string strQuery = "select count(*) from Registration where username=@username a

1. string strQuery = "select count(*) from Registration where username=@username and password=@password";
2.  
3. SqlConnection connection = DBConnection.getConnection();
4. connection.Open();
5.  
6. SqlCommand cmd = new SqlCommand();
7. cmd.Connection = connection;
8. cmd.CommandText = strQuery;
9.  
10. cmd.Parameters.Add("@username", txt1_username.Text);
11. cmd.Parameters.Add("@password", txt2_password.Text);
12.  
13. int intRowCount = (int) cmd.ExecuteScalar();
14. txt1_username.Text = intRowCount.ToString();
15. connection.Close();
16.  
17.  
18. if (intRowCount == 1)
19. {
20. string strquery = "select customer_id from Registration where username=@username";
21. SqlConnection connection2 = DBConnection.getConnection();
22. connection2.Open();
23. SqlCommand cmd2 = new SqlCommand();
24. cmd2.Connection = connection;
25. cmd2.CommandText = strquery;
26.  
27. string customerID = cmd2.ExecuteScalar().ToString();
28. Session["customerID"] = customerID;
29. connection2.Close();
30.  
31. Session.Add("username", txt1_username.Text);
32. Response.Redirect("Succes.aspx");
33.  
34. }
35.  
36.  
37. else
38. {
39. Messages myMsg = new Messages(); // ایجاد نمونه از کلاس
40. myMsg.CreateMessageAlert("مقادیر ورودی صحیح نمی باشند . مجددا سعی کنید");
41. txt1_username.Text = "";
42. txt2_password.Text = "";
43. }