Change Password

 

createtable Login_Tb

(Id IntPrimaryKeyIdentity,

UserName varchar(100),

Passwordvarchar(100))

CREATEPROCEDURE Change_Pwd_sp

(

                @username   VARCHAR(100),

                @old_pwd  VARCHAR(50),

                @new_pwd  VARCHAR(50),

                @status  intOUTPUT

)

AS

BEGIN

IFEXISTS(SELECT*FROM Login_Tb WHERE UserName COLLATE Latin1_general_CS_AS=@username AND [PASSWORD] COLLATE Latin1_general_CS_AS=@old_pwd)

BEGIN

UPDATE Login_Tb SET [PASSWORD]=@new_pwd WHERE UserName=@username

SET @status=1

END

ELSE

BEGIN

SET @status=0

END

END

--RETURN @status

<%@PageLanguage="C#"AutoEventWireup="true"CodeFile="Changepasswordcode.aspx.cs"

Inherits="Changepasswordcode"%>

<!DOCTYPEhtmlPUBLIC"-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<htmlxmlns="http://www.w3.org/1999/xhtml">

<headrunat="server">

<title></title>

</head>

<body>

<formid="form1"runat="server">

<div>

<fieldsetstyle="width: 350px;">

<legend>Change password example in asp.net</legend>

<table>

<tr>

<td>

                        User Name: *

</td>

<td>

<asp:TextBoxID="txtUserName"runat="server"></asp:TextBox><br/>

<asp:RequiredFieldValidatorID="rfvuserName"runat="server"ErrorMessage="Please enter User Name"

ControlToValidate="txtUserName"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>

</td>

</tr>

<tr>

<td>

                        Old Password: *

</td>

<td>

<asp:TextBoxID="txtOldPwd"runat="server"TextMode="Password"></asp:TextBox><br/>

<asp:RequiredFieldValidatorID="rfvOldPwd"runat="server"ErrorMessage="Please enter old password"

ControlToValidate="txtOldPwd"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>

</td>

</tr>

<tr>

<td>

                        New Password: *

</td>

<td>

<asp:TextBoxID="txtNewPwd"runat="server"TextMode="Password"></asp:TextBox><br/>

<asp:RequiredFieldValidatorID="rfvNewPwd"runat="server"ErrorMessage="Please enter new password"

ControlToValidate="txtNewPwd"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>

</td>

</tr>

<tr>

<td>

                        Confirm Password: *

</td>

<td>

<asp:TextBoxID="txtConfirmPwd"runat="server"TextMode="Password"></asp:TextBox><br/>

<asp:RequiredFieldValidatorID="rfvConfirmPwd"runat="server"ErrorMessage="Please re-enter password to confirm"

ControlToValidate="txtConfirmPwd"Display="Dynamic"ForeColor="Red"SetFocusOnError="True"></asp:RequiredFieldValidator>

<asp:CompareValidatorID="cmvConfirmPwd"runat="server"ControlToCompare="txtNewPwd"

ControlToValidate="txtConfirmPwd"Display="Dynamic"ErrorMessage="New and confirm password didn't match"

ForeColor="Red"SetFocusOnError="True"></asp:CompareValidator>

</td>

</tr>

<tr>

<td>

&nbsp;

</td>

<td>

<asp:ButtonID="btnSubmit"runat="server"Text="Change Password"OnClick="btnSubmit_Click"/>

</td>

</tr>

<tr>

<tdcolspan="2">

<asp:LabelID="lblStatus"runat="server"Text=""></asp:Label>

</td>

</tr>

</table>

</fieldset>

</div>

</form>

</body>

</html>

using System;

usingSystem.Collections.Generic;

usingSystem.Linq;

usingSystem.Web;

usingSystem.Web.UI;

usingSystem.Web.UI.WebControls;

usingSystem.Data;

usingSystem.Data.SqlClient;

usingSystem.Configuration;

publicpartialclassChangepasswordcode : System.Web.UI.Page

{

protectedvoidPage_Load(object sender, EventArgs e)

    {

    }

protectedvoidbtnSubmit_Click(object sender, EventArgs e)

    {

try

        {

SqlConnection con = newSqlConnection(ConfigurationManager.ConnectionStrings["con"].ConnectionString);

SqlCommandcmd = newSqlCommand("Change_Pwd_sp", con);

cmd.CommandType = CommandType.StoredProcedure;

cmd.Parameters.AddWithValue("@username", txtUserName.Text.Trim());

cmd.Parameters.AddWithValue("@old_pwd", txtOldPwd.Text.Trim());

cmd.Parameters.AddWithValue("@new_pwd", txtNewPwd.Text.Trim());

cmd.Parameters.Add("@Status", SqlDbType.Int);

cmd.Parameters["@Status"].Direction = ParameterDirection.Output;

con.Open();

cmd.ExecuteNonQuery();

cmd.Dispose();

con.Close();

//read the return value (i.e status) from the stored procedure

intretVal = Convert.ToInt32(cmd.Parameters["@Status"].Value);

if (retVal == 1)

            {

lblStatus.Text = "Password has been changed successfully";

// Or show in messagebox using: ScriptManager.RegisterStartupScript(this, this.GetType(), "Message", "alert('Password has been changed successfully');", true);

            }

else

            {

lblStatus.Text = "Wrong old username/password. Please re-enter.";

// Or show in messagebox using: ScriptManager.RegisterStartupScript(this, this.GetType(), "Message", "alert('Wrong username/password. Please re-enter.');", true);

            }

        }

catch (Exception ex)

        {

ScriptManager.RegisterStartupScript(this, this.GetType(), "Message", "alert('Oops!! following error occured : " + ex.Message.ToString() + "');", true);

// Response.Write("Oops!! following error occured: " +ex.Message.ToString());          

        }

    }

}