Please help me to develop this simple windows login form
problem is i am unable to validate my user name and password...
namespace WindowsFormsApplication1
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
login(txt_username.Text, txt_password.Text);
}
public Boolean login(string user,string pass)
{
SqlConnection con = new SqlConnection("Data Source=SNSS1\\SQLEXPRESS;Initial Catalog=Employee;User ID=sa;Password=eLog!234");
con.Open();
SqlCommand cmd=new SqlCommand ("select * from Tbl_password where UserName='"+user+"' and Password='"+pass+"'",con);
SqlDataReader dr = cmd.ExecuteReader();
while(dr.Read())
{
if ((dr["UserName"].ToString() == user) && (dr["Password"].ToString() == pass))
{
Form2 frm2 = new Form2();
frm2.Show();
}
}
return false;
}
}
}