<!--#include file="conn.asp"--> 
<%
dim name,pass, exec, rs
name=encodestr(request.form("name"))
pass=encodestr(request.form("pass"))

exec="select * from blyh where name='"&name&"' and pass='"&pass&"' and bz=1"
Set RS = Server.CreateObject("ADODB.RecordSet") 
rs.Open exec, Conn, 1, 1
if rs.eof then
	rsclose()
	connclose()
	session("errmsg")="管理员账号错误！！！"
	response.redirect "admin_error.asp"
end if
rsclose()
connclose()
response.cookies("gbook")("username")=name
response.cookies("gbook")("password")=pass
session("bz")="bz"
response.redirect "admin_const.asp"
%>