Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
SELECT does not have an "E" at teh end:
string checkuser = "selecte count(*) from ...
Your two SELECT statements are using different tables:
SELECT count(*) FROM [user] where username=
And
selecte count(*) from Table where username=
Work out wher eit is, and use the right table - I suspect teh second one is faulty as TABLE is an SQL reserved word.
Quote:
not working the user still enter to DB:
Well...not in that code.
That code just checks if a user exists, and prints a message if it does - it does nothing to prevent later code from inserting a user.
That code looks like you are guessing and hoping for the best instead of sitting down and thinking about what you are trying to do: a parameter you don't use, hard coded connection strings, no INSERT code, irrelevant conversions, all sorts of stuff.
Stop, think, and design. Then throw that lot away, and code from scratch. It'll save you a lot of time in the long run, honest.