Aside from what Jonathan says about the missing result.moveToFirst() call:*
Problem 1:* It looks like you are mixing client with server code. It makes little sense to me why you want user authentication in your Android application. But maybe you're trying to create something like a web server that runs on Android. *Problem 2:* You don't use a prepared statement for your query. What if your user enters the name: ' OR 1=1; -- That's a login without correct credentials. Your string concatenation gets you the following query: SELECT user,password FROM user WHERE user='*' OR 1=1; --*'AND password='' If you would use the following query instead you can avoid this problem: db.rawQuery("SELECT count(*) FROM user WHERE user=? AND password=?", new String[] {user, password}); I also changed the projection in that SELECT query because it is kind of redundant to query data you already know. On Saturday, December 8, 2012 1:10:11 AM UTC-6, laxman k wrote: > > > <https://lh3.googleusercontent.com/-52PJkgV5W3c/UMLnpoSeUNI/AAAAAAAAAOo/LpgB6v8DfIA/s1600/Capture.JPG> > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en