UserName = Request.Form("username")
Password = Request.Form("password")

sql = "SELECT * from Users WHERE ThruDate is Null and UserName is " & UserName
Set rs = objConn.Execute(strQuery)

if UserName = rs("UserName") then
if Password = rs("Password") then
session("IntranetUserId") = rs("UserID")
Response.Redirect("MainMenu.asp")
else
Response.Write("<p align=""center""><span class=""names"">Incorrect Password. Please try again!</span>")
end if
else
response.Write UserName
response.Write rs("UserName")
Response.Write("<p align=""center""><span class=""names"">Incorrect UserName. Please try again!</span>")
end if