I want to build a login page. I have tried the following code. The code gives an exception, can anyone explain why?

Error :System.Data.SqlClient.SqlException (0x80131904): Incorrect syntax near '*'. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action1 wrapCloseInAction) at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action1 wrapCloseInAction) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) at System.Data.SqlClient.SqlDataReader.TryConsumeMetaData() at System.Data.SqlClient.SqlDataReader.get_MetaData() at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds) at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite) at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method) at System.Data.SqlClient.SqlCommand.ExecuteScalar() at WebApplication2.WebForm1.Button1_Click(Object sender, EventArgs e) in c:\Users\Thilina\Documents\Visual Studio 2012\Projects\WebApplication2\WebApplication2\Main\eplaneer.aspx.cs:line 27 ClientConnectionId:b48701ca-c62a-447c-9c26-363505acd57e

Code:

protected void Button1_Click(object sender, EventArgs e)
{
    try 
    {
        SqlConnection conn = new SqlConnection("Data Source=hp;Initial Catalog=ePlanner;Integrated Security=True");
        conn.Open();

        String checkuser = " selecet count(*) from User_info where Uname='" + Uname.Text + "'";
        SqlCommand com = new SqlCommand(checkuser,conn);

        int temp = Convert.ToInt32(com.ExecuteScalar().ToString()); **//it says this is the line responsible for the exception**

        conn.Close();

        if (temp == 1) 
        {
            conn.Open();
            String checkpassword = "select Pword from User_info where Pword='" + Pword.Text + "'";
            SqlCommand passcom = new SqlCommand(checkpassword,conn);
            String password = passcom.ExecuteScalar().ToString().Replace(" ","");

            if (password == Pword.Text)
            {
                Response.Redirect("../Userloggedin/Userloggedin.aspx");
            }
            else
            {
                Logerror.Text = "User name/ Password you have entered is inncorrect";
            }
        }
        else
        {
            Logerror.Text = "User name/ Password you have entered is inncorrect";
        }

        conn.Close();
    }
    catch (Exception ex)
    {
        Response.Write("Error :" + ex.ToString());
    }
}

Related posts

Recent Viewed