<%
if request("action")="edit" then
username1=request.Cookies("username1")
passwordold=trim(request("passwordold"))
passwordnew=trim(request("passwordnew"))
set isrs=server.CreateObject("adodb.recordset")
isrs.open "select password from [user] where username='"&request.Cookies("username")&"'",conn,1,1
if isrs.bof and isrs.eof then
response.Write("")
else
ismm=isrs(0)
if ismm=username1 then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from [user] where username='"&request.Cookies("username")&"'",conn,1,3
rs("password")=passwordnew
rs.update
rs.close
set rs=nothing
response.Write("")
else
response.Write("")
end if
end if
end if
%>
