Loads of problems here: The first and most important is that you must never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Particularly important with login code, since users can bypass your security or delete your database without even having to log in! Fix this
first throughout your code, or your best mate will delete your DB just to see the expression on your face.
The second thing is that your SQL query is rubbish. If I remove teh textboxes and write it out as it would be presented to SQL:
select * from user_details where user_name='MyName', password='MyPassword', user_type='MyType'
That isn't valid SQL syntax: it meets the first comma and says "what is that doing here?" Probably what you meant to say was:
select * from user_details where user_name='MyName' AND password='MyPassword' AND user_type='MyType'
But even then there are problems: why would your users have to type "user" or "admin" or anything else in order to log in? Your system knows what class they are permitted to be, so fetch that from the DB not the user.
The third is that you are storing passwords in clear text. That's bad, very bad:
Code Crime 1[
^] - see here, it may help:
Password Storage: How to do it.[
^]