<% @ Language=VBScript %>
<!--METADATA NAME="Microsoft ActiveX Data Objects 2.5 Library" TYPE="TypeLib" UUID="{00000205-0000-0010-8000-00AA006D2EA4}"-->
<%
Option Explicit
Dim strConn, bValidationFailed, strUsername, strPassword, strSQL, param, cmd, rs
strConn = "DSN=Verbindung"
Const nMaxUsernameLength = 20
Const nMaxPasswordLength = 10
bValidationFailed = False
If Request.ServerVariables("CONTENT_LENGTH") > 0 Then
strUsername = Trim(Request.Form("UName"))
strPassword = Trim(Request.Form("UPwd"))
strUsername = Left(strUsername, nMaxUsernameLength)
strPassword = Left(strPassword, nMaxUsernameLength)
strSQL = "SELECT rechte FROM User WHERE benutzer=? AND passwort=?"
Set cmd = Server.CreateObject("ADODB.Command")
cmd.CommandText = strSQL
cmd.CommandType = adCmdText
' Kein Parametername wird übergeben
Set param = cmd.CreateParameter("", adVarChar, adParamInput, nMaxUsernameLength, strUsername)
cmd.Parameters.Append param
Set param = cmd.CreateParameter("", adVarChar, adParamInput, nMaxPasswordLength, strPassword)
cmd.Parameters.Append param
cmd.ActiveConnection = strConn
Set rs = cmd.Execute()
If (Not rs.EOF And Not rs.BOF) Then
' --- hier können Sessions bzw. Cookies generiert werden
session("SURechte") = rs(0)
Response.Redirect "weiterseite.asp"
Response.End
Else
bValidationFailed = True
End If
End If
%>
<html>
<head>
<title>Logon</title>
<link rel="stylesheet" href="stylesheet.css" type="text/css">
</head>
<body class="body">
<table width="100%">
<tr><td align="center">
<table class="tbflat">
<tr class="td"><td valign="center" align="center" width="350">
<H1>Logon</H1>
<%
if bValidationFailed Then
Response.Write "<p><b>Login failed!</b></p>"
End If
%>
<p>
<form method="post" action="<%=Request.ServerVariables("SCRIPT_NAME")%>">
<table>
<tr><td class="smallertext">Username:</td><td><input name="uname" type=text value="501" size="20"></td></tr>
<tr><td class="smallertext">Password:</td><td><input name="upwd" type=password value="oscarbox" size ="20"></td></tr>
<tr><td colspan=2> <br><center><input type="submit" value="Enter secured area"></center></td></tr>
</table>
</form>
</p>
</td></tr></table>
</td></tr></table>
</BODY>
</HTML>