Without looking much into your code and details, I could say the error is because of the missing equals operator in the sql query.
Replace line no. 23 with following and see if that helps-
string query = "select count(*) from userlogin where username ='" + txtBox1.Text + "'and pass ='" + txtBox2.Text + "'";
But wait, that's not all.
Your code is vulnerable to
SQL Injection[
^].
With little more effort, you can prevent SQL injection via Stored Procedure or parameterised query. Please follow below reference for further guidance-
How To: Protect From SQL Injection in ASP.NET[
^]
[
^]
Hope, it helps :)