<% DIM objConn DIM objRS DIM strSQL DIM theUsername DIM thePassword theUsername = Request.Form("myUsername") thePassword = Request.Form("myPassword") strSQL = "SELECT myLogons.myUsername,myLogons.myName,myLogons.mySurname " & _ "FROM myLogons WHERE myLogons.myUsername = '" & theUsername & "' AND myLogons.myPassword = '" & thePassword & "' ;" Set objConn = Server.CreateObject("ADODB.Connection") objConn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("billy.mdb") Set objRS = objConn.Execute(strSQL) If objRS.EOF Then %> <% Response.End End If Session("myUsername") = objRS("myUsername") Session("myName") = objRS("myName") Session("mySurname") = objRS("mySurname") objRS.Close Set objRS = Nothing objConn.Close Set objConn = Nothing Response.Redirect("../billy/billyPass.asp") %>