<% Dim rsUsers Set rsUsers = Server.CreateObject("ADODB.Recordset") rsUsers.Open "tblUsers", strConn, adOpenForwardOnly, adLockOptimistic, adCmdTable If Session("UserID") <> "" Then ' currently logged-on user rsUsers.Filter = "UserID = '" & Session("UserID") & "'" Else ' New session rsUsers.Filter = "EmailAddress = '" & Request.Form("email") & "'" & _ "AND Password = '" & Request.Form("password") & "'" If rsUsers.EOF Then ' User not found rsUsers.AddNew ' ...so add a new record ' Else ' Email address and password matched with DB records - ' In this case we'll allow this to update user's personal details End If End If ' write personal details to record rsUsers("EmailAddress") = Request.Form("emailAddress") rsUsers("Password") = Request.Form("password") rsUsers("FirstName") = Request.Form("NameFirst") rsUsers("LastName") = Request.Form("NameLast") rsUsers("StreetAddress1") = Request.Form("StreetAddress1") rsUsers("StreetAddress2") = Request.Form("StreetAddress2") rsUsers("City") = Request.Form("City") rsUsers("State") = Request.Form("State") rsUsers("PostalCode") = Request.Form("PostalCode") rsUsers("Country") = Request.Form("Country") rsUsers("Active") = True rsUsers("LastLogin") = Now rsUsers("cQuestion") = Request.Form("Question") rsUsers("cAnswer") = Request.Form("Answer") rsUsers.Update ' update the database Dim strName, strValue ' create session variables For each strField in rsUsers.Fields strName = strField.Name strValue = strField.value Session(strName) = strValue Next Session("blnValidUser") = True ' declare that current user is validated Response.Redirect "MenuForRegisteredUsers.asp" %> <% rsUsers.Close Set rsUSers = Nothing Set strConn = Nothing %>