private void metroTile1_Click(object sender, EventArgs e) { SqlConnection conn = DBConn.GetInstance(); //SqlDataAdapter sda = new SqlDataAdapter("Select Count(*) from Login where Username = '******'and Password ='******'", conn); // SqlDataAdapter sda = new SqlDataAdapter("Select Count(*) from Login where Username = @UN and Password = @PW", conn); DataRowView drv = (DataRowView)cmbLogin.SelectedItem; username = (string)drv.Row["Username"]; RoleId = (int)drv.Row["RoleId"]; if (count > 1) { SingleTonUserRoles userRolesObj = SingleTonUserRoles.GetInstance; userRolesObj.changeUserRoles(); } //sda.SelectCommand.Parameters.AddWithValue("@UN", cmbLogin.Text); // sda.SelectCommand.Parameters.AddWithValue("@PW", textBox2.Text); DataTable dt = new DataTable(); // sda.Fill(dt); try { if (cmbLogin.Text != "" && textBox2.Text != "") { //SqlDataAdapter sda1 = new SqlDataAdapter("Select Username from Login where username = '******'and Password ='******'", conn); SqlDataAdapter sda1 = new SqlDataAdapter("Select Count(*) from Login where Username = @UN and Password = @PW", conn); sda1.SelectCommand.Parameters.AddWithValue("@UN", cmbLogin.Text); sda1.SelectCommand.Parameters.AddWithValue("@PW", textBox2.Text); DataTable dt1 = new DataTable(); sda1.Fill(dt1); //label4.Text = "Login approved as Admin"; if (dt1.Rows[0][0].ToString() == "1") { this.Hide(); Main FF = new Main(); //AdminForm af = new AdminForm(); conn.Close(); FF.Show(); } else { lblincorrectpass.Text = "Password is incorrect"; } } else { lblincorrectpass.Text = "please fill all textboxes!"; } } catch (Exception ex) { lblmsg.Text = ex.Message; } }