Log på en profil??

Hejsa alle sammen!

Jeg sidder med et problem!

Jeg er rimelig ny inden for ASP, så vær lidt venlige? *S* ;O)

Jeg har et script der ser sådan ud:
<%
Option Explicit
Dim sql,rsUser,username,password,page,stayloggedin,LConnectString,lconn,sqlflag

'Grab the submitted variables (page is the page they've come from, set by the hidden variable at the login box)
username = Request.Form("username")
password = Request.Form("password")

'Check no s**t is trying to hack in using SQL commands
if InStr(username, "'") or InStr(username, """") or InStr(username, "=") or InStr(password, "'") or InStr(password, """") or InStr(password, "=") then
    sqlflag = True
end if

if sqlflag <> true then
'Open connection
%>
<%
Dim ConnectString, conn

ConnectString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("database.mdb")
Set conn = Server.CreateObject("ADODB.Connection")
conn.open ConnectString
%>
<%

'Get a recordset corresponding to the submitted username and password
sql = "SELECT username FROM users WHERE username = '" & username & "' AND password = '" & password & "'"
Set rsUser = Server.CreateObject("ADODB.Recordset")
rsUser.Open sql, conn, 3, 3

'If there was a valid recordset there, then send them back to the page they came from, with the username cookie set
If (not rsUser.BOF) and (not rsUser.EOF) and sqlflag <> True then
  Response.Cookies("username") = rsUser("username")
  'If the user wants to stay logged in all the time, then we'll set the cookie with a far-away expiry date
  if stayloggedin = "yes" then
    Response.Cookies("username").expires = #1/1/2010#
  end if
  rsUser.close
  set rsUser = nothing
  conn.close
  set conn = nothing
  Response.Redirect("profiler/Request.Form('username').asp")
end if

'Otherwise, display an invalid entry screen
rsUser.close
set rsUser = nothing
conn.close
set conn = nothing

else
end if
%>

<html>
<head>
<title>Invalid entry</title>
</head>
<body bgcolor="#FFFFFF" link="#DD0000" vlink="#DD0000" alink="#000000">


<h3><font face="arial,helvetica" size=2 color="red">Invalid username/password</font></h3>

<p><font face="arial,helvetica" size=2 color="red"><a href="java script:self.history.go(-1)"><b>Please try again</b></a></font></p>


</body>
</html>

Dette stykke:
  end if
  rsUser.close
  set rsUser = nothing
  conn.close
  set conn = nothing
  Response.Redirect("profiler/Request.Form('username').asp")
end if

Det virker ikke, I know, men er der nogen der kan fortælle mig hvad jeg skal skrive, for at personen der intaster korrekt brugernavn og adgangskode viderestilles til sit eget site, profil eller hvad det nu hedder?

Håber der er nogen der kan hjælpe?!?

Mvh Palle.