<% Dim objConn Set objConn = Server.CreateObject("ADODB.Connection") objConn.open dsn If Session("blnValidaUsuario") = True and Session("Admin_ID") = "" Then Dim rsPersonIDCheck Set rsPersonIDCheck = Server.CreateObject("ADODB.Recordset") Dim strSQL strSQL = "SELECT * FROM tbllogin WHERE usuariologin = '" & replace(Session("Admin_ID"), "'", "") & "';" 'response.write strSQL rsPersonIDCheck.Open strSQL, objConn If rsPersonIDCheck.EOF Then Session("blnValidaUsuario") = False Else Session("Admin_ID") = rsPersonIDCheck("Admin_ID") End If rsPersonIDCheck.Close Set rsPersonIDCheck = Nothing End If Dim strID, strPassword, adminform, senhaform strID = Trim(Request.form("Admin_ID")) strPassword = Trim(Request.form("Admin_pwd")) Dim rsUsers set rsUsers = Server.CreateObject("ADODB.Recordset") strSQL = "SELECT * FROM tbllogin WHERE usuariologin = '" & replace(strID, "'", "") & "';" 'response.write strsql rsUsers.Open strSQL, objConn,2,2 If rsUsers.EOF Then Session("tentativas") = Session("tentativas") + 1 Session("Admin_ID") = Request.form("Admin_ID") Response.Redirect "/site/scripts/default.asp" Else While Not rsUsers.EOF If UCase(rsUsers("usuariosenha")) = UCase(replace(strPassword, "'", "")) Then Session("Admin_ID") = rsUsers("usuariologin") Session("EstaLogado") = True Session("blnValidaUsuario") = True Session("Nivel") = rsUsers("usuariopermissao") 'atualiza o ultimo login rsUsers("usuarioultimologin") = now() rsUsers("usuariostatus") = true rsusers.update Response.Redirect "/site/scripts/comando.asp" Else rsUsers.MoveNext End If Wend Session("Admin_ID") = Request.form("Admin_ID") Session("tentativas") = Session("tentativas") + 1 Response.Redirect "/site/scripts/default.asp" End If 'destroi o recordset rsUsers.close set rsUsers= nothing 'se tentar entrar já com 3 tentativas... If Session("tentativas") = 3 Then Response.Redirect "/site/scripts/default.asp" End If %>