<% 'this is the basic security check on a page that needs to be secure 'change to "if (session("loggedIn")=true) then" for admin login checks if (not (session("loggedIn")=true)) or (Request("action") = "login") then %> <% if (request("action")="forgot") then %> <% else %> <% end if %> <% else %> <% dim objRegExp, aActions, strPosted, strPage, i strPosted = Request("action") aActions = array("forgot", "user", "people", "person", "news", "calendar", "rsvp", "ui_main", "ui_comments", "ui_contact", "logout") set objRegExp = new regexp objRegExp.IgnoreCase = True for i=0 to uBound(aActions) objRegExp.Pattern = "^.*" & aActions(i) & ".*" if objRegExp.Test(strPosted) then strPage = aActions(i) end if next select case strPage case "user" server.execute "/admin/useradmin.asp" case "news" server.execute "/admin/newsadmin.asp" case else response.write "welcome" end select end if %>