how to change the password ?the new password must updated in two tabels

Posted by Chaithragm under C# on 12/26/2012 | Points: 10 | Views : 867 | Status : [Member] | Replies : 4
I have used this code but its not working..
if anyone knows please help me in doing this
protected void change_password_btn_Click(object sender, EventArgs e)
{
string old_pwd, new_pwd, comfirm_pwd;
old_pwd = old_txt.Text.ToString();
new_pwd = new_txt.Text.ToString();
comfirm_pwd = confirm_txt.Text.ToString();
using (SqlConnection con = con_manager.getcon())
{
string sql = "select * from login where password='" + old_pwd + "'";
SqlCommand command = new SqlCommand(sql, con);
command.CommandType = CommandType.Text;
SqlDataReader dr;
dr = command.ExecuteReader();
if (dr.Read())
{
string sql1 = "update login,user_register set login.password='"+new_pwd+"',user_register.password='"+new_pwd+"' where login.reg_id=user_register.row_id";
this.ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('password change sucessfull'); window.location.href = 'ChangePassword.aspx';", true);
}

}




Responses

Posted by: Pavanandey on: 12/26/2012 [Member] Bronze | Points: 25

Up
0
Down
string sql = "select * from login where password='" + old_pwd + "' and userid = value "; //since same password can be used by multiple users pass user id also in where condition

you have written an update statement but where are you executing the command

mark answer if this helps you

Thanks
Pavan Kumar
Mark Answer if this fits the need

Chaithragm, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Chaithragm on: 12/26/2012 [Member] Starter | Points: 25

Up
0
Down
its working now....
protected void change_password_btn_Click(object sender, EventArgs e)
{

old_pwd = old_txt.Text.ToString();
new_pwd = new_txt.Text.ToString();
comfirm_pwd = confirm_txt.Text.ToString();
using (SqlConnection con = con_manager.getcon())
{
string sql = "select * from login where password='" + old_pwd + "'";
SqlCommand command = new SqlCommand(sql, con);
command.CommandType = CommandType.Text;
SqlDataReader dr;
dr = command.ExecuteReader();
if (dr.Read())
{
updatelogin();
update_register();
}
this.ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('password change sucessfull'); window.location.href = 'ChangePassword.aspx';", true);
}
}
private void updatelogin()
{
SqlConnection con1 = con_manager.getcon();

string sql1 = "update login set password='"+new_pwd+"' where reg_id='"+reg_id+"';";
SqlCommand cmd1 = new SqlCommand(sql1, con1);
cmd1.CommandType = CommandType.Text;
cmd1.ExecuteNonQuery();
}

private void update_register()
{
SqlConnection con2 = con_manager.getcon();

string sql1 = "update user_register set password='" + new_pwd + "' where row_id='" + reg_id + "';";
SqlCommand cmd2 = new SqlCommand(sql1, con2);
cmd2.CommandType = CommandType.Text;
cmd2.ExecuteNonQuery();
}

Chaithragm, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Shipramaurya on: 12/26/2012 [Member] Starter | Points: 25

Up
0
Down
@Chaithragm

One Thing Iwould like to suggest regardless of your question ..
You have written your SQL Query Like This :
 string sql = "select * from login where password='" + old_pwd + "'";  


Instead use
 string sql = "select * from login where password='" + old_pwd + "'  COLLATE SQL_Latin1_General_CP1_CS_AS";  


If u use first query it will not check for case sensitivity of password
for e.g. If You have a user 'asdf' with password 'asdf' and you have old_pwd = ASDF then

select * from login where password='" + old_pwd + ""; 
will return you row,
but if you include COLLATE SQL_Latin1_General_CP1_CS_AS then it wil not return anything...

COLLATE SQL_Latin1_General_CP1_CS_AS can be used in a query wherever you want to compare data for case-sensitivity .











@Shipra - S.M. Techie

Chaithragm, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Chaithragm on: 12/26/2012 [Member] Starter | Points: 25

Up
0
Down
Thanks for the information..

Chaithragm, if this helps please login to Mark As Answer. | Alert Moderator

Login to post response