VB version here.
CSharp Code:
SqlConnection connection = new SqlConnection("connection string here");
// Get the count of the records with matching user ID and password.
SqlCommand command = new SqlCommand("SELECT COUNT(*) FROM User WHERE UserID = @UserID AND Password = @Password",
connection);
// Add the parameters. Values might come from TextBoxes or wherever.
command.Parameters.AddWithValue("@UserID", userID);
command.Parameters.AddWithValue("@Password", password);
connection.Open();
// Execute the query.
if ((int)command.ExecuteScalar() == 0)
{
// Zero matching records means a failed login.
}
else
{
// The specified credentials do match a record so the login succeeds.
}
connection.Close();