what is wrong with my if statement

Question

Please help review this code even when the user is not in the role apply it fail to redirect the user to status.aspx

if (!User.Identity.IsAuthenticated || !User.IsInRole("apply") || Session["ctre"].ToString() != "Court" || Session["userName"].ToString() == null)
        {
            if (!User.Identity.IsAuthenticated || Session["userName"].ToString() == null)
            {
                Response.Redirect("Login.aspx");
            }
            else
            {
                Response.Redirect("status.aspx");
            }
        }

score 0 · Answer 1 · answered Jun 04 '14 at 06:40

0

your condition is wronge.

try this one

if (!User.Identity.IsAuthenticated || !User.IsInRole("apply") || Session["ctre"].ToString() != "Court" || Session["userName"].ToString() == null)
    {

            Response.Redirect("Login.aspx");

       } else
        {
            Response.Redirect("status.aspx");
        }

answered Jun 04 '14 at 06:40

Skabdus

220
3
13

I want to make it such that if the user is autheticated but user not in role "apply" it should go to status.aspx – user3055606 Jun 04 '14 at 06:57

user2316116 · Answer 2 · 2014-06-04T08:26:28.590

Your code is

if (!User.Identity.IsAuthenticated || !User.IsInRole("apply") || Session["ctre"].ToString() != "Court" || Session["userName"].ToString() == null)
{
    if (!User.Identity.IsAuthenticated || Session["userName"].ToString() == null)
    {
        Response.Redirect("Login.aspx");
    }
    else
    {
        Response.Redirect("status.aspx");
    }
}

There are 2 if-statements and both of them have similar conditions

!User.Identity.IsAuthenticated || ... Session["userName"].ToString() == null 
!User.Identity.IsAuthenticated ||     Session["userName"].ToString() == null

That probably means that first condition makes no sense and your entire code should be

if (!User.Identity.IsAuthenticated || Session["userName"] == null)
    Response.Redirect("Login.aspx");
else
    Response.Redirect("status.aspx");

UPDATE:

if you need to check for role, namely "if the user is autheticated but user not in role "apply" it should go to status.aspx and not login.aspx" use

if (!User.Identity.IsAuthenticated || Session["userName"] == null || User.IsInRole("apply"))
    Response.Redirect("Login.aspx");
else
    Response.Redirect("status.aspx");

i have different role in my website, so how do i handle the role of the user — user3055606, Jun 04 '14 at 07:11
It doesn't matter. If you have some if-condition and you see that it is passed then it means that condition is wrong. Include roles in IF-statement but keep only one IF. — user2316116, Jun 04 '14 at 07:33
the reason I'm bothered about role is that I want to make it such that if the user is autheticated but user not in role "apply" it should go to status.aspx and not login.aspx — user3055606, Jun 04 '14 at 08:12

score 0 · Answer 3 · answered Jun 04 '14 at 06:57

0

There is duplication in your code, you may say its a code redundancy, use following conditions

if (!User.Identity.IsAuthenticated || Session["userName"] == null)
    Response.Redirect("Login.aspx");
else
    Response.Redirect("status.aspx");

answered Jun 04 '14 at 06:57

koolprasad2003

299
3
23

I have 3 roles in my website that is why i included the role condition – user3055606 Jun 04 '14 at 07:12

what is wrong with my if statement

3 Answers3