I am working on making a login system for my website. I am trying to make this code work.
cmd.CommandText="SELECT Usernames,Passwords FROM logininfo WHERE Usernames="" + UsernameInput.Text
+ "AND Passwords="" + PasswordInput.Text + '"";
Please don't concatenate SQL, that exposes you to SQL injection. Use parameters instead.
cmd.CommandText="SELECT Usernames,Passwords FROM logininfo WHERE [email protected] AND [email protected]"; cmd.Parameters.AddWithValue("@username", UsernameInput.Text); cmd.Parameters.AddWithValue("@password", PasswordInput.Text);
Also take the advice in the comment of Scott Chamberlain, it is a bad thing to store passwords in clear or encrypted on a database. Just store hashes. But read about how to do it, it's not immediate (you need to salt it correctly and use a robust hashing algorithm such as SHA512).
It's far too complex to explain here but you'll find tons of guides on this problem.