<% Dim rsUsers Set rsUsers = Server.CreateObject("ADODB.Recordset") rsUsers.Open "tblUsers", strConn, adOpenForwardOnly, adLockOptimistic, adCmdTable If Session("UserID") <> "" Then ' currently logged-on user rsUsers.Filter = "UserID = '" & Session("UserID") & "'" Else ' New session rsUsers.Filter = "EmailAddress = '" & Request.Form("email") & "'" & _ "AND Password = '" & Request.Form("password") & "'" If rsUsers.EOF Then ' User not found rsUsers.AddNew ' ...so add a new record ' Else ' Email address and password matched with DB records - ' In this case we'll allow this to update user's personal details End If End If ' write personal details to record rsUsers("Active") = True rsUsers("LastLogin") = Now rsUsers("LastNetAddress") = Request.ServerVariables("Remote_addr") rsUsers.Update ' update the database Dim strName, strValue ' create session variables For each strField in rsUsers.Fields strName = strField.Name strValue = strField.value Session(strName) = strValue Next Session("blnValidUser") = True ' declare that current user is validated Response.Redirect "MenuForRegisteredUsers.asp" %> <% rsUsers.Close Set rsUSers = Nothing Set strConn = Nothing %>