<% session.Timeout="30" if request.Form("btnlogin")="登录" then username=request.Form("username") pwd=request.Form("password") sql="select LoginID,UserName,manager from [user] where LoginID = '"&username&"' and Password = '"&pwd&"'" set rs=server.CreateObject("adodb.recordset") rs.open sql,conn,1,1 if not rs.eof then session("LoginID")=rs("LoginID") session("UserName")=rs("UserName") Session("flag")=rs("manager") response.Redirect("index.asp") else end if end if %> Web-Office System