WooYun.org

protected void btnSend_Click(object sender, EventArgs e)
		{
			this.btnSend.Enabled = false;
			if (int.Parse(Utils.GetTableValues("Member", "Count(MemberID)", "Name", this.txtAccount.Text.Trim(), " And Email = '" + this.txtEmail.Text.Trim() + "'").ToString()) == 0)

public static object GetTableValues(string tableName, string fieldName, string parameter, string val, string total)
		{
			string cmdText = string.Concat(new string[]
			{
				"Select ",
				fieldName,
				" From ",
				tableName,
				" Where ",
				parameter,
				" = '",
				val,
				"' ",
				total
			});
			return XpShopDB.ExecuteScalar(XpShopDB.ConnectionString, CommandType.Text, cmdText, null);
		}