login page response.redirect fails

[VBVines]

This second login page works when the Username Password combination is correct but when it is incorrect, the response.redirect in the else part of the if statement fails. It goes to an error page Classic ASP Any ideas?
================================
<%
Response.Expires = -1

Dim strUserId, strPassword, strMessage, strTargetURL, aStaff

strTargetURL = Session("strTargetURL")
strUserId = Request.Form("userid")
strPassword = Request.Form("password")
'strVirgin = Request.Form("virgin")
Session("aStaff") = strUserId

If strUserId <> "" And strPassword <> "" Then
' Execute the query
Set objConn = Server.CreateObject("ADODB.Connection")
strConnect=Application("strConnectString")
objConn.open strConnect
SQL="SELECT LOT_SEC_ID, LOT_SEC_PWD FROM ADBTable WHERE LOT_SEC_ID = '" & strUserId & "' AND LOT_SEC_PWD = '" & strPassword & "'"
Set rs=objConn.execute(SQL)
If strUserId = rs(0) And strPassword = rs(1) Then
'response.write strUserId
Response.Redirect strTargetURL
Else

Response.Redirect "anotherpage.asp"

rs.close()
objConn.close()
end if
end if
%>
<HTML>
<BODY bgcolor="#C00000">
<FORM method="post">

<p align="center"><b><span style="font-size:18pt;"><font color="white">Login<br><br>Staff Login</font></span></b></p>
<TABLE width="500" bgcolor="#FFFFFF" border="0" align="center">
<TR>
<TD colspan="5" bgcolor="#99CCFF"><font color="black">&nbsp;Login</font></TD>
</TR>
<TR valign="bottom">
<TD><b>User ID:</b></TD><TD><b>Password</b></TD><TD>&nbsp;</TD>
<td></td>
<td></td>
</TR>
<TR valign="top">
<TD><INPUT type="text" name="userid" value="<%= strUserId %>"></td>
<TD><INPUT type="password" name="password" value="<%= strPassword %>"></TD>
<TD><INPUT type="submit" value="Login" /></TD>
<td></td>
<td></td>
</TR>
<TR>
<TD colspan="3" align="center"><FONT color="red"><%= strMessage %></FONT></TD>
<td></td>
<td></td>
</TR>
</TABLE>
</FORM>
</BODY>
</HTML>


aspvbwannab

 

[ethorn10]

What does the error page say? Does "anotherpage.asp" exist?

Also, I'd recommend checking for valid user and changing strTargetURL if it fails. Then you can clean up your recordsets and connections before redirecting. Example:

strTargetURL = Session("strTargetURL")
strUserId = Request.Form("userid")
strPassword = Request.Form("password")
'strVirgin = Request.Form("virgin")
Session("aStaff") = strUserId
    
If strUserId  <> "" And strPassword <> "" Then
      '  Execute the query
      Set objConn = Server.CreateObject("ADODB.Connection")
      strConnect=Application("strConnectString")
      objConn.open strConnect
      SQL="SELECT LOT_SEC_ID, LOT_SEC_PWD FROM ADBTable WHERE LOT_SEC_ID = '" & strUserId & "' AND LOT_SEC_PWD = '" & strPassword & "'"
      Set rs=objConn.execute(SQL)
    If strUserId <> rs(0) Or strPassword <> rs(1) Then    
        strTargetURL = "anotherpage.asp"
    End If
End If
rs.close()
objConn.close()

Response.Redirect strTargetURL