<%Option Explicit%> <% Dim mode, reDir, errMsg mode= Request.QueryString("mode") & "" errMsg= Request.QueryString("ERR") & "" reDir= Request.QueryString("redir") & "" if Len(reDir)= 0 then reDir= Request.Form("hdnRedir") & "" End if if Len(reDir)= 0 then reDir= "../index.asp" elseif reDir= "RESERV" then reDir= "../reserv/reserv03.asp" elseif reDir= "RESERV_INFO" Then reDir= "../reserv/reserv_info.asp" end if if(mode= "CHECK") then Dim oConn, oCmd, oParam, strId, strPw, strReturn strId= Request.Form("txtId") & "" strPw= Request.Form("txtPw") & "" Call ConnectionDb(oConn) Call CmdConnection("sp_loginCheck", oCmd, oConn) set oParam= oCmd.CreateParameter("@id", adVarChar, adParamInput, 50, strId ) oCmd.Parameters.Append oParam set oParam= oCmd.CreateParameter("@pw", adVarChar, adParamInput, 50, strPw) oCmd.Parameters.Append oParam set oParam= oCmd.CreateParameter("@return", adVarChar, adParamOutput, 10) oCmd.Parameters.Append oParam oCmd.Execute strReturn= oCmd.Parameters("@return").Value Set oParam= nothing if strReturn= "MEMBER" then Dim sql, rs Call CmdConnection("sp_getMemberInfo", oCmd, oConn) set oParam= oCmd.CreateParameter("@id", adVarChar, adParamInput, 50, strId) oCmd.Parameters.Append oParam Set rs= oCmd.execute Session("nId")= rs("nId") Session("nName")= rs("nName") Session("LEVEL")= rs("nClassLevel") & "" Set oCmd.ActiveConnection= nothing rs.Close Set rs= nothing oConn.Close Set oConn= nothing Response.redirect reDir else reDir= "logIn.asp?ERR=" & strReturn oConn.close Set oConn= Nothing Response.Redirect reDir end if end if %>