<% if (!Session("admin")) Response.Redirect("default.asp?dest=" + Server.URLEncode(Request.ServerVariables("URL") + "?" + Request.ServerVariables("QUERY_STRING"))); %>