<%
if request.form("action")="login" then
if (request.form("username") = "haineshunter" and request.form("password") = "pante18") OR (request.form("username") = "johnhaber" and request.form("password") = "john007") OR (request.form("username") = "edwincole" and request.form("password") = "edwinhh01")then
session.Timeout = 500
session("admin") = true
response.redirect "production.asp"
end if
dim strSQL
'Check to see if username already exists
strSQL = "SELECT DealerID FROM TblDealers WHERE "&_
"Username = " & rsString(request.form("username")) & " AND "&_
"Password = " & rsString(request.form("password"))
dim arrUser
arrUser = execSQL_arrRs(strSQL)
if isArray(arrUser) then
session("dealerID") = arrUser(0,0)
session.Timeout = 500
response.write session("dealerID")
response.redirect "dealer_production.asp"
else
dim strMsg
strMsg = ""
end if
else
session.Abandon()
end if
%>
Login
<%=strMsg%>
