Q

Modifying a password through stored procedure in ASP.NET

I have three textboxes: username, password new password and I want to modify the password through stored procedure in ASP.NET. How do I do this?
There are a couple different ways of doing this. The most efficient would be to use a single stored procedure that would check current username/password and then update if appropriate. It would return a value indicating success/failure, and its cause. In this case, 0 could be "updated successfully", 1 could be "invalid user name", and 2 "invalid current password":


ALTER PROCEDURE UpdatePassword
 (
  @username varchar (50),
  @password varchar (10), 
  @newpassword varchar (10)
 )
AS

IF NOT EXISTS(SELECT Password FROM Users WHERE UserName=@username)
 RETURN 1
IF NOT EXISTS(SELECT Password FROM Users WHERE UserName=@username AND Password=@password)
 RETURN 2

UPDATE Users SET Password=@newpassword WHERE UserName=@username AND Password=@password
RETURN 0

You can execute this SP with the following code:

IDbConnection cn = new System.Data.SqlClient.SqlConnection("Data Source=.;Database=Dottext;Integrated Security=true;");
IDbCommand cmd = cn.CreateCommand();
cmd.CommandText = "UpdatePassword";
cmd.CommandType = CommandType.StoredProcedure;

IDbDataParameter prm = cmd.CreateParameter();
prm.ParameterName = "@username";
prm.Value = txtUserName.Text;
cmd.Parameters.Add( prm );

prm = cmd.CreateParameter();
prm.ParameterName = "@password";
prm.Value = txtPassword.Text;
cmd.Parameters.Add( prm );

prm = cmd.CreateParameter();
prm.ParameterName = "@newpassword";
prm.Value = txtNewPassword.Text;
cmd.Parameters.Add( prm );

prm = cmd.CreateParameter();
prm.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add( prm );

cn.Open();
cmd.ExecuteNonQuery();
int result = (int) prm.Value;

switch (result)
{
  case 0:
    //Everything OK
    break;
  case 1:
    //Username wrong
    break;
  case 2:
    //Current pwd wrong
    break;
}

I suggest you use the latest Microsoft Data Access Application block instead of manually doing all this: http://msdn.microsoft.com/library/en-us/dnbda/html/daab-rm.asp.

Actually, you should take a look at all application blocks, as they usually solve frequent problems you will find in a consistent, well-documented and best-practices-based way.

This was last published in February 2004

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudComputing

SearchSoftwareQuality

SearchSOA

TheServerSide

SearchCloudApplications

Close