My login routine in my app is not directing me to the main form

I am building a Windows form application using VS2010. I want to read the userid and password and check their validity with the database. If a proper match is found, I want to direct the user to the main form. My code is currently not directing when I enter the proper credentials. What might be the cause?

string connectionstring = "Data Source=localhost;Initial Catalog=HMS;Persist Security Info=True;User ID=Developer;Password=abc@123";
SqlConnection connection = new SqlConnection(connectionstring);

string SelectStatement = "SELECT * FROM Users where UserID = '@UserID' and Password = '@password'";
SqlCommand insertcommand = new SqlCommand(SelectStatement, connection);
insertcommand.Parameters.AddWithValue("@UserID", textBox1.Text);
insertcommand.Parameters.AddWithValue("@password", textBox2.Text);
SqlDataReader reader;

  reader = insertcommand.ExecuteReader();

  while (reader.Read())
    string userid = reader["UserID"].ToString();
    string pass = reader["Password"].ToString();
    if (userid == textBox1.Text.ToString() && pass == textBox2.Text.ToString()) // login successful
      Mainform main = new Mainform();
      MessageBox.Show("Invalid Username or Password!");
  }//end while
  catch (Exception ex)
  throw ex;

}//end catch


First, do not store the password as raw text in the database. That is just asking for trouble. You should store a salted hash in the database and compute the hash in the client and compare those.

Second, try main.ShowDialog() to get your main form to stay up.

