Sunday, August 3, 2014

Change Password

createtable Login_Tb
(Id IntPrimaryKeyIdentity,
UserName varchar(100),
Passwordvarchar(100))
CREATEPROCEDURE Change_Pwd_sp
(
                @username   VARCHAR(100),
                @old_pwd  VARCHAR(50),
                @new_pwd  VARCHAR(50),
                @status  intOUTPUT
)
AS
BEGIN

IFEXISTS(SELECT*FROM Login_Tb WHERE UserName COLLATE Latin1_general_CS_AS=@username AND [PASSWORD] COLLATE Latin1_general_CS_AS=@old_pwd)
BEGIN
UPDATE Login_Tb SET [PASSWORD]=@new_pwd WHERE UserName=@username
SET @status=1
END
ELSE
BEGIN
SET @status=0
END
END
--RETURN @status

<%@PageLanguage="C#"AutoEventWireup="true"CodeFile="Changepasswordcode.aspx.cs"
Inherits="Changepasswordcode"%>

<!DOCTYPEhtmlPUBLIC"-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<htmlxmlns="http://www.w3.org/1999/xhtml">
<headrunat="server">
<title></title>
</head>
<body>
<formid="form1"runat="server">
<div>
<fieldsetstyle="width: 350px;">
<legend>Change password example in asp.net</legend>
<table>
<tr>
<td>
                        User Name: *
</td>
<td>
<asp:TextBoxID="txtUserName"runat="server"></asp:TextBox><br/>
<asp:RequiredFieldValidatorID="rfvuserName"runat="server"ErrorMessage="Please enter User Name"
ControlToValidate="txtUserName"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>
</td>
</tr>
<tr>
<td>
                        Old Password: *
</td>
<td>
<asp:TextBoxID="txtOldPwd"runat="server"TextMode="Password"></asp:TextBox><br/>
<asp:RequiredFieldValidatorID="rfvOldPwd"runat="server"ErrorMessage="Please enter old password"
ControlToValidate="txtOldPwd"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>
</td>
</tr>
<tr>
<td>
                        New Password: *
</td>
<td>
<asp:TextBoxID="txtNewPwd"runat="server"TextMode="Password"></asp:TextBox><br/>
<asp:RequiredFieldValidatorID="rfvNewPwd"runat="server"ErrorMessage="Please enter new password"
ControlToValidate="txtNewPwd"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>
</td>
</tr>
<tr>
<td>
                        Confirm Password: *
</td>
<td>
<asp:TextBoxID="txtConfirmPwd"runat="server"TextMode="Password"></asp:TextBox><br/>
<asp:RequiredFieldValidatorID="rfvConfirmPwd"runat="server"ErrorMessage="Please re-enter password to confirm"
ControlToValidate="txtConfirmPwd"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>
<asp:CompareValidatorID="cmvConfirmPwd"runat="server"ControlToCompare="txtNewPwd"
ControlToValidate="txtConfirmPwd"Display="Dynamic"ErrorMessage="New and confirm password didn't match"
ForeColor="Red"SetFocusOnError="True"></asp:CompareValidator>
</td>
</tr>
<tr>
<td>
&nbsp;
</td>
<td>
<asp:ButtonID="btnSubmit"runat="server"Text="Change Password"OnClick="btnSubmit_Click"/>
</td>
</tr>
<tr>
<tdcolspan="2">
<asp:LabelID="lblStatus"runat="server"Text=""></asp:Label>
</td>
</tr>
</table>
</fieldset>
</div>
</form>
</body>
</html>

using System;
usingSystem.Collections.Generic;
usingSystem.Linq;
usingSystem.Web;
usingSystem.Web.UI;
usingSystem.Web.UI.WebControls;
usingSystem.Data;
usingSystem.Data.SqlClient;
usingSystem.Configuration;


publicpartialclassChangepasswordcode : System.Web.UI.Page
{
protectedvoidPage_Load(object sender, EventArgs e)
    {

    }
protectedvoidbtnSubmit_Click(object sender, EventArgs e)
    {
try
        {
SqlConnection con = newSqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);
SqlCommandcmd = newSqlCommand("Change_Pwd_sp", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@username", txtUserName.Text.Trim());
cmd.Parameters.AddWithValue("@old_pwd", txtOldPwd.Text.Trim());
cmd.Parameters.AddWithValue("@new_pwd", txtNewPwd.Text.Trim());

cmd.Parameters.Add("@Status", SqlDbType.Int);
cmd.Parameters["@Status"].Direction = ParameterDirection.Output;
con.Open();
cmd.ExecuteNonQuery();
cmd.Dispose();
con.Close();
//read the return value (i.e status) from the stored procedure
intretVal = Convert.ToInt32(cmd.Parameters["@Status"].Value);
if (retVal == 1)
            {
lblStatus.Text = "Password has been changed successfully";
// Or show in messagebox using: ScriptManager.RegisterStartupScript(this, this.GetType(), "Message", "alert('Password has been changed successfully');", true);
            }
else
            {
lblStatus.Text = "Wrong old username/password. Please re-enter.";
// Or show in messagebox using: ScriptManager.RegisterStartupScript(this, this.GetType(), "Message", "alert('Wrong username/password. Please re-enter.');", true);
            }
        }
catch (Exception ex)
        {
ScriptManager.RegisterStartupScript(this, this.GetType(), "Message", "alert('Oops!! following error occured : " + ex.Message.ToString() + "');", true);
// Response.Write("Oops!! following error occured: " +ex.Message.ToString());          
        }
    }

}