Try:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand com = new SqlCommand("SELECT username,email,pasword FROM myTable WHERE username=@UN", con))
{
com.Parameters.AddWithValue("@UN", username);
using (SqlDataReader reader = com.ExecuteReader())
{
if (reader.Read())
{
...
}
}
}
}
BTW: I hope you aren't storing passwords in the DB in clear text? There is a Tip here that explains this:
Password Storage: How to do it.[
^]