<% option explicit Response.Buffer = true session("company_id") = "" dim conn dim ssql dim verify_rs dim sUsername dim sPassword %>

<% sUsername = Request.Form("company_username") sPassword = lcase(Request.Form("company_password")) ssql = "select * from tbl_company where company_username ='" & sUsername & "'" set verify_rs = server.CreateObject("ADODB.Recordset") verify_rs.Open ssql,conn,3,3 if verify_rs.EOF then session("company_id") = "" Response.Write ("") Response.Write ("SORRY, PASSWORD ERROR") Response.Write (" CLICK HERE TO RETRY") else If sPassword = verify_rs("company_password") then session("company_account_expire_date") = cdate(verify_rs("company_account_expire_date")) if date() >= cdate(session("company_account_expire_date")) then Response.Redirect "notice.asp" else session("company_id") = verify_rs("company_id") session("company_currency_format") = verify_rs("company_currency_format") session("company_email") = verify_rs("company_email") Response.Cookies("store_serial_number") = Request.Form("store_serial_number") ssql = "update tbl_company set company_website_last_update = '" & date() & " " & hour(now) & ":" & minute(now) & "'" conn.execute ssql Response.Redirect "main.asp" end if else session("company_id") = "" if request.Cookies("login_from") = "browser" then Response.Redirect "../../../index.asp?msg=SORRY, PASSWORD ERROR." else Response.Redirect "../../../client.asp?msg=SORRY, PASSWORD ERROR." end if end if end if verify_rs.close set verify_rs = nothing %>

<% conn.Close set conn = nothing %>