Make a login with Request.Form that make sure that the password and the userid is the same who is in the database. Then save Session.SessionID in the persons objRS("ID") in the same file as you check up the password and then you can have the Session in the Querystring.
Thanks, that helps me with a Login statement. But I still cannot figure out how to mask the query string in the URL. What I have is a Login page that goes to a search engine. From the search engine, results are displayed, and the records are linked to a detail page by passing the primary key (social security number) into the URL query string... how do I hide this? Thanks for your help.
Yes, the login page is a personal login, but they have access to search through employee records (contact information). When they select a record for detailed information, that record is linked to the detail page by passing the SSN of the employee in the recordset through the URL as a Querystring (id=?ssn). This is what I am trying to hide. Thanks