con.Open(); SqlCommand cmd = new SqlCommand("select * from Login where U

1. con.Open();
2. SqlCommand cmd = new SqlCommand("select * from Login where UserName=@User_Name and Password=@Password", con);
3. cmd.Parameters.AddWithValue("@User_Name", txtUserName.Text);
4. cmd.Parameters.AddWithValue("@Password", txtPWD.Text);
5. SqlDataAdapter da = new SqlDataAdapter(cmd);
6. DataTable dt = new DataTable();
7. da.Fill(dt);
8. //con.Close();
9. if (dt.Rows.Count > 0)
10. {
11. Response.Redirect("Details.aspx");
12. }
13. else
14. {
15. ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>");
16. }
17. con.Close();