int temp = Convert.ToInt32(com.ExecuteScalar().ToString()); SqlConnection co

1. int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
2.  
3. SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["connect"].ConnectionString);
4. con.Open();
5.  
6. string checkuser = "select * from tb_Login where Username='" + txtUsername.Text + "' and Password='" + txtPassword.Text + "' ";
7.  
8. SqlCommand com = new SqlCommand(checkuser, con);
9.  
10. int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
11. con.Close();
12.  
13. if (temp == 1)
14. {
15. con.Open();
16. string checkPass = "select Password from tb_Login where Username='" + txtUsername.Text + "'";
17.  
18. SqlCommand passCom = new SqlCommand(checkPass, con);
19. string password = passCom.ExecuteScalar().ToString().Replace(" ", "");
20.  
21. if (password == txtPassword.Text)
22. {
23. Session["New"] = txtUsername.Text;
24. Response.Write("Correct");
25. }
26. else
27. {
28. Response.Write("Not Correct");
29. }
30. }
31. else
32. {
33. Response.Write("Username not correct");
34. }
35.  
36. string checkuser = "select * from tb_Login where Username='" + txtUsername.Text + "' and Password='" + txtPassword.Text + "' ";
37.  
38. int temp = Convert.ToInt32(com.ExecuteScalar().ToString());