Try:
SELECT * FROM myTable WHERE name='Name' AND userId='UserId'
Just do it with a parametrized query:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand cmd = new SqlCommand("SELECT iD, description FROM myTable WHERE userName=@UN AND userId=@UI", con))
{
cmd.Parameters.AddWithValue("@UN", myUserNameTextBox.Text);
cmd.Parameters.AddWithValue("@UI", myUserIdTextBox.Text);
using (SqlDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
int id = (int) reader["iD"];
string desc = (string) reader["description"];
Console.WriteLine("ID: {0}\n {1}", iD, desc);
}
}
}
}