<!--#include file=conn.asp-->
<!--#include file="md5.asp"-->
<%
username=replace(trim(request("userah")),"'","")
password=md5(replace(trim(Request("passah")),"'",""))
set rs=server.createobject("adodb.recordset")
sql="select * from adminah where passah='"&password&"' and userah='"&username&"'"
'response.write ""&sql&""
response.write "用戶名或密碼錯誤"
response.write "<a href='javascript:onclick=history.go(-1)'>返回</a>" 
'	response.end
	rs.open sql,conn,1,1
 	if not(rs.bof and rs.eof) then
 		if passah=rs("password") then
			session("admin")="ah"
			Response.Redirect "manage.asp"
end if
end if
 rs.close
conn.close
set rs=nothing
set conn=nothing
%>