<% Response.Buffer=true %>
<!--#include file="../global_includes/global.asp"-->

<%
Dim myname
Dim mypassword
Dim returnName


myname = request.form("username")
mypassword = request.form("userpassword")

strSQL = "select u.*, g.group_access "&_
"from epcms_users u "&_
"inner join epcms_groups g on g.group_id = u.group_id "&_
"where u.user='" & myname & "'"

set rs = LoadRSFromDB(strSQL)
if rs.EOF then
	if len(myname)<1 then
		errorMsg = "No user name was entered"
		returnName = ""
	else
		errorMsg = "The user name you entered has not been recognised"
		returnName = ""
	end if
else
	if rs("Password") = mypassword then
		session("name") = rs("user")
		session("securitylevel") = rs("security_level")
		session("userAccess") = rs("group_access")
		session("userEmail") = rs("email_address")
		session("languageID") = 1
		session("openNodeString") = "1||" & webSiteHomepage_id & "||"
		
		response.redirect(websiteURL & "admin/ia.asp")
	else
		errorMsg = "The password you entered was incorrect"
		returnName = myname
	end if
end if
rs.close
set rs=nothing


response.redirect("default.asp?username=" & returnName & "&errorMsg=" & errorMsg)

%>