<% if (queryaction = "CHANGEPWD") then txtUser = request.form("txtUser") txtOldPassword = request.form("txtOldPassword") txtNewPassword = request.form("txtNewPassword") set rs = server.CreateObject("ADODB.Recordset") selsql = "select * from tblAccount where Username='" & txtUser &"' and Password='" & txtOldPassword &"'" rs.Open selsql,db,3 if rs.recordcount = 0 then response.Redirect("settings.asp?msg=wronguser") end if rs.close updsql = "update tblAccount set Password='" & txtNewPassword &"' where Username='" & txtUser &"' and Password='" & txtOldPassword &"'" response.write(updsql) db.execute(updsql) response.Redirect("responseform.asp?msg=pwdsucc") end if if (queryaction = "UPLOAD") then Set Upload = Server.CreateObject("Persits.Upload") Upload.Save 'Path = "uplodedfiles" Set File = Upload.Files("fileForm") 'File.SaveAs Path & "\" & File.FileName txtFilename = File.filename userid = upload.form("userid") processid = upload.form("processid") UploadDate = date() inssql = "INSERT INTO tblUpload(AccountId,UploadDate,FileName) VALUES(" & AccountId &",'"& UploadDate &"','" & txtFilename &"')" db.execute(inssql) updsql = "update tblAccount set Process=" & processid & " where AccountId=" & userid db.execute(updsql) 'File.ToDatabase Connect, SQL end if if (queryaction = "UPLOAD") then 'Set Upload = Server.CreateObject("Persits.Upload") 'Upload.Save 'Path = "uplodedfiles" 'Set File = Upload.Files("fileForm") 'File.SaveAs Path & "\" & File.FileName 'txtFilename = File.filename txtfilename = "test.doc" userid = request.form("userid") 'user = request.form("user") processid = request.form("processid") uploaddate = date() inssql = "INSERT INTO tblUpload(AccountId,UploadDate,FileName) VALUES(" & userid &",'"& UploadDate &"','" & txtFilename &"')" inssql = "INSERT INTO tblUpload(AccountId,UploadDate,FileName) VALUES(" & userid &",'"& uploaddate &"','" & txtfilename &"')" db.execute(inssql) updsql = "update tblAccount set Process=" & processid & " where AccountId=" & userid db.execute(updsql) if processid="1" then response.Redirect("step2.asp") elseif processid="3" then response.Redirect("step4.asp") end if end if %>