<% If strRegister = 0 Then Response.Redirect("../home/") %> <% Dim rsLogged__nUser rsLogged__nUser = "0" If (Request.Cookies("IWGalleryUserName") <> "") Then rsLogged__nUser = Request.Cookies("IWGalleryUserName") End If %> <% Dim rsLogged Dim rsLogged_numRows Set rsLogged = Server.CreateObject("ADODB.Recordset") rsLogged.ActiveConnection = MM_connIWGallery_STRING rsLogged.Source = "SELECT USE_ID, USE_NAME, USE_UPLOAD FROM USERS WHERE USE_NAME = '" + Replace(rsLogged__nUser, "'", "''") + "' AND USE_APPROVED = 1 AND USE_ACTIVE = 1" rsLogged.CursorType = 0 rsLogged.CursorLocation = 2 rsLogged.LockType = 1 rsLogged.Open() rsLogged_numRows = 0 %> <% If Request.Cookies("IWGalleryUserName") = "" Then ' workaround per evitare interferenze con l'upload dei files ' *** Validate request to log in to this site. MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString) MM_valUsername=CStr(Request.Form("NAME")) If MM_valUsername <> "" Then MM_fldUserAuthorization="USE_ACCESS" MM_redirectLoginSuccess="../pictures/default.asp" MM_redirectLoginFailed="../users/logout.asp?reason=Accesso negato" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_connIWGallery_STRING MM_rsUser.Source = "SELECT USE_ID, USE_NAME, USE_PASSWORD, USE_UPLOAD" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE USE_NAME='" & Replace(MM_valUsername,"'","''") &"' AND USE_PASSWORD='" & Replace(Request.Form("PASSWORD"),"'","''") & "' AND USE_APPROVED = 1 AND USE_ACTIVE = 1" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then set cmdHits = Server.CreateObject("ADODB.Command") cmdHits.ActiveConnection = MM_connIWGallery_STRING cmdHits.CommandText = "UPDATE USERS SET USE_HITS = USE_HITS + 1 WHERE USE_ID = " & MM_rsUser("USE_ID") & " AND USE_NAME = '" & MM_rsUser("USE_NAME") & "'" cmdHits.CommandType = 1 cmdHits.CommandTimeout = 0 cmdHits.Prepared = true cmdHits.Execute() ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername Response.Cookies("IWGalleryUserName") = MM_valUsername Response.Cookies("IWGalleryUserID") = MM_rsUser("USE_ID") Response.Cookies("IWGalleryUserUpload") = MM_rsUser("USE_UPLOAD") If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Response.Cookies("IWGalleryAccess") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And true Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If End If ' Request.Cookies("IWGalleryUserName") = "" %>

<% If rsLogged.EOF And rsLogged.BOF Then %> <% End If ' end rsLogged.EOF And rsLogged.BOF %> <% If Not rsLogged.EOF Or Not rsLogged.BOF Then %> <% If (rsLogged.Fields.Item("USE_UPLOAD").Value) = 1 Then %> <% End If %> <% End If ' end Not rsLogged.EOF Or NOT rsLogged.BOF %>

<% rsLogged.Close() Set rsLogged = Nothing %>