<% if Session("memberstatus") <> "web-admin" and Session("memberstatus") <> "web-staff" then response.redirect "_execlogout.asp" else set rs = Conn.execute("SELECT * FROM login WHERE (login = '"& Session("loginname") &"') and (password= '" & Session("loginpasswd") & "')") if rs.eof then response.redirect "_execlogout.asp" end if end if %>