<% dim tmpUserID,tmpPassword dim dbConn,sqlUsers,rsUsers,Ecode emp_code=session("ecode") set dbConn=Server.CreateObject("ADODB.Connection") dbConn.Open ConnectionString sqlUsers="select a.bldg,a.dgcode, b.* from dopt a,drawing b where a.EMP_CODE='"&emp_code&"' and (left(upper(a.dgcode),1)='N' or left(upper(a.dgcode),1)='A' or upper(a.dgcode)='B10' or upper(a.dgcode)='B05' or upper(a.dgcode)='B10' or upper(a.dgcode)='B25' or upper(a.dgcode)='C30' or upper(a.dgcode)='B20' or upper(a.dgcode)='B75' or upper(a.dgcode)='B15' or upper(a.dgcode)='C10' or upper(a.dgcode)='C98') and a.section=b.SEC_CODE" set rsUsers = dbConn.Execute(sqlUsers) If rsUsers.eof then rsUsers.Close dbConn.close set rsUsers=nothing set dbConn=nothing Session("Message") = "You are not authorised to Use this stationary request system .." %> <%Response.Write session("Message")&"Go Back"%> <% else Session("storesLoggedIn") = "yes" session("section")=rsusers("SEC_OFF_ID") session("section_cd")=rsusers("SEC_CODE") session("incharge")=rsusers("OFF_NAME") session("bldg")=rsusers("bldg") rsUsers.Close dbConn.close set rsUsers=nothing set dbConn=nothing Response.Redirect "storesmainmenu.asp" end if %>