Checking if row already exists

[aahosted]

I'm trying to make validation for a registration form to check whether a username/name + surname already exists.This is what I tried:\[code\]Dim conn As New SqlConnection("Data Source=BRIAN-PC\SQLEXPRESS;Initial Catalog=master_db;Integrated Security=True") Dim registerSQL As SqlCommand Dim checkCredentialsSQL As SqlCommand Dim sqlComm As String Dim sqlCommName As String Dim sqlCommUsername As String sqlComm = "INSERT INTO users(Username, Password, Name, Surname, Address1, Address2, " + "City, Country, date_of_birth, age, Occupation, department, work_location, " + "project_manager,team_leader, team_leader_id, project_manager_id, " + "date_registration, contract_type, contract_duration) " + "VALUES(@p1, @p2,@p3,@p4,@p5,@p6,@p7,@p8,@p9,@p10,@p11,@p12,@p13,@p14,@p15," + "@p16,@p17,@p18,@p19,@p20)" sqlCommName = "SELECT name, surname FROM users WHERE name='" + txtName.Text + "' and surname='" + txtSurname.Text + "'" sqlCommUsername = "SELECT username FROM users WHERE username='" + txtUsername.Text + "'" conn.Open() checkCredentialsSQL = New SqlCommand(sqlCommName, conn) If checkCredentialsSQL.ExecuteScalar IsNot Nothing Then lblName.Text = txtName.Text + " " + txtSurname.Text + "is already registered." lblName.Visible = True Else checkCredentialsSQL = New SqlCommand(sqlCommUsername, conn) If checkCredentialsSQL.ExecuteScalar IsNot Nothing Then lblUsername.Text = "'" + txtUsername.Text + "' is already taken." Else registerSQL = New SqlCommand(sqlComm, conn) registerSQL.Parameters.AddWithValue("@p1", Username) registerSQL.Parameters.AddWithValue("@p2", Password) registerSQL.Parameters.AddWithValue("@p3", Name) registerSQL.Parameters.AddWithValue("@p4", Surname) registerSQL.Parameters.AddWithValue("@p5", Address1) registerSQL.Parameters.AddWithValue("@p6", Address2) registerSQL.Parameters.AddWithValue("@p7", City) registerSQL.Parameters.AddWithValue("@p8", Country) registerSQL.Parameters.AddWithValue("@p9", DOB) registerSQL.Parameters.AddWithValue("@p10", Age) registerSQL.Parameters.AddWithValue("@p11", Occupation) registerSQL.Parameters.AddWithValue("@p12", Department) registerSQL.Parameters.AddWithValue("@p13", WorkLocation) registerSQL.Parameters.AddWithValue("@p14", ProjectManager) registerSQL.Parameters.AddWithValue("@p15", TeamLeader) registerSQL.Parameters.AddWithValue("@p16", TeamLeaderID) registerSQL.Parameters.AddWithValue("@p17", ProjectManagerID) registerSQL.Parameters.AddWithValue("@p18", RegistrationDate) registerSQL.Parameters.AddWithValue("@p19", ContractType) registerSQL.Parameters.AddWithValue("@p20", ContractDuration) registerSQL.ExecuteNonQuery() End If End If conn.Close()\[/code\]Is it viable/safe/recommended to do it as that?