I am not able to change password in asp.net using c#

Question

0.00/5 (No votes)

See more:

This is on button click code of login page and i have store company id in session

C#

protected void clogin_Click(object sender, EventArgs e)
       {
           SqlConnection con = new SqlConnection("Data Source=jayraj-pc\\sqlexpress;Initial Catalog=Internship;Integrated Security=True;Pooling=False");

           con.Open();
           SqlCommand cmd = new SqlCommand("select * from Companies where UserName=@cusername and Password=@password", con);
           cmd.Parameters.AddWithValue("@cusername", cuname.Text);
           cmd.Parameters.AddWithValue("@password", cpwd.Text);
           SqlDataAdapter da = new SqlDataAdapter(cmd);
           DataTable dt = new DataTable();
           da.Fill(dt);
           if (dt.Rows.Count > 0)
           {
               Session["CompanyID"] = dt.Rows[0]["CompanyID"].ToString();
             //  Session["Username"] = cuname.Text;
               Response.Redirect("CompanySettings.aspx");
           }
           else
           {
               ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>");
           }

       }

This is on button click code of change password. i have three text boxes
1-Current Password
2-New Password
3- confirm new password

the error i got is this lable- lblError.Text = "Please enter correct Current password";

C#

protected void Button1_Click(object sender, EventArgs e)
        {

            ChangePassword();
        }

        private void ChangePassword()
        {
            con.Open();
            string str = "select * from Companies";
            SqlCommand com = new SqlCommand(str, con);
            SqlDataReader reader = com.ExecuteReader();

            while (reader.Read())
            {
                if (currentpassword.Text == reader["Password"].ToString())
                {
                    //   up = 1;

                    // con.Open();
                    str = "update Companies set Password='" + newpassword.Text + "'  where CompanyID=" + Session["CompanyID"].ToString() + "";
                    com = new SqlCommand(str, con);

                    com.ExecuteNonQuery();
                    con.Close();


                    lblError.Text = "Password changed Successfully";

                }
                else
                {


                    lblError.Text = "Please enter correct Current password";

                }
            }

Posted 11-Mar-14 1:25am

jayraj86

Add a Solution

Comments

ArunAmalraj 11-Mar-14 7:29am

if (currentpassword.Text == reader["Password"].ToString())

I think it you should check != instead of using == .

if (currentpassword.Text != reader["Password"].ToString())

ArunAmalraj 11-Mar-14 7:29am

I was wrong.

ZurdoDev 11-Mar-14 7:31am

Just debug it and see what is happening.

ArunAmalraj 11-Mar-14 7:31am

Try using Val(currentpassword.Text) instead of currentpassword.Text

jayraj86 11-Mar-14 7:36am

The name 'Val' does not exist in current context

Nandakishore G N 11-Mar-14 7:35am

what are you doing here? fetching all records again ,validating the records, and then updating... inline queries.No ,create stored procedure to update password . because you already have PrimaryKey CompanyId in session. just pass the PK and update the password. Search in google you'll get many examples of using SP to update record.

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

MAYANK GEETE · Answer 1 · 2014-03-11T01:34:00

Solution 1

Try to use datatable instead of datareader ..may b it will help...!

Posted 11-Mar-14 1:34am

MAYANK GEETE

SanSkun · Answer 2 · 2014-03-11T01:45:00

Solution 2

Hi,
Try to use dataset instead of datareader.like

C#

    string str = "select * from Companies where CompanyID='" + Session["CompanyID"].ToString() + "'";
SqlCommand com = new SqlCommand(str, con);
SqlDataAdapter da = new SqlDataAdapter(com);
DataSet ds = new DataSet();
da.Fill(ds);
if(ds.Tables[0].Rows.Count>0)
{
    if(currentpassword.Text ==ds.Tables[0].Rows[0]["password"])
    {
        // con.Open();
            str = "update Companies set Password='" + newpassword.Text + "'  where CompanyID=" + Session["CompanyID"].ToString() + "";
            com = new SqlCommand(str, con);

            com.ExecuteNonQuery();
            con.Close();


            lblError.Text = "Password changed Successfully";
    }
}

Posted 11-Mar-14 1:45am

SanSkun

Updated 11-Mar-14 1:46am

v2

Comments

jayraj86 11-Mar-14 7:52am

Same error !!

jayraj86 11-Mar-14 7:58am

and warning on line if(currentpassword.Text ==ds.Tables[0].Rows[0]["password"])

Possible unintended reference comparison; to get a value comparison, cast the right hand side to type 'string'

SanSkun 11-Mar-14 8:01am

sorry please write
if(currentpassword.Text ==ds.Tables[0].Rows[0]["password"].ToString())

jayraj86 11-Mar-14 8:04am

same error

Please enter correct Current password

SanSkun 11-Mar-14 8:07am

Can u please check by giving breakpoint at if(currentpassword.Text ==ds.Tables[0].Rows[0]["password"].ToString()) and check the value of both the field.Because it will work fine.Your if block is not executing.Please check that value once and let me know the error for same.Or else check this working fine

http://www.codeproject.com/Answers/741439/Csharp-Code-to-change-password-in-asp-net-on-but#answer2

jayraj86 11-Mar-14 8:13am

currentpassword.Text "123" string
ds.Tables[0].Rows[0]["Password"] "123 "object {string}

SanSkun 11-Mar-14 8:17am

One time try to change the code like

string currentpasword = currentpassword.Text;
string password = ds.Tables[0].Rows[0]["password"].ToString();

if (currentpasword == password)
{
//do code
}
and let me know this is working or not

jayraj86 11-Mar-14 8:54am

Same error ;\

SanSkun 11-Mar-14 9:42am

can pls send me that page with database at santoshatbangalore@gmail.com...if possible...

jayraj86 12-Mar-14 1:00am

I can send you aspx and cs file but database file is bit large.

SanSkun 12-Mar-14 11:49am

okk i will create for that plz send i will check then reply u

jayraj86 12-Mar-14 12:15pm

Thanks but the problem has been solved!

SanSkun 12-Mar-14 14:04pm

May I know what was the issue in that code.??

R-a-v-i-k-u-m-a-r · Answer 3 · 2014-03-11T02:17:00

Solution 3

Here you getting all company records thats why you are getting error. Modify your query as shown below.

"select * from Companies where CompanyId="+Convert.ToInt32(Session[CompanyId]);

This may help you.

Posted 11-Mar-14 2:17am

R-a-v-i-k-u-m-a-r

Comments

jayraj86 11-Mar-14 9:24am

not working