Hi,
I'm trying to develop the code (starting with the basic DW login code) for an advanced login page, requiring five (5) fields to verify the users. I have a basic form (included in the code) with five fields etc. I've attempted to modify the code to include the additonal fields but I have a feeling there is alot more to it than that?

I'd appreciate anyone who can advise me and show me the way...

Thanks in advance.
<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<!--#include file="../Connections/connection.asp" -->
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL"
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("field1")
If MM_valUsername <> "" Then
MM_fldUserAuthorization=""
MM_redirectLoginSuccess="ok.htm"
MM_redirectLoginFailed="no.htm"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connection_STRING
MM_rsUser.Source = "SELECT usr_field1, usr_field2, usr_field3, usr_field4, usr_field5"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM multipleLogin WHERE usr_field1='" & Replace(MM_valUsername,"'","''" &"' AND usr_field2='" & Replace(Request.Form("field2","'","''" & "'" &"' AND usr_field3='" & Replace(Request.Form("field3","'","''" & "'" &"' AND usr_field4='" & Replace(Request.Form("field4","'","''" & "'" &"' AND usr_field5='" & Replace(Request.Form("field5","'","''" & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username" = MM_valUsername
If (MM_fldUserAuthorization <> "" Then
Session("MM_UserAuthorization" = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization" = ""
End If
if CStr(Request.QueryString("accessdenied") <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied"
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form ACTION="<%=MM_LoginAction%>" method="POST" name="loginForm" id="loginForm">
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><div align="right">field 1</div></td>
<td><label>
<input name="field1" type="text" id="field1">
</label></td>
</tr>
<tr>
<td><div align="right">field 2</div></td>
<td><input name="field2" type="text" id="field2"></td>
</tr>
<tr>
<td><div align="right">field 3</div></td>
<td><input name="field3" type="text" id="field3"></td>
</tr>
<tr>
<td><div align="right">field 4</div></td>
<td><input name="field4" type="text" id="field4"></td>
</tr>
<tr>
<td><div align="right">field 5</div></td>
<td><input name="field5" type="text" id="field5"></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td><label>
<input type="submit" name="Submit" value="Submit">
</label></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td> </td>
</tr>
</table></form>
</body>
</html>

is it not working?

Graham