how we can retrieve and update password from sql server in c#

Question

0.00/5 (No votes)

See more:

hi any body help about this question.

i have one form in that i am having 3 labels and 3 textboxes.
old password,new password and retype password.
i gave those fields data into database table.
i want to retrieve that old password into database and update new password details.
and also check new password and retype password are same or not.
how can i solve this problem?

thanks in advance.

Posted 10-Apr-11 21:02pm

leelavathikuna

Updated 10-Apr-11 21:05pm

v2

Add a Solution

4 solutions

Solution 1

1)Based on some id/username hit the db Use a datareader/adapter to get the old password from the database table.
2)Use a compare validator to compare the two text boxes of entered new passwords.
3)Take the value from one of the textboxs(new password) and update it in database with the old password.
Try..

Posted 10-Apr-11 21:18pm

m@dhu

Comments

leelavathikuna 11-Apr-11 3:24am

thanku.

Solution 4

You can use DataTable and DataAdapter to retrive the password

----------------------------------

Use the code after you make the connection with sql server and enter the select query...

<pre lang="midl">
     SqlCommand cmd = ....;

    ........
    
     DataTable DTBL = null;
     SqlDataAdapter Adapter = new SqlDataAdapter(cmd);


     DTBL = new DataTable();
     Adapter.Fill(DTBL);
     
     string id = DTBL.Rows[Row].ItemArray[0].ToString();
     string password = DTBL.Rows[Row].ItemArray[1].ToString();

---------------------------------------------

Now to update password use the following sql query..

-----------------------------------

string sql = "update tbl_name set password = @password where id=@id";
     SqlCommand cmd1 = new SqlCommand(sql, conn);
     
     cmd1.Parameters.AddWithValue("@password", txt_password.Text);
     cmd1....
     
   try
   {
     conn.open();
     cmd1.ExecuteNonQuery();
     MessageBox("type some string");
   }
   catch
   {
    MessageBox("Type some string");
   }

   finally
   {
    conn.close();
   }

-------------------------------
I hope it worked......

Posted 11-Apr-11 0:42am

Santoshshrest

Solution 3

Session["password"] = txtnewpassword .Text;
ds = new DataSet();
ad = new SqlDataAdapter("select * from adminlogin where LoginName='" + txtusername.Text + "' and LoginPassword='" + txtoldpassword .Text + "'", (SqlConnection)Application.Get("VNIT"));
ad.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
ds.Tables[0].Rows[0].BeginEdit();
ds.Tables[0].Rows[0][2] = txtnewpassword.Text;
ds.Tables[0].Rows[0].EndEdit();
SqlCommandBuilder cmd = new SqlCommandBuilder(ad);
ad.Update(ds);

lblmsg.Text = "YourPassword is Successfully Changed";
lblmsg.ForeColor = Color.Green ;
}
else
{
lblmsg.Text = "Please Enter Valid User";
lblmsg.ForeColor = Color.Red;
}

in this way u can update password

Posted 10-Apr-11 23:43pm

anilkumar1986

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2011-04-10T21:22:00

Rule one: Never store passwords in your database.

Think about it: if anyone gets access to your DB, they get access to everyones passwords. Since many people use the same password for every system, this is a potential major security breach.

Instead, use a hashing function to convert the userID and the password he typed to a hash value (look at SHA - it's in .NET as part of the System.Cryptography namespace, and very easy to use).

Store that instead.

When the user wants to log in, take the UserID he enters, again with the password he typed, and use the same hash function. Compare that with the database version stored for that userID. If they are the same, log him in. If note, tell him he made a mistake.

This way, noone - not even you - can tell what someones password is.

To check if the new password and the retype password are the same:

if (textboxNewPassword.Text == textboxRetypePassword.Text)
   {
   // They are the same...
   }

To update the password, use the same hashing process, then use the SQL UPDATE command:

using (SqlCommand com = new SqlCommand("UPDATE usersTable SET password=@PS WHERE userID=@ID", con))
   {
   com.Parameters.AddWithValue("@ID", userID);
   com.Parameters.AddWithValue("@PS", myHashedValue);
   com.ExecuteNonQuery();
   }