<!--#include file=conn.asp-->
<!--#include file="encrypt.asp"-->
<%
username=replace(trim(request("username")),"'","")
password=md5(replace(trim(Request("pass")),"'",""))
set rs=server.createobject("adodb.recordset")
sql="select * from super where pass='"&password&"' and user='"&username&"'"
'response.write ""&sql&""
response.write "你輸入的用戶名或密碼錯誤，請"
response.write "<a href='javascript:onclick=history.go(-1)'>返回</a>" 
'	response.end
	rs.open sql,conn,1,1
 	if not(rs.bof and rs.eof) then
 		if pass=rs("password") then
			session("admin")="ok"
			Response.Redirect "add.asp"
end if
end if
 rs.close
conn.close
set rs=nothing
set conn=nothing
%>