SqlCommand comand = new SqlCommand("Select Userid,UserName,Password FROM Users WHERE UserName=@Uname and Password = @Pass", con);
comand.Parameters.AddWithValue("@Uname", this.txtUsername.Text);
comand.Parameters.AddWithValue("@pass", this.txtPassword.Text);
con.Open();
SqlDataAdapter adp = new SqlDataAdapter(comand);
DataTable t = new DataTable();
adp.Fill(t);
string userId;
foreach(DataRow dr in t.Rows)
{
userId = dr["Userid"].ToString();
}
and then store it in the session, i.e
Session["userId"] = userId;
Hope this is pretty clear to you :)
-KR