void getGovernment() { using (SqlConnection conn = new SqlConn

1. void getGovernment()
2. {
3.  
4. using (SqlConnection conn = new SqlConnection(Helper.GetConnection()))
5. {
6. conn.Open();
7. string SQL = @"SELECT GovernmentID FROM Employees WHERE Email = @Email AND Password = @userPW AND Status = 'ACTIVATED'";
8. using (SqlCommand cmd = new SqlCommand(SQL, conn))
9. {
10. cmd.Parameters.AddWithValue("@Email", UserID.Text);
11. cmd.Parameters.AddWithValue("@userPW", Helper.CreateSHAHash(txtPW.Text));
12. using (SqlDataReader dr = cmd.ExecuteReader())
13. {
14. if (dr.HasRows)
15. {
16. while (dr.Read())
17. {
18. Session["GovernmentID"] = dr["GovernmentID"];
19. }
20. Response.Redirect("~/Government/Index.aspx");
21. }
22. else
23. {
24. error.Visible = true;
25. }
26. }
27. }
28. }
29. }