<%
Response.Buffer = True

Dim stradminpassword,stradminlogin
stradminpassword = "houseview"
stradminlogin = "railroad1"
%>
 <!--#INCLUDE VIRTUAL="/common/header.inc" --> 
<%
if Request.Form("Login") = stradminpassword AND Request.Form("Password") = stradminlogin then
        Response.Cookies("Webmaster") = "Validated"
        Response.Redirect("/admin/admin.asp")
End if

Dim password, login

password = Trim(Request.Form("Password"))
login = Trim(Request.Form("Login"))

 Dim MyFile

  MyFile = Server.MapPath("agentsecure.mdb")

Dim DataConnection, cmdDC, RecordSet, SQL


Set DataConnection = Server.CreateObject("ADODB.Connection")
DataConnection.ConnectionTimeout = 20
DataConnection.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & MyFile & ";"

Set cmdDC = Server.CreateObject("ADODB.Command")
cmdDC.ActiveConnection = DataConnection


SQL = "SELECT * FROM passwords" 

cmdDC.CommandText = SQL
Set RecordSet = Server.CreateObject("ADODB.Recordset")

RecordSet.Open cmdDC, , 2, 2


If Not RecordSet.BOF Then
RecordSet.MoveFirst
Do Until RecordSet.EOF

IF password = Trim(Recordset.Fields("Password")) and login = Trim(Recordset.Fields("Login")) then
	Session("houseviewlogin") = Recordset.Fields("Login")
	Session("houseviewpass") = Recordset.Fields("Password")
	Session("houseviewgroup") = Recordset.Fields("Grouping")
	Session("houseviewAbb") = Recordset.Fields("RealitorAbb")
	Session("houseviewBanner") = Recordset.Fields("Banner")
	Session("houseviewAgency") = Recordset.Fields("Agency")


response.Redirect("selectperiod_2.asp")
end if

RecordSet.MoveNext
Loop
End If

response.Redirect("invalid.asp")

RecordSet.Close
Set RecordSet = Nothing

Set cmdDC = Nothing
DataConnection.Close
Set DataConnection = Nothing 
%>