Modifying a password through stored procedure in ASP.NET

Chris Sells

Published: 09 Feb 2004

I have three textboxes: username, password new password and I want to modify the password through stored procedure in ASP.NET. How do I do this?
There are a couple different ways of doing this. The most efficient would be to use a single stored procedure that would check current username/password and then update if appropriate. It would return a value indicating success/failure, and its cause. In this case, 0 could be "updated successfully", 1 could be "invalid user name", and 2 "invalid current password":


ALTER PROCEDURE UpdatePassword
 (
  @username varchar (50),
  @password varchar (10), 
  @newpassword varchar (10)
 )
AS

IF NOT EXISTS(SELECT Password FROM Users WHERE UserName=@username)
 RETURN 1
IF NOT EXISTS(SELECT Password FROM Users WHERE UserName=@username AND Password=@password)
 RETURN 2

UPDATE Users SET Password=@newpassword WHERE UserName=@username AND Password=@password
RETURN 0

You can execute this SP with the following code:

IDbConnection cn = new System.Data.SqlClient.SqlConnection("Data Source=.;Database=Dottext;Integrated Security=true;");
IDbCommand cmd = cn.CreateCommand();
cmd.CommandText = "UpdatePassword";
cmd.CommandType = CommandType.StoredProcedure;

IDbDataParameter prm = cmd.CreateParameter();
prm.ParameterName = "@username";
prm.Value = txtUserName.Text;
cmd.Parameters.Add( prm );

prm = cmd.CreateParameter();
prm.ParameterName = "@password";
prm.Value = txtPassword.Text;
cmd.Parameters.Add( prm );

prm = cmd.CreateParameter();
prm.ParameterName = "@newpassword";
prm.Value = txtNewPassword.Text;
cmd.Parameters.Add( prm );

prm = cmd.CreateParameter();
prm.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add( prm );

cn.Open();
cmd.ExecuteNonQuery();
int result = (int) prm.Value;

switch (result)
{
  case 0:
    //Everything OK
    break;
  case 1:
    //Username wrong
    break;
  case 2:
    //Current pwd wrong
    break;
}

I suggest you use the latest Microsoft Data Access Application block instead of manually doing all this: http://msdn.microsoft.com/library/en-us/dnbda/html/daab-rm.asp.

Actually, you should take a look at all application blocks, as they usually solve frequent problems you will find in a consistent, well-documented and best-practices-based way.

Modifying a password through stored procedure in ASP.NET

Dig Deeper on ASP.NET development best practices

How to attach databases to custom SQL Server containers

partner relationship management (PRM)

A Red Hat Satellite tutorial to install an update server

Upgrades to Salesforce PRM app target high-tech, manufacturing

Related Q&A from Chris Sells

Getting error: 'Meta data file 'System.Net.dll' could not be found

Save/load to XML while preserving a an animated GIF's file properties

I'm getting a lot of flickering on my application

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudComputing

7 Google Cloud database options to free up your IT team

Microsoft Azure capacity woes don't signal the worst

4 hybrid cloud use cases that can help enterprises

SearchSoftwareQuality

Automate security testing and scans for DevSecOps success

Reduce these forms of AI bias from devs and testers

How to set up a chaos engineering game day

TheServerSide.com

How to refactor the God object antipattern

Oracle ships Java 14 with new preview, productivity features

6 top webpage performance metrics to monitor