|
<%
Dim strURL
Dim cnnSearch
Dim rstSearch
Dim strDBPath
Dim strSQL
Dim strUname
strURL = Request.ServerVariables("URL")
strUname = Request.QueryString("uname")
%>
<%
if strUname <> "" then
strDBPath = Server.MapPath("accounts.mdb")
Set cnnSearch = Server.CreateObject("ADODB.Connection")
cnnSearch.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & strDBPath & ";"
strSQL = "SELECT * " _
& "FROM accounts " _
& "WHERE username = '" & strUname & "'; " '_
'& "and status <> 'pending' ;"
Set rstSearch = cnnSearch.Execute(strSQL)
dim strDBPath1
Dim cnnSearch1
Dim rstSearch1
strDBPath1 = Server.MapPath("accounts.mdb")
Set cnnSearch1 = Server.CreateObject("ADODB.Connection")
cnnSearch1.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & strDBPath1 & ";"
if not rstSearch.EOF then
if rstSearch.Fields("status").Value <> "pending" then
strSQL = "SELECT * " _
& "FROM account_info " _
& "WHERE user_id = " & rstSearch.Fields("user_id").value & ";"
Set rstSearch1 = cnnSearch1.Execute(strSQL)
response.Redirect "password2.asp?id=" & rstSearch.Fields("user_id").value & "&question=" & rstSearch1.Fields("question").value
rstSearch1.Close
Set rstSearch1 = Nothing
cnnSearch1.Close
Set cnnSearch1 = Nothing
response.Write(rstSearch.Fields("status").value)
else
%>
<% response.write "ERROR: USERNAME NOT YET ACTIVITATED" %>
<%
end if
else
%>
<% response.write "ERROR: USERNAME NOT REGISTERED" %>
<%
end if
rstSearch.Close
Set rstSearch = Nothing
cnnSearch.Close
Set cnnSearch = Nothing
Else
%>
<% response.write "PLEASE ENTER USERNAME" %>
<%
End If
%>
|
