SqlConnection conn;
SqlCommand cmd;
SqlDataReader rd;
conn = new SqlConnection("Data Source=JF508-015;Initial Catalog=NetSchool;Integrated Security=True");
conn.Open();
string sqlStr = @"SELECT *
FROM [NetSchool].[dbo].[STUDENT]
where USERNAME =" + "'" + name + "'" +
"and PASSWORD =" + "'" + pass + "'";
cmd = new SqlCommand(sqlStr, conn);
rd = cmd.ExecuteReader();
string id = Request.QueryString["name"];
string website = Request.QueryString["website"];