<%Response.Expires = -1 %> <%Response.ExpiresAbsolute = Now() - 1 %> <%Response.AddHeader "pragma", "no-cache" %> <%Response.AddHeader "cache-control", "private" %> <%Response.CacheControl = "no-cache" %> <% Response.Expires = -1000 Response.Buffer = True %> <% DIM user, text1, text2 DIM pwd con.Open strDSN text1=Replace(Request.Form("text1"),"'","''") text2=Replace(Request.Form("text2"),"'","''") dim sql sql = "select * from login where ten='" & text1 & "' and matkhau='" & text2 & "'" dim affectedRow rs.Open sql, con if not rs.EOF then session("login_ad") = "true" Response.Redirect "menu.asp" else Response.Redirect("other.asp") session("login_ad") = "false" end if rs.close %>