<% @ Language = VBScript %> <% Option Explicit With Response .Buffer = true .Expires = 0 .Clear End With %> <% Dim oAuth, bAuthorized Set oAuth = new DBAuthorization oAuth.ConnString = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("./pass.mdb") oAuth.ConnUser = "" oAuth.ConnPass = "" oAuth.UserName = request.form("user") oAuth.Password = request.form("pass") bAuthorized = oAuth.Authorized() Set oAuth = nothing If Request.ServerVariables("QUERY_STRING") = "logout" Then Session.Abandon Response.redirect "./accessdb.asp" End If if bAuthorized then session("authorized") = 1 ' welcome to the system If session("authorized") <> 1 then session("authorized") = 0 If session("authorized") <> 1 then Dim pageText pageText = pageText & "" & vbCrLf pageText = pageText & "" & vbCrLf pageText = pageText & "" & vbCrLf pageText = pageText & "" & vbCrLf & "" & vbCrLf response.write pageText response.end End If ' everything below this point has been secured by ASP ' and is restricted from casual viewing. ' On any other page, you would use the following block of ' code to check for authentication (remove comments when ' using in another file): ' If session("authorized") <> 1 then ' response.write "You are not allowed to view this page." ' response.end ' End If ' to log someone out, call the ' session.abandon ' method and the user will have to enter their user name and password to ' view the restricted page again. Response.Redirect "addressbook.asp" %>