Click here to Skip to main content
15,907,687 members
Please Sign up or sign in to vote.
4.00/5 (1 vote)
See more:
Hello everyone... i have a login form which collects the password from the database... the sql database is called NumberPlate and the table is called LoginUser... i have also created a very simple registration form with only ENTER OLD PASSWORD and ENTER NEW PASSWORD...
what i want to do is from the registration form.. it should delete the old password from the LoginUser table and put a new password which i have just entered...

heres the problem...
the database is not deleting the old password and not adding the new one...

more details
1) i only having one user
2) i already have a password but i want to replace it
all i have is a 
a) login screen which contains a password text field
b) registration which only has 2 textfields of old password and new password
c) and a form which has nothing to do with users information

The user is only meant to log in and thats it... the user has no personel information in the database


iam really sry but my code is a little messed up... any help would be appreciated... if you would like more details pls do tell me... i would also appreciate if you correct the code for me...

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Data.Sql;
using System.Data.SqlClient;

namespace Number_Plate
{
    public partial class Login : Form
    {
        public Login()
        {
            InitializeComponent();
        }

        SqlDataAdapter da = new SqlDataAdapter();
        SqlConnection sc = new SqlConnection("Data Source=MAAZA-PC;Initial Catalog=NumberPlates;Integrated Security=True");

        private void BtnLogin_Click(object sender, EventArgs e)
        {
            try
            {
                sc.Open();
            }
            catch (Exception)
            {
                MessageBox.Show("Did not connect");
            }
            SqlCommand cmd = new SqlCommand("SELECT * FROM LoginUser", sc);
            cmd.Connection = sc;
            SqlDataReader reader = null;
            reader = cmd.ExecuteReader();
            while (reader.Read())
            {
                if (TxtOldPassword.Text == (reader["Password"].ToString()) && TxtPassword.Text.ToString().Length > 0)
                {
                    <pre>int x;

                    da.UpdateCommand = new SqlCommand("UPDATE LoginUser SET password=@password", sc);
                    da.UpdateCommand.Parameters.Add("@Password", SqlDbType.VarChar).Value = TxtPassword.Text;
                    sc.Open();
                    x = da.UpdateCommand.ExecuteNonQuery();
                    sc.Close();

                    if (x >= 1)
                    MessageBox.Show("Password reset"
);
}
else
{
MessageBox.Show("Pawwsord not reset");
}
}
}
}
}

SQL
now the error is coming as "connection was not closed. connection state still opened"

but what is suppose to happen is tht the LoginUser table should be updated and password is suppose to be the one in TxtPassword

thanks both of u...
Posted
Updated 7-Dec-11 4:22am
v6
Comments
Uday P.Singh 7-Dec-11 10:22am    
you need to put sc.Close(); in finally block.
Maazatron 7-Dec-11 10:26am    
dident work...
Uday P.Singh 7-Dec-11 10:31am    
what didn't work? have tried this:
try
{
sc.Open();
}
catch (Exception)
{
MessageBox.Show("Did not connect");
}
finally{
sc.Close();
}

Other than "my code is a little messed up" you haven't indicated what the problem is.
However, there a couple of thing to improve.

You shouldn't use SELECT *, specify the columns you want. One it reduces the number of columns returned, thus size and performance are effected, and two it doesn't give SQL Server (assuming SQL Server) the change to optimize the TDS returned.

DELETE ... WHERE password = @password. What happens in the event users have the same password? A remote possibility perhaps but it will happen. You shouldn't be storing passwords as text anyway, they should be hashed and you delete based on the primary key of the table.

INSERT INTO... You have no filter on this. It will insert the value to ALL rows in the table.
 
Share this answer
 
Comments
Kschuler 7-Dec-11 9:42am    
Ha. Beat me by 55 seconds.
Uday P.Singh 7-Dec-11 10:17am    
5ed :), why to delete when we can update.
It would help if you would describe in more detail what isn't working and how you would like it to work. But here is what I can see so far...

First of all, you don't really want to use a DELETE and then an INSERT. A delete will delete an entire user record, and it sounds like all you really want to do is update the password. You should be using an UPDATE statement.

Secondly, your WHERE is flawed. You are deleting an entire user record based on the password. So if two users both happened to have the exact same password you would delete BOTH of them. The WHERE portion should be targetting some unique identifier to the user, such as a user name or ID number of some type.

Thirdly, good job on using parameters.

I think, in general, you are looking for a statement like this:

C#
UPDATE LoginUser SET password=@password WHERE LoginUserID=@UserID
 
Share this answer
 
Comments
Kschuler 7-Dec-11 10:14am    
In the future, if you have more information for your question, please use the Improve Question button and add it there. In regards to your problem, if your database does not currently contain a record for the user then I was wrong in telling you to use the UPDATE. I thought you were replacing an old password with a new password on a previously existing user record. Now it sounds like you are creating a new user. In that case you are right to use the INSERT. What fields do you have in your LoginUser table? If you are doing an INSERT then you may need to update more information than just a password.
Maazatron 7-Dec-11 10:23am    
sry for the confusion... i have updated the question..
the database already has a password... i only want to update it...
Uday P.Singh 7-Dec-11 10:15am    
5ed :)

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900