Sub btnEnter_Click(s as object, e as eventargs)

    Session("ValidUser") = "N"

    If Page.IsValid then
	   Dim conlogin As OleDbConnection
           Dim cmdlogin As OleDbCommand
           Dim strsql As String
	   Dim strconnect As String
           Dim strresults As String
	   Dim objReader as OleDbDataReader
		  		  
           strconnect = ("PROVIDER=Microsoft.Jet.OLEDB.4.0;DATA SOURCE=C:/inetpub/wwwroot/fpstudents/team2/iuser/girlscouts.mdb;")
	   conlogin= New OleDbConnection( strconnect )
           strsql = "select * from UserTable where UserId=@UserID and PWord=@PWord"
           cmdlogin = New OleDbCommand(strsql, conlogin)
           cmdlogin.Parameters.Add("@UserID", UserID.text)
           cmdlogin.Parameters.Add("@PWord", Password.text)
           Try
              conlogin.Open()
	      objReader = cmdlogin.ExecuteReader
              lblError.Text = "Your userid and password does not exist."
              while objReader.Read
		'User ID is only entered into the session variable once it has been successfully verified against the database.
                 Session("ValidUser") = "Y"
		 conlogin.Close()
                 Response.Redirect("search.aspx")
	       End while	
	    Catch objexception As Exception
              'exception message and source would not be written to screen once web site completed.
               Response.Write("Database connection failed.")
               Response.Write("Message:" & objexception.Message)
               Response.Write("Source:" & objexception.Source)
            Finally		  
               conlogin.Close()
            End Try 
     end if
End Sub