My Bad Code

1. using System;
2. using System.Collections.Generic;
3. using System.Linq;
4. using System.Web;
5. using System.Web.UI;
6. using System.Web.UI.WebControls;
7. using MySql.Data.MySqlClient;
8.  
9.  
10. namespace MHSFirst
11. {
12. public partial class login : System.Web.UI.Page
13. {
14. MySqlConnection conn;
15.  
16. protected void Page_Load(object sender, EventArgs e)
17. {
18. conn = connect();
19.  
20. if (IsPostBack)
21. loginClick(sender, e);
22. }
23.  
24. protected void loginClick(object sender, EventArgs e)
25. {
26. string username = Request.Form["username"];
27. string password = Request.Form["password"];
28.  
29. Response.Write(queryRead("SELECT username FROM mhsfirst.users WHERE password = 'password';"));
30.  
31. }
32.  
33. protected MySqlConnection connect()
34. {
35. MySqlConnection conn;
36. string myConnectionString = "server=localhost;uid=root;pwd=B3n4nnaPh03be;database=mhsfirst;";
37.  
38. try
39. {
40. conn = new MySql.Data.MySqlClient.MySqlConnection();
41. conn.ConnectionString = myConnectionString;
42. return conn;
43. }
44. catch (MySql.Data.MySqlClient.MySqlException ex)
45. {
46. Response.Write(ex.Message);
47. return null;
48. }
49. }
50.  
51. protected void queryWrite(string query)
52. {
53. MySqlCommand cmd = conn.CreateCommand();
54. cmd.CommandText = query;
55. conn.Open();
56. cmd.ExecuteNonQuery();
57. conn.Close();
58. }
59.  
60. protected string queryRead(string query)
61. {
62. string drString = "";
63. MySqlDataReader dr;
64. MySqlCommand cmd = conn.CreateCommand();
65. cmd.CommandText = query;
66.  
67. conn.Open();
68. dr = cmd.ExecuteReader();
69.  
70. while (dr.Read())
71. drString += dr["username"].ToString();
72. conn.Close();
73.  
74. return drString;
75. }
76. }
77. }