var username = Request.Form["username"];var password = Request.Form["password"

1. var username = Request.Form["username"];
2. var password = Request.Form["password"];
3. var sqlString = "SELECT * FROM Users WHERE username ='" + username + "'
4. AND password = HASHBYTES('SHA2_512', '" + password + "'+ salt)" ;
5. var connString = WebConfigurationManager.ConnectionStrings
6. ["NorthwindConnectionString"].ConnectionString;
7. using (var conn = new SqlConnection(connString)) { var
8. command = new SqlCommand(sqlString, conn);
9. var dataReader = command.ExecuteReader(CommandBehavior.SingleResult);
10. if (dataReader.HasRows){
11. loggedIn = true;
12. }
13. dataReader.Close();
14. }