public static void AuthenticateUser(string pUserName, WireUsers pWireUser) { bool blnHasRecord; using (SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["Speedo"].ToString())) { SqlCommand cmd = cn.CreateCommand(); if (pWireUser == WireUsers.EliteUsers) { cmd.CommandText = "SELECT username FROM CM.WireUsers WHERE username='******' AND userlvl='eu'"; } else if (pWireUser == WireUsers.Administrator) { cmd.CommandText = "SELECT username FROM CM.WireUsers WHERE username='******' AND userlvl='admin'"; } cn.Open(); SqlDataReader dr = cmd.ExecuteReader(); blnHasRecord = dr.Read(); dr.Close(); } if (!blnHasRecord) { HttpContext.Current.Response.Redirect("~/AccessDenied.aspx"); } }
public static bool IsUser(WireUsers pWireUsers, string pUserName) { bool blnHasRecord; using (SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["Speedo"].ToString())) { SqlCommand cmd = cn.CreateCommand(); if (pWireUsers == WireUsers.Administrator) { cmd.CommandText = "SELECT username FROM CM.WireUsers WHERE username='******' AND userlvl='admin'"; } else if (pWireUsers == WireUsers.EliteUsers) { cmd.CommandText = "SELECT username FROM CM.WireUsers WHERE username='******' AND userlvl='eu'"; } else if (pWireUsers == WireUsers.ChannelManager) { cmd.CommandText = "SELECT username FROM CM.WireUsers WHERE username='******' AND userlvl='cm'"; } else if (pWireUsers == WireUsers.HQUsers) { cmd.CommandText = "SELECT username FROM CM.WireUsers WHERE username='******' AND userlvl='hu'"; } cn.Open(); SqlDataReader dr = cmd.ExecuteReader(); blnHasRecord = dr.Read(); dr.Close(); } return(blnHasRecord); }