<% Dim varUserPassword, varCUserPassword varUserPassword = Request.Form("txtUserPassword") varCUserPassword = Request.Form("txtCUserPassword") IF varUserPassword = varCUserPassword THEN dim objCnn, varUserID, objRstChangePassword varUserID = Session("AdminId") call openDatabaseConnection(objCnn) call associateRecordset(objCnn,objRstChangePassword) objRstChangePassword.Open("SELECT tblmAdmin.* FROM tblmAdmin WHERE tblmAdmin.UserId='" & varUserID & "'") objRstChangePassword("Password")= varUserPassword objRstChangePassword.Update Session("error") = "Your password updated!" Response.Redirect("admincp_cpw.asp") ELSE Session("error") = "Both passwords do not match! Please re-enter again!" Response.Redirect("admincp_cpw.asp") END IF %>