<%
Dim sScript, iAdminStatus
sScript = Request.ServerVariables("SCRIPT_NAME")
If NOT IsEmpty(Request.Form("Login")) Then
iAdminStatus = Check_Admin
If iAdminStatus = 1 Then
Session("Admin") = 1
Response.Redirect "loggedin.asp"
Else
Session("Admin") = 0
End If
End If
%>
<%
Function Check_Admin
Dim Rs, sSQL, sLogin, sPassword
sLogin = Replace(Request.Form("Login"), "'", "''")
sPassword = Replace(Request.Form("Password"), "'", "''")
sSQL = "SELECT * FROM tAdmin WHERE Login='" & sLogin & "' AND Password='" & sPassword & "' "
Set Rs = Server.CreateObject("ADODB.RecordSet")
Rs.Open sSQL, sDSN, adOpenForward, adLockReadOnly, adCmdText
If Rs.EOF Then
Check_Admin = 0
Else
Check_Admin = 1
End If
End Function
%>
