string strQuery = "select count(*) from Registration where username=@username a

1. string strQuery = "select count(*) from Registration where username=@username and password=@password";
2.  
3. SqlConnection connection = DBConnection.getConnection();
4. connection.Open();
5.  
6. SqlCommand cmd = new SqlCommand();
7. cmd.Connection = connection;
8. cmd.CommandText = strQuery;
9.  
10. cmd.Parameters.Add("@username", txt1_username.Text);
11. cmd.Parameters.Add("@password", txt2_password.Text);
12.  
13. int intRowCount = (int) cmd.ExecuteScalar();
14. txt1_username.Text = intRowCount.ToString();
15. connection.Close();
16.  
17.  
18.  
19.  
20. if (intRowCount == 1)
21. {
22. string strquery = "select customer_id from Registration";
23. SqlConnection connection2 = DBConnection.getConnection();
24. connection2.Open();
25. SqlCommand cmd2 = new SqlCommand();
26. cmd2.Connection = connection;
27. cmd2.CommandText = strquery;
28.  
29. string customerID = cmd2.ExecuteScalar().ToString();
30. Session["customerID"] = customerID;
31. connection2.Close();
32.  
33. Session.Add("username", txt1_username.Text);
34. Response.Redirect("Succes.aspx");
35.  
36. }
37.  
38.  
39. else
40. {
41. Messages myMsg = new Messages(); // ایجاد نمونه از کلاس
42. myMsg.CreateMessageAlert("مقادیر ورودی صحیح نمی باشند . مجددا سعی کنید");
43. txt1_username.Text = "";
44. txt2_password.Text = "";
45. }