1..Apply
JS validation to the fields where you ask for the UN and PW
2..Post variables to a page
3..Then Do something like:
-----------Assumes you have an created a connection (conn)-----------
<% 'form variables posted to this page (UN & PW)
'is there a record in the DB that matches the variables
sql = "SELECT id,uName,pWord FROM userTable WHERE uName = '" & trim(request.form("name")) & "' AND pWord = '" & trim(request.form("pWord")) & "';"
'execute query
set getInfo = conn.execute(sql)
if getInfo.EoF then
'details not found - chuck em out
response.redirect("loginFailed.asp")
else
'details found - let em in
response.redirect("loggedIn.asp?uId=" & getInfo(0) & "")
end if
%>
-----------------------------------------------------------
Note : The ID of the user is in the getInfo(0) QS value
Wind is your friend
Matt