rai nalasa rai nalasa - 7 months ago 12
SQL Question

Allowing only two types of user

This code should allow two types of use to access my page.

After I coded the second

if
statement, I could no longer access the page.

Here's my code.

private void AuthenticateUser()
{
if ((string)Session["user_type"] != "user")
{
Response.Redirect("~/Pages/Account/Login.aspx");
}
if ((string)Session["user_type"] != "special_user")
{
Response.Redirect("~/Pages/Account/Login.aspx");
}
}


What I want is to only allow two types of user
user
and
special_user
to access a certain page.

Answer

There's a flaw in your logic. If you're a "special_user", then the first if block is going to return false (after all, you're a "special_user", not merely a "user"), and you get redirected.

Check for both types in a single statement:

var userType = (string)Session["user_type"];

if (userType != "user" && userType != "special_user")
{
    Response.Redirect("~/Pages/Account/Login.aspx");
}