See comments to question above.
It is not wise to store your passwords in a database.
See this article for an explanation.[
^]
Below is a simple way to achieve your goal and is just a model for the logic and not the ideal way to do this.
protected void Submit_Click(object sender, EventArgs e)
{
try
{
SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["HotConnectionString"].ConnectionString);
string cmdStr = "Select INST_ID, accessLevel, EmailAddress from Table1 where EmailAddress=@EmailAddress and Password=@Password";
SqlCommand CheckUser = new SqlCommand(cmdStr, con);
CheckUser.Parameters.AddWithValue("@EmailAddress", TextBoxEA.Text);
CheckUser.Parameters.AddWithValue("@Password", TextBoxPW.Text);
con.Open();
SqlDataReader reader = CheckUser.ExecuteReader();
DataTable dt1 = new DataTable();
dt1.Load(reader);
if (dt1.Rows.Count >= 1)
{
Response.Redirect("Login.aspx");
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "script", "alert (''User Name Is Not Recognized by The System!!!');", true);
}
catch (Exception ex)
{
}
finally
{
con.Close();
}
}