这是我写的check.asp
我想达到的目的是：当cookies不存在，则将login.htm中的userid和password传给cookies；如果cookies中已经保存了信息，那么比较，如果cookies中的userid和password和login.htm中的userid和password不一样，则报错；如果一样，那么登入成功，就转到a.htm。

可是最终的结果是，随便改一个名字登入，都能转到a.htm。最后我发现cookies中的userid和password总是为空字符串。我设的期限是一天。请告诉我，哪里有问题
<%
response.buffer=true

userid=request.cookies("userid")
password=request.cookies("password")

if userid="" then
    userid=request("userid")
elseif userid<>request("userid") then
    response.write "The accountant doesn't exist!"
    response.end
end if

if password="" then
    password=request("password")
elseif password<>request("password") then
    response.write "The password is wrong!"
    response.end
end if

response.cookies("userid")=userid
response.cookies("password")=password
expiredate=dateadd("d",1,now)
response.cookies("userid").expires=formatdatetime(expiredate)

response.redirect "a.htm"

%>

<%
if response.cookies("name")("userid")<>"" and response.cookies("name")("password")<>"" then
if response.cookies("name")("userid")=userid and response.cookies("name")("password")=password then
response.redirect "a.htm"
else
response.write "<script>alert('用户名和密码不正确！');history.go(-1)</script>"
end if
else
response.cookies("Yname")("userid")=userid
response.cookies("Yname")("password")=password
Response.Cookies("Yname").Expires=dateadd("d",1,now)
end if
%>

response.cookies("name")("password")??
这是什么意思？？可以这样？

写错了，下面
response.cookies("name")("userid")=userid
response.cookies("name")("password")=password
Response.Cookies("name").Expires=dateadd("d",1,now)