Your answer comes in 2 folds:
1. Creating asp.net login page
You can use Login control to create login page for the use. Follow the link for the detailed example
http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.aspx[
^]
2. Safeguarding your database from sql injection
You should use sql parameters to over come sql injection attacks.
Take a look at following code project article:
SQL Injection Attacks and Some Tips on How to Prevent Them[
^]
Also this MSDN magazine article
Stop SQL Injection Attacks Before They Stop You[
^]
Also, similar question is answered here, you can refer this too.
Asp.net c# login page code with sql database[
^]