<!--#include file="dsn.asp"-->
<%
	Dim objConn
	Set objConn = Server.CreateObject("ADODB.Connection")
	objConn.open dsn

	If Session("blnValidUser") = True and Session("admin_user") = "" Then
		Dim rsPersonIDCheck
		Set rsPersonIDCheck = Server.CreateObject("ADODB.Recordset")
		Dim strSQL
		strSQL = "SELECT * FROM Settings WHERE admin_user = '" & Session("admin_user") & "';"
		rsPersonIDCheck.Open strSQL, objConn
		If rsPersonIDCheck.EOF Then
			Session("blnValidUser") = False
		Else
			Session("admin_user") = rsPersonIDCheck("admin_user")
		End If
		rsPersonIDCheck.Close
		Set rsPersonIDCheck = Nothing
	End If


	Dim strID, strPassword
	strID = Request("admin_user")
	strPassword = Request("Password")

	Dim rsUsers
	set rsUsers = Server.CreateObject("ADODB.Recordset")
	strSQL = "SELECT * FROM Settings WHERE admin_user = '" & strID & "';"
	rsUsers.Open strSQL, objConn

	If rsUsers.EOF Then
		Session("admin_user") = Request("admin_user")
		Response.Redirect "default.asp?SecondTry=True"
	Else
		While Not rsUsers.EOF
			If UCase(rsUsers("admin_pass")) = UCase(strPassword) Then
				Session("admin_user") = rsUsers("admin_user")
				Session("isLoggedIn") = True
				Session("blnValidUser") = True
				Response.Redirect "main.asp"
			Else
				rsUsers.MoveNext
			End If
		Wend
		Session("admin_user") = Request("admin_user")
		Response.Redirect "default.asp?SecondTry=True&WrongPW=True"
	End If
%>
<!--#include file="dsn2.asp"-->