Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
protected void Button1_Click(object sender, EventArgs e)
    {
        try
        {
        cmd.Connection = con;
        con.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["loginconnectionstring"].ConnectionString;
        con.Open();
        if (TextBox3.Text != TextBox2.Text)
        {
            Label5.Visible = true;
            Label5.Text = "Password Doesn't Match Please try Again";
        }
            cmd .CommandType=CommandType .StoredProcedure;
            cmd .CommandText="passchange";
            cmd .Parameters .AddWithValue("@uname", TextBox4.Text);
            cmd .Parameters .AddWithValue ("@pass", TextBox2 .Text);
            cmd .ExecuteNonQuery();
            Label7.Visible = true;
            Label7.Text = "Password Updated Successully";
        }
        catch(Exception ex)
        {
            Label6 .Visible =true;
            Label6 .Text = ex .ToString();
        }
        finally 
        {
            con .Close();
        }
    }
 

 
ALTER proc [dbo].[passchange] 
(
@uname varchar(50),@upass varchar(50)
)
as
update test3 set pass=@upass where username=@uname
Posted 22-Apr-13 21:53pm
rgboss324
Comments
Tadit Dash at 23-Apr-13 2:56am
   
What is the exception ?
Prasad Khandekar at 23-Apr-13 2:58am
   
You may want to change your code as
 
if (TextBox3.Text != TextBox2.Text)
{
Label5.Visible = true;
Label5.Text = "Password Doesn't Match Please try Again";
}
else
{
cmd .CommandType=CommandType.StoredProcedure;
cmd .CommandText="passchange";
cmd .Parameters.AddWithValue("@uname", TextBox4.Text);
cmd .Parameters.AddWithValue ("@pass", TextBox2 .Text);
cmd .ExecuteNonQuery();
Label7.Visible = true;
Label7.Text = "Password Updated Successully";
}
arthamsai at 23-Apr-13 2:59am
   
You Entered Again cmd.CommandText="passchange";
This Is Wrong Because Your Are Using Stored Procedure .
SqlCommand cmd = new SqlCommand("DeleteBook", con);
Here DeleteBook is Stored Procedure Name.
Replace
cmd.CommandText="passchange"; to SqlCommand cmd = new SqlCommand("DeleteBook", con);
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

hello,
 
Your parameter name in procedure and passing in coding are different.
 

you are passing @upass in procedure and @pass in coding.
 

 

Thanks,
Abhimanyu
  Permalink  
Comments
rgboss at 23-Apr-13 3:37am
   
thanks abhi
 
it was my mistake
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

Please, don't store passwords in clear text - it is a huge security risk. Have a look here: Password Storage: How to do it.[^]
 
Plus, it is a good practice to do all your validation at the start of a method, so you don't wate time or resources loading stuff you won't use - except in you case, if the new passwords don't match you report a problem and them overwrite the old password anyway, so the user doesn't have a clue what his password is...
 
Other than that, check your names: "@upass" is not the same as "@pass"...
  Permalink  
Comments
rgboss at 23-Apr-13 3:38am
   
thank you very much
OriginalGriff at 23-Apr-13 3:47am
   
You're welcome!
rgboss at 23-Apr-13 5:13am
   
There is one more problem in checking username and old password. canu help me???
OriginalGriff at 23-Apr-13 5:14am
   
Depends! :laugh:
What's the problem?
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

you are using different name for parameter in SP and coding.
  Permalink  
Comments
rgboss at 23-Apr-13 3:37am
   
thanks and
sorry...
it was my typing mistake

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web01 | 2.8.150326.1 | Last Updated 23 Apr 2013
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100