hi guys! can you help me with this..i have a code below which has an error but i can't figure out what is the error..

Code:
OracleConnection OraConn = new OracleConnection(OraConnStr);
string qryStr;
string encPswrd;

encPswrd = RndCrypt(txtAddPassword.Text, txtAddUsername.Text.ToUpper());
qryStr = @"select count(*) from users where username='" + txtAddUsername.Text.ToUpper() +
                                          "' and password = @encPswrd and admin_user='TRUE'";
OracleCommand OraCmd = new OracleCommand(qryStr,OraConn);
OraCmd.Parameters.AddWithValue(@"encPswrd", encPswrd);
MessageBox.Show("EXECUTE: " + (OraCmd.ExecuteScalar().ToString ()));
//Error occurs in (int)OraCmd.ExecuteScalar() 
if ((int)OraCmd.ExecuteScalar() != null || txtAddUsername.Text == "abs")
{
      //If it has value do something here
}
else
{
    //If value is null do something here
}
error:

System.Data.OracleClient.OracleException was unhandled
Message="ORA-01036: illegal variable name/number\n"
Source="System.Data.OracleClient"
ErrorCode=-2146232008
Code=1036
StackTrace:
at System.Data.OracleClient.OracleConnection.CheckError(OciErrorHandle errorHandle, Int32 rc)
at System.Data.OracleClient.OracleParameterBinding.Bind(OciStatementHandle statementHandle, NativeBuffer parameterBuffer, OracleConnection connection, Boolean& mustRelease, SafeHandle& handleToBind)
at System.Data.OracleClient.OracleCommand.Execute(OciStatementHandle statementHandle, CommandBehavior behavior, Boolean needRowid, OciRowidDescriptor& rowidDescriptor, ArrayList& resultParameterOrdinals)
at System.Data.OracleClient.OracleCommand.ExecuteScalarInternal(Boolean needCLStype, Boolean needRowid, OciRowidDescriptor& rowidDescriptor)
at System.Data.OracleClient.OracleCommand.ExecuteScalar()
at RefNumGen.frmindex.BtnAdd_Click(Object sender, EventArgs e) in C:\Documents and Settings\daimous\My Documents\Visual Studio 2005\Projects\BCMD\WindowsApplication1\frmindex.cs:line 648
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoCompo nentManager.FPushMessageLoop(Int32 dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(Form mainForm)
at RefNumGen.Program.Main() in C:\Documents and Settings\daimous\My Documents\Visual Studio 2005\Projects\BCMD\WindowsApplication1\Program.cs:line 17
at System.AppDomain.nExecuteAssembly(Assembly assembly, String[] args)
at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()