how update password for a user in access using c#
-
I have 3 textboxes (txtoldpassword,txtnewpassword,txtconfirmpassword) and i want to take the data that dives a user and if a user password exists in access then i can update the user password. i try this but it doesn't work. private void btnSave_Click(object sender, EventArgs e) { if (txtOldPassword.Text.Length == 0 || txtNewPassword.Text.Length == 0 || txtConfPassword.Text.Length == 0) { MessageBox.Show("Please Fill all the fields."); } else if (txtNewPassword.Text != txtConfPassword.Text ) { MessageBox.Show(" Please insert again your new password."); } else { OleDbConnection connect = new OleDbConnection(); connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\user\Desktop\Laiki_Trapeza_Questionnaires.accdb;Persist Security Info=False;"; connect.Open(); OleDbCommand command = new OleDbCommand(); command.Connection = connect; command.CommandText = (@"UPDATE Users_Table SET Password= '" + txtNewPassword.Text.ToString() + "' WHERE (Password='"+txtOldPassword.Text + "')"); MessageBox.Show(" Succesfull update password!"); connect.Close(); } }
-
I have 3 textboxes (txtoldpassword,txtnewpassword,txtconfirmpassword) and i want to take the data that dives a user and if a user password exists in access then i can update the user password. i try this but it doesn't work. private void btnSave_Click(object sender, EventArgs e) { if (txtOldPassword.Text.Length == 0 || txtNewPassword.Text.Length == 0 || txtConfPassword.Text.Length == 0) { MessageBox.Show("Please Fill all the fields."); } else if (txtNewPassword.Text != txtConfPassword.Text ) { MessageBox.Show(" Please insert again your new password."); } else { OleDbConnection connect = new OleDbConnection(); connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\user\Desktop\Laiki_Trapeza_Questionnaires.accdb;Persist Security Info=False;"; connect.Open(); OleDbCommand command = new OleDbCommand(); command.Connection = connect; command.CommandText = (@"UPDATE Users_Table SET Password= '" + txtNewPassword.Text.ToString() + "' WHERE (Password='"+txtOldPassword.Text + "')"); MessageBox.Show(" Succesfull update password!"); connect.Close(); } }
You haven't really executed the query yet. call command.ExecuteNonQuery()[^] right after
command.CommantText
i.e
OleDbCommand command = new OleDbCommand();
command.Connection = connect;
command.CommandText = (@"UPDATE Users_Table SET Password= '" + txtNewPassword.Text.ToString() + "' WHERE (Password='"+txtOldPassword.Text + "')");
int rowsAffected = command.ExecuteNonQuery();
MessageBox.Show(" Succesfull update password!"); -
I have 3 textboxes (txtoldpassword,txtnewpassword,txtconfirmpassword) and i want to take the data that dives a user and if a user password exists in access then i can update the user password. i try this but it doesn't work. private void btnSave_Click(object sender, EventArgs e) { if (txtOldPassword.Text.Length == 0 || txtNewPassword.Text.Length == 0 || txtConfPassword.Text.Length == 0) { MessageBox.Show("Please Fill all the fields."); } else if (txtNewPassword.Text != txtConfPassword.Text ) { MessageBox.Show(" Please insert again your new password."); } else { OleDbConnection connect = new OleDbConnection(); connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\user\Desktop\Laiki_Trapeza_Questionnaires.accdb;Persist Security Info=False;"; connect.Open(); OleDbCommand command = new OleDbCommand(); command.Connection = connect; command.CommandText = (@"UPDATE Users_Table SET Password= '" + txtNewPassword.Text.ToString() + "' WHERE (Password='"+txtOldPassword.Text + "')"); MessageBox.Show(" Succesfull update password!"); connect.Close(); } }
To add to what jibesh said - please don't do it like that! Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
If you get an email telling you that you can catch Swine Flu from tinned pork then just delete it. It's Spam.
-
I have 3 textboxes (txtoldpassword,txtnewpassword,txtconfirmpassword) and i want to take the data that dives a user and if a user password exists in access then i can update the user password. i try this but it doesn't work. private void btnSave_Click(object sender, EventArgs e) { if (txtOldPassword.Text.Length == 0 || txtNewPassword.Text.Length == 0 || txtConfPassword.Text.Length == 0) { MessageBox.Show("Please Fill all the fields."); } else if (txtNewPassword.Text != txtConfPassword.Text ) { MessageBox.Show(" Please insert again your new password."); } else { OleDbConnection connect = new OleDbConnection(); connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\user\Desktop\Laiki_Trapeza_Questionnaires.accdb;Persist Security Info=False;"; connect.Open(); OleDbCommand command = new OleDbCommand(); command.Connection = connect; command.CommandText = (@"UPDATE Users_Table SET Password= '" + txtNewPassword.Text.ToString() + "' WHERE (Password='"+txtOldPassword.Text + "')"); MessageBox.Show(" Succesfull update password!"); connect.Close(); } }
And always use parameterized queries. And don't put the data access code in the even handler -- write a Data Access Layer. And what if multiple users have the same password? Plus your app will be "more professional" if the state of btnSave.Enabled is controlled by the TextBoxes.
-
To add to what jibesh said - please don't do it like that! Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
If you get an email telling you that you can catch Swine Flu from tinned pork then just delete it. It's Spam.
-
i cant understant where and how i must use this code at Password Storage: How to do it.[
Any particular part you don't understand?
If you get an email telling you that you can catch Swine Flu from tinned pork then just delete it. It's Spam.
-
Any particular part you don't understand?
If you get an email telling you that you can catch Swine Flu from tinned pork then just delete it. It's Spam.
I try to put the code for password cryptography in my btnSave button so that when i press this button the user password will save to the access database with cryptography view but i believe that the functions MatchSHA1, GetSHA1 and RunTest must be out from the function btnSave but i can understand the parameters that must use to call these functions. What are p1 and p2? private void btnSave_Click(object sender, EventArgs e) { if (txtOldPassword.Text.Length == 0 || txtNewPassword.Text.Length == 0 || txtConfPassword.Text.Length == 0) { MessageBox.Show("Please Fill all the fields."); } else if (txtNewPassword.Text != txtConfPassword.Text ) { MessageBox.Show(" Please insert again your new password."); } else { OleDbConnection connect = new OleDbConnection(); connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\user\Desktop\Laiki_Trapeza_Questionnaires.accdb;Persist Security Info=False;"; connect.Open(); OleDbCommand command = new OleDbCommand(); command.Connection = connect; private static bool MatchSHA1(byte[] p1, byte[] p2) { bool result = false; if (p1 != null && p2 != null) { if (p1.Length == p2.Length) { result = true; for (int i = 0; i < p1.Length; i++) { if (p1[i] != p2[i]) { result = false; break; } } } } return result; } /// /// Returns the SHA1 hash of the combined userID and password. /// /// /// /// private static byte[] GetSHA1(string userID, string password) { SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider(); return sha.ComputeHash(System.Text.Encoding.ASCII.GetBytes(userID + password)); } private static void RunTest()
-
I try to put the code for password cryptography in my btnSave button so that when i press this button the user password will save to the access database with cryptography view but i believe that the functions MatchSHA1, GetSHA1 and RunTest must be out from the function btnSave but i can understand the parameters that must use to call these functions. What are p1 and p2? private void btnSave_Click(object sender, EventArgs e) { if (txtOldPassword.Text.Length == 0 || txtNewPassword.Text.Length == 0 || txtConfPassword.Text.Length == 0) { MessageBox.Show("Please Fill all the fields."); } else if (txtNewPassword.Text != txtConfPassword.Text ) { MessageBox.Show(" Please insert again your new password."); } else { OleDbConnection connect = new OleDbConnection(); connect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\user\Desktop\Laiki_Trapeza_Questionnaires.accdb;Persist Security Info=False;"; connect.Open(); OleDbCommand command = new OleDbCommand(); command.Connection = connect; private static bool MatchSHA1(byte[] p1, byte[] p2) { bool result = false; if (p1 != null && p2 != null) { if (p1.Length == p2.Length) { result = true; for (int i = 0; i < p1.Length; i++) { if (p1[i] != p2[i]) { result = false; break; } } } } return result; } /// /// Returns the SHA1 hash of the combined userID and password. /// /// /// /// private static byte[] GetSHA1(string userID, string password) { SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider(); return sha.ComputeHash(System.Text.Encoding.ASCII.GetBytes(userID + password)); } private static void RunTest()
No, Run test is just an example of how to use the other two methods...
If you get an email telling you that you can catch Swine Flu from tinned pork then just delete it. It's Spam.
