public bool CheckUserData(string account, string password) { try { string sql = "SELECT 1 FROM user WHERE account = @account AND password = @password;"; MySqlCommand cmd = db.MySqlCommand(sql); cmd.Parameters.Add("@account", MySqlDbType.VarChar).Value = account; cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = password; db.Connect(); using (MySqlDataReader reader = cmd.ExecuteReader()) { if (reader.Read()) { return(true); } } return(false); } catch (Exception ex) { string error = ex.ToString(); return(false); } finally { db.Disconnect(); } }