我这段代码有啥问题啊？？？？
<%
Dim username,userpass

username=Trim(Request.Form("name"))
userpass=Trim(Request.Form("pass"))

Dim conn,data,rs,sql,strconn
data="data.mdb"
set conn = Server.CreateObject("adodb.connection")
strconn ="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & ChkMapPath(data)
conn.open strconn 

sql="select * form admin where name="'& username & '""
sql="select * form admin where pass="'& userpass & '""

set rs = Server.CreateObject("adodb.recordset")
rs.open sql,conn,1,3,1

if rs.eof then
     response.Redirect("index1.asp?帐号密码错误")
     response.End()
else
     session("id")=cstr(rs.fields("id"))
     session("name")=username
     session("class")=rs.fields("class")
     session("Ispass")=true

if rs.fields("class")="1" or rs.fields("class")="2" then
   seesion=("Isadmin")=trun
else
   session=("Isadmin")=false
end if      

if request.Form("rem")="1" then
        response.Cookies("name")=username
        response.Cookies("pass")=userpass
        response.Cookies("rem")="1"

        response.Cookies("name").expires=data+365
        response.Cookies("pass").expirew=data+365
        response.Cookies("rem").expirew=data+365
  end if
end if

rs.close
       set rs=nothing
conn.close
       set conn=nothing

response.Redirect("index2.asp")
response.End()
 %>