SqlConnection con = new SqlConnection(@"Data Source=RST1016;Initial Catalog=MDMdb;Integrated Security=True;Pooling=False");
SqlDataReader dr;
bool userExists = false;
try
{
string query = "SELECT [user].* FROM [user] where u_name='" + txtusername.Text + "' and pwd='" + txtpassword.Text + "'";
SqlCommand com = new SqlCommand(query, con);
con.Open();
dr = com.ExecuteReader();
while (dr.Read())
{
userExists = true;
break;
}
if (userExists)
Response.Redirect("WebForm1.aspx");
else
Response.Write("not successfully");
}
catch (Exception ex)
{
Response.Write("" + ex.Message);
}
finally
{
if (con.State == ConnectionState.Open)
con.Close();
}
try this out. this may help you. ExecuteNonQuery genrally return -1 hence all the time that condition is true and going to next page.