How to pass SQL vars?

Hey, I am not that experienced with SQL in Unity (or rather with c#)

However I am trying to use my webserver (MySQL server) for storing the user data,
here’s my function a good friend wrote for me to do SQL queries:

// MySQL Query
    public static void doQuery(string sqlQuery)
	{
        IDbCommand dbCommand = dbConnection.CreateCommand();
        dbCommand.CommandText = sqlQuery;
        IDataReader reader = dbCommand.ExecuteReader();
        reader.Close();
        reader = null;
        dbCommand.Dispose();
        dbCommand = null;
	}

which works very well for storing data, but In order to store data, there need to be users in the database.

As for the Login/Register, I am trying to use this codesegment:

DB.doQuery("SELECT ID, PlayerPassword FROM users WHERE PlayerName = '"+username+"';");

And that should actually work, but my main concern is:

How are the variables (ID and PlayerPassword) passed to C#/Unity? Or do I have to alter the doQuery function, as it actually returns no values whatsoever (which is unsurprising since the function is void.)

Thanks in advance :3

Thanks to ‘supercouge’ the solution is:

(..)
reader.Read ();
int returnValue;
try
{
	result[0] = reader.GetString(reader.GetOrdinal("PlayerID"));
	returnValue = int.Parse(result[0]);
}
catch (Exception ex)
{
	returnValue = -1;
	Debug.Log ("Error: "+ex);
}
(..)

And then DB.doQuery(…) returns either -1 if there is no player with that name, or the ID as an integer.