string sql = string.Format("Select * from WebUsers Where UserName='@uName' AND Email = '@eMail'");
                command = new SqlCommand();
                SqlParameter sParameter = new SqlParameter("@uName", System.Data.SqlDbType.NVarChar);
                sParameter.Value = uName;
                command.Parameters.Add(sParameter);
                sParameter = new SqlParameter("@eMail", System.Data.SqlDbType.NVarChar);
                sParameter.Value = eMail;
                command.Parameters.Add(sParameter);
                
                result = Convert.ToInt32(dal.TESTScalar(sql,command));

v DAL:

public object TESTScalar(string sql, SqlCommand sCommand)
        {
            object result;
            command = new SqlCommand(sql, connection);
            foreach (SqlParameter p in sCommand.Parameters)
            {                
                command.Parameters.AddWithValue(p.ParameterName, p.Value);
            }

            if (connection.State == ConnectionState.Open)
                result = command.ExecuteScalar();
            else
            {
                connection.Open();
                result = command.ExecuteScalar();
                connection.Close();
            }

            return result;
        }