hello..
i want to create the delete page with security by using session.i wan to put the data into session and if the password match in the database,it will delete the record..i am having problem with this.could someone help me.
thanx

basically, you'll need a login page for admin restriction only. is that what u want?

yes..the first thing is login..but when i want to edit or delete the record,it will also required such as a login.when user edit the data,then the at the bottom of the page,there will be something like login.when the password inserted is correct the record will be deleted or edited..that part that im stuck with.

what you need is an admin control that allows you to delete/edit records.

here's the code:

note:

Session("nick" is a variable that will determine bet guest and admin users. you can use any other types of record value such as password, username, etc...

LOGIN_VERIFY.ASP
================
<%
Dim conn,Rs,constr
Dim gUser,gPass,gNick

Set conn = Server.CreateObject ("ADODB.Connection"
Set Rs = Server.CreateObject ("ADODB.RecordSet"
constr="Provider=Microsoft.Jet.OLEDB.4.0; Data Source="&_
Server.MapPath ("USERS.MDB"
conn.Open(constr)


Dim user,pass,nick,log_user

user = Trim(Replace(Request.Form("gbUsername","""","""""")
pass = Trim(Replace(Request.Form("gbPassword","""","""""")

Session("log_user" = user

Validated_Form = TRUE

If Len(user) = 0 Then
Validated_Form = FALSE
End If

If Len(pass) = 0 Then
Validated_Form = FALSE
End If

If NOT Validated_Form Then
Session("logErr" = ""
response.redirect "login.asp"

Else

'Filter query
rs.Open "SELECT * FROM USERS where Trim(LCASE(username))='"& Trim(LCASE(user)) & "'", conn, 1

If rs.EOF and rs.BOF then 'No username found

rs.Close
set rs=nothing

Session("logErr" = "nousername"
Response.redirect "login.asp"

Else

If Trim(LCASE(rs("password")) = Trim(LCASE(pass)) Then
Session("logErr" = ""
Session("nick" = rs("nickname" & rs("ID"
Response.redirect "members.asp" 'valid username and password
Else
Session("logErr" = "invalid"
Response.redirect "login.asp"
End If

End If

End If
%>



LOGIN.ASP
=====================
<%
Session("errMsg" = ""
%>
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#FFFFFF" text="#000000">
<br><br><br><br><br>
<form method="post" action="login_verify.asp">
<table width="261" align=center border="0" cellpadding="0" cellspacing="1" bgcolor="#333333">
<tr>
<td width="259" height="173" valign="top">
<table width="100%" border="0" cellpadding="5" cellspacing="1" bgcolor="#000000">
<tr bgcolor="#990000">
<td valign="middle" height="26" colspan="2" align="center"><font face="Tahoma" size="2"><b><font color="#FFFFFF">Members
Area</font></b></font></td>
</tr>
<tr bgcolor="#CCCCCC">
<td width="59" valign="middle" height="38" bgcolor="#FFFFFF" align="left"><font face="Tahoma" style="font-size:8pt">Username:</font></td>
<td width="177" valign="middle" bgcolor="#FFFFFF" align="left">
<input type="text" name="gbUsername" size="20" maxlength="20">
</td>
</tr>
<tr>
<td valign="middle" height="38" bgcolor="#FFFFFF" align="left"><font face="Tahoma" style="font-size:8pt">Password:</font></td>
<td valign="middle" bgcolor="#FFFFFF">
<input type="password" name="gbPassword" size="20" maxlength="20">
</td>
</tr>
<tr>
<td valign="top" height="43" bgcolor="#FFFFFF"> </td>
<td valign="middle" bgcolor="#FFFFFF">
<input type="submit" name="Submit" value="Login">
<%
If Session("logErr" = "nousername" Then
Session("errMsg" = "autosign"
response.redirect "signup.asp"
End If

If Session("logErr" = "invalid" Then
Response.write "<font face=tahoma style=font-size:8pt>" & "Invalid password!" & "</font>"
End If
%>
</td>
</tr>
<tr bgcolor="#FFFFFF">
<td height="23" colspan="2" valign="top"><font face="Tahoma" style="font-size:8pt">Don't
have a account yet? <a href="signup.asp" target="_parent">Sign up
here</a></font></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
</body>
</html>


MEMBERS.ASP
===========
<%

If Session("nick" = "" Then
response.write "This page is for admin only!"
Else
response.write "Welcome!"

End If

%>


LOGOUT.ASP
============
<%

Session("nick" = ""
%>

thanks..i'll try..
sorry for the late reply.

emm...
im a little bit lost..i think..
my database name is HardwareInventory.mdb
the field is staffID,staffName,staffPass,security.
im using the wizard in DMX...
i don't know how to implement your code.can you give me some guide on this.

ok..the code you gave was succesfully created my login page.but,i got error..they was a pop up msg after the login successful..it say,ie cannot open the internet site localhost/gimshardware/index.asp..after i click the button ok..it does go to my page..
my page use frame...all of the frame retrieve the pages that i want but only the header that doesn't.
for your information.my web application hav 3 user,admin that hav full control,user that have certain control which is add and edit.those two users have record in the database.the third user user is guest which only can view.