If ABMShared.NeedsAuthorization Then
If ws.Session.GetAttribute2("IsAuthorized", "") = "" Then
Dim loginpwd As String = ABM.LoadLogin(AppPage, ABMShared.AppName)
If loginpwd <> "" Then
Dim SQL As SQL = DBM.GetSQL
Dim split() As String = Regex.Split(";", loginpwd)
Dim vars As List
vars.Initialize
vars.Add(split(0))
vars.Add(split(1))
Dim users As List = DBM.SQLSelect(SQL, "SELECT * FROM users WHERE UserLogin=? AND UserPassword=?", vars)
'Dim users As List = DBM.SQLSelect(SQL, "SELECT * FROM users WHERE UserLogin='" & split(0) & "' AND UserPassword='" & split(1) & "'")
If users.Size > 0 Then
Dim user As Map = users.Get(0)
ws.Session.SetAttribute("authType", "local")
ws.Session.SetAttribute("authName", split(0))
ws.Session.SetAttribute("IsAuthorized", "true")
ws.Session.SetAttribute("UserType", "" & user.Get("usertype") ) ' lowercase!
ws.Session.SetAttribute("UserID", "" & user.Get("userid") ) ' lowercase!
ABMShared.NavigateToPage(ws, ABMPageId, "./" & InitialPage)
DBM.CloseSQL(SQL)
Return
End If
DBM.CloseSQL(SQL)
End If
AppPage.ShowModalSheet("login")
Return
End If
End If