You can implement this something like:
SqlConnection conn = new SqlConnection();
conn.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["leave"].ConnectionString;
conn.Open();
string uname = TextBox1.Text;
string ps = Textbox2.Text;
SqlCommand cmd = new SqlCommand("Select uname, pswd from emp_details where uname =@uname and pswd =@ps", conn);
cmd.Parameters.Add(new SqlParameter("@uname", "db username here"));
cmd.Parameters.Add(new SqlParameter("@ps", "db pasword here"));
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
label1.text=Server.HtmlEncode(Request.UserHostAddress);
}