I am having trouble converting my "MySQL" statement to a prepared statement. here is the part of the code that i need help with.
How Do I make below statement a prepared statement and can actually read the result afterwards. this way everything works perfectly, except that its not a prepared statement.
Please help. This is a web application in ASP.net using C#.
Thank you in advance.
String query = "Select * from Member where username=\"" + TextBox2.Text + "\";"; MySqlCommand cmd = new MySqlCommand(query, conn); MySqlDataReader print = cmd.ExecuteReader(); bool read = print.Read(); string password = print.GetString(2);