Hi,
Could anyone notice what could be wrong with the following function:
public string Login(string username, string password)
{
string result = "";
string select = "SELECT user_id FROM [user] WHERE username = @username AND password = @password";
SqlConnection conn = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(select, conn);
cmd.Parameters.AddWithValue("username", username);
cmd.Parameters.AddWithValue("password", password);
int userID = 0;
try
{
conn.Open();
userID = (int)cmd.ExecuteScalar();
if(userID > 0)
{
result = addSession(userID);
}
}
catch(Exception ex)
{
string sDummy = ex.ToString();
}
return result;
}
Don't know why the line `userID = (int)cmd.ExecuteScalar(); throws an exception.
Thanks