<%
if Request("login")<>"" then
username=Request("username")
set Rs_login=conn.Execute("select * from [user] where username='"&username&"'")
if Rs_login.EOF=false then
if Rs_login("Password")=Request("Password") then
response.Cookies("username")=Rs_login("username")
response.Cookies("username").Expires=Date+1
response.Cookies("Purview")=Rs_login("Purview")
response.Cookies("Purview").Expires=Date+1
response.redirect("index.asp")
else
response.Write("")
'msg="密码错误!"
end if
else
response.Write("")
'msg="无此用户名!"
end if
Rs_login.close
set Rs_login=nothing
end if
%>