<%@ LANGUAGE = "VBScript" %> <% email=valid_sql(request.form("email")) pass=valid_sql(request.form("pass")) action=request.form("action") 'Check if user is already signed in if session("custid")<>"" and session("custid")<>null then response.redirect("deliver.asp") end if if action="signin" then set rsverify=db.execute("select * from customers where email='" & email & "'") if rsverify.eof then db.close set db=nothing response.redirect("signin.asp?msg=" & Server.URLEncode("We don't have any record of the email address you entered.
Please review the information you entered or register as a new user.")) end if if lcase(trim(rsverify("pass")))<>lcase(trim(request.form("pass"))) then db.close set db=nothing response.redirect("signin.asp?msg=" & Server.URLEncode("The entered the wrong password.
Please retype it and try again, or register as a new user.")) end if set rsdate=db.execute("update customers set lastvisit=#" & date() & " " & time() & "# where custid=" & rsverify("custid")) session("custid")=rsverify("custid") db.close set db=nothing response.redirect("deliver.asp") else response.redirect("register.asp") end if %>