protected string Auth()
        {
            String xml;
            String strPhoto = Globals.APP_ROOT_PATH + "common/images/User1_120.png";
            String strPhotoModeImage = Globals.APP_ROOT_PATH + "common/images/User1_40.png";
            String query = "";
             //Check if user filled login and password at the login screen (Chat authorization)
            if (!String.IsNullOrEmpty(Request["user_name"]) && !String.IsNullOrEmpty(Request["password"]))
            {
                query = "SELECT * FROM registered_members WHERE login='" + Request["user_name"].ToString() + "' AND password='" + Request["password"].ToString() + "'";
            }
            // Check session existence with enabled Autologin
            else if (Session["uid"] != null && Session["uid"] != string.Empty)
            {
                query = "SELECT * FROM registered_members WHERE login='" + Session["uid"].ToString() + "'";
            }              
            // Non session/cookie based autologin authorization   
            else if(!String.IsNullOrEmpty(Request["uid"]))
            {
                query = "SELECT * FROM registered_members WHERE login='" + Request["uid"].ToString() + "'";
            }
            else
            {
                xml = "<auth error=\"AUTH_ERROR\" />";
            }
           // Connect to your database to retrieve user's profile info
            if (!string.IsNullOrEmpty(query))
            {
                xml = "<auth error=\"AUTH_ERROR\" />";
                DataTable dt = new DataTable();
                SqlConnection connect = new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
                connect.Open();
                SqlDataAdapter ad = new SqlDataAdapter(query, connect);
                ad.Fill(dt);
                connect.Close();
                // Retrieve user's profile info from DataTable and generate xml response
                if (dt.Rows.Count > 0)
                {
                    xml = string.Format("<auth>" +
                  "<userName><![CDATA[{0}]]></userName>" +
                  "<gender>{1}</gender>" +
                  "<level>{2}</level>" +
                  "<photo><![CDATA[{3}]]></photo>" +
                  "<photoModeImage><![CDATA[{4}]]></photoModeImage>" +
                  "</auth>", dt.Rows[0]["username"].ToString(), dt.Rows[0]["gender"].ToString(), dt.Rows[0]["level"].ToString(), strPhoto, strPhotoModeImage);
                }
            }
            else
            {
                xml = "<auth error=\"AUTH_ERROR\" />";
            }     
            return xml;
        }