strErrorLink strErrorLink=Request.QueryString("Redirect") %> <% dim adoCn dim strSQL set adoCn = Server.CreateObject("ADODB.Connection") adoCn.Open strConn strSQL = "SELECT * FROM Login WHERE LoginName = '" & Request.form("txtLoginName") & "' " Set adoRS = adoCn.Execute(strSQL) Do While Not adoRs.EOF dim strLoginID, strLoginName, strFullName, strEmail, strAccessLevel strLoginID= adoRS("LoginID") strLoginName = adoRS("LoginName") strActiveLogin = adoRS("Active") strFullName = adoRS("FullName") strEmail = adoRS("Email") strAccessLevel= adoRS("AccessLevel") response.cookies("LoginID") = strLoginID response.cookies("LoginName") = strLoginName response.cookies("ActiveLogin") = strActiveLogin response.cookies("FullName") = strFullName response.cookies("Email") = strEmail response.cookies("AccessLevel") = strAccessLevel Session.Timeout=20 Session("LoginID")=strLoginID Session("LoginName")=strLoginName Session("ActiveLogin")=strActiveLogin Session("FullName")=strFullName Session("Email")=strEmail Session("AccessLevel")=strAccessLevel Dim strRedirectURL,strServerName strRedirectURL=Request.Form("txtRedirect") strServerName=Request.Servervariables("Server_name") If Lcase(Request.Form("txtLoginName")) = Lcase(adoRS("LoginName")) AND Lcase(Request.Form("txtChoosePassword")) = Lcase(adoRS("ChoosePassword")) Then if strRedirectURL="" Then IF Session("AccessLevel")="Admin" Then Response.redirect("pagesadmin.asp") End IF IF Session("AccessLevel")="Author" Then Response.redirect("loginlisteadmin.asp?LoginName="&Session("LoginName")) End IF Response.redirect("listeclient.asp") Else Response.redirect("http://"&strServerName&strRedirectURL) End IF Else Session("StrMessage") ="Votre Mot de passe ou votre identifiant ne correspondent pas" Response.redirect("Login.asp?Redirect="&strRedirectURL) End If adoRS.MoveNext Loop Session("StrMessage") ="Entrez votre identifiant et votre mot de passe" OnError response.Redirect ("login.asp") adoRS.Close adoCn.Close set adoCn = Nothing %>