//Who is trying to log on? String sUserName = TextBoxUserName.Text; String sPassword = TextBoxPassword.Text; //Does this user exist in the database? string sCommand = "SELECT UserID FROM Users where " + "UserName = \'" + sUserName + "\' " + "and Pwd = \'" + sPassword + "\'"; //If you are using SQL Server, type these lines string sConn = "server=localhost;uid=sa;pwd=;database=TopSecret"; System.Data.SqlClient.SqlDataAdapter dataAdapter = new System.Data.SqlClient.SqlDataAdapter(sCommand, sConn); DataSet ds = new DataSet(); dataAdapter.Fill(ds); DataTable dt = ds.Tables[0]; if (dt.Rows.Count == 0) { LabelFeedback.Text = "You are not a Top Secret user."; } else { LabelFeedback.Text = sUserName + " is a Top Secret user."; }