public DataTable getUser(IUserEntity user) { DB obj = new DB(); string queryString = "SELECT r.RoleName, u.* " + "FROM Users u, UsersToRoles s, Roles r " + "WHERE u.UserID = s.FKUserID " + "AND s.FKRoleID = r.RoleID " + "AND " + "Name='" + user.UserName + "' and password='******'and IsApproved ='" + true + "'and IsLockedOut ='" + false + "'"; return obj.getRecords(queryString, "SecurityConnectionString"); }