<%
if request.form("btSubmit")>"" then
'Read in the password and username from the form
Dim strUserName, strPassword
strUserName = Request.form("txtName")
strPassword = Request.form("txtPassword")
'Establish a database connection...
'Run your SQL query
Dim strSQL
'strSQL = "SELECT * FROM ValidUsers WHERE UserName = '" & strUserName & "' AND Password = '" & strPassword & "'"
if strUserName="oakleaf" and strPassword="flowers" then
session("username")=strUserName
session("password")=strPassword
'Run the query... (Conn is the name of the database connection)
'Dim rs
'Set rs = objConn.Execute(strSQL)
'If the recordset is not empty, the user is validated
'If Not rs.EOF Then
'We need to set bolAuthenticated as True!
Session("bolAuthenticated") = True
'Send the user to the URL they came from
Response.Redirect "default.asp"
Else
'The user was not validated...
'Take them to a page which tells them they were not validated...
'Response.Redirect "authenticate.asp"
Response.write "
You have entered an incorrect username and/or password. Try again.