First of all, why not simply checking if a user exists with the current username and password using the EXISTS
IF EXISTS(SELECT ADMIN_EMAIL, ADMIN_PASSWORD FROM ADMIN WHERE ADMIN_EMAIL = p_username AND ADMIN_PASSWORD = p_password)
Calling every user ADMIN seems kind of weird by the way...
Anyway, this would only work if you store passwords unencrypted! And that's never a good idea... Especially when you know you're vulnerable to SQL Injection! (Remind me never to create an account on any software you've written...).
Here's a good article about encrypting passwords: The Art & Science of Storing Passwords
You didn't specify any languages in your post, except SQL. But I think you can learn a lot from this article and most people are able to read C#, so I think you'll manage.
Hope it helps.