// method to returen if the user and password are correct public string checkUser(string userEmail, string userPassword) { this.UserEmail = userEmail; this.UserPassword = userPassword; SqlCommand userNameCommand = new SqlCommand(); DBConnect dBConnect = new DBConnect(); // check if the user entered a valid user name and password // first we do sql proc. userNameCommand.CommandType = CommandType.StoredProcedure; userNameCommand.CommandText = "checkPasswordAndUser"; // identify the name of the stored procedure to execute // take the user input and add it to @userPassword SqlParameter userParameter = new SqlParameter("@userPassword", UserPassword); userParameter.Direction = ParameterDirection.Input; userParameter.SqlDbType = SqlDbType.VarChar; // addidn user input to the proc. userNameCommand.Parameters.Add(userParameter); // take the user input and add it to @userName userParameter = new SqlParameter("@userEmail", UserEmail); userParameter.Direction = ParameterDirection.Input; userParameter.SqlDbType = SqlDbType.VarChar; // adding it to proc. userNameCommand.Parameters.Add(userParameter); // closing connection before excuting (just to make sure the connection is closed dBConnect.CloseConnection(); // open connection to DB dBConnect.openConc(); // userVal holed the value coming from the proc. if the return value is 1 then there is a user with correct password, if the value is 0, then user is not in the database. string userVal = dBConnect.ExecuteScalarFunction(userNameCommand).ToString(); // closing connection before excuting (just to make sure the connection is closed dBConnect.CloseConnection(); return(userVal); }