Check out these solutions above you will find how to use it.
Just an experience to add is:
- Do not pass variables directly into the query string, like:
SqlCommand command = new SqlCommand("SELECT * FROM users WHERE Username = " + user + " AND Password = " + password, connection);
- Please use: Parameters Add or AddWithValue to pass variables so that you will never get into troubles while execute query.
To tell the differences between these 2 methods, pleas check
this