Hi:
In my project for "Change Password Module" i am implementing following Logic:
1) User will Enter the OldPassword,NewPassword,Confirm Password then i am checking wether the Old Password is exists
2)If the OldPassword Exists I am setting Customvalidator =true and Maintaining session value=1
3)Now i am calling the session value in "Accept" buttonClick event in which i am cheking wether the session variable is one"
4)If the value is one, the Newly entered password will be updated otherwise Error message will be displayed.
The issue is session variable should not be used .Instead of session alternative method should be used.Can any one send me code for <b>Change Password</b> without using session variable.
I have mentioned the code below.
My code:
**************************Presentation Layer****************************
/// <summary>
/// Update The password
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void imgaccept_Click(object sender, ImageClickEventArgs e)
{
try
{
if (Page.IsValid == true)
{
if (Convert.ToString(Session["Validapassword"]) == "1")
{
Hashtable Has_PWDupdate = new Hashtable();
//Adding Values into Hashtable
Has_PWDupdate.Add("username",Session["UserName"].ToString());
Has_PWDupdate.Add("password", DAMS_Cls_EncryptDecrypt.Encrypt(txtNewpassword.Text));
ChangePWD.ChangePassword(Has_PWDupdate);
string strScript = "";
string strPath = "HomePage.aspx";
strScript = strScript + "<script language='javascript'>";
strScript = strScript + "alert('Your password successfully changed.');";
strScript = strScript + "window.location.href='" + strPath + "';";
strScript = strScript + "</script>";
ScriptManager.RegisterStartupScript(this, Type.GetType("System.String"), "Message", strScript, false);
}
}
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// If CancelButton is Clicked,Page will be redirected to the Changepassword Page
/// </summary>
/// <param name="source">The source.</param>
/// <param name="arg">The <see cref="System.Web.UI.WebControls.ServerValidateEventArgs"/> instance containing the event data.</param>
protected void CheckSelectedStateValue(object source, ServerValidateEventArgs arg)
{
try
{
bool oldPasswordExist;
//Check for UserName and Password Valid
Hashtable has_pwdChange = new Hashtable();
has_pwdChange.Add("username", Session["UserName"].ToString());
has_pwdChange.Add("OldPassword", DAMS_Cls_EncryptDecrypt.Encrypt(txtOldPassword.Text));
oldPasswordExist = ChangePWD.CheckOldPassword(has_pwdChange);
// Check for oldPasswordExist
if (oldPasswordExist == true)
{
arg.IsValid = true;
//If oldPWD is Exist Then Value '1' is Assign to the Session Variable "Validapassword"
Session.Add("Validapassword", 1);
}
else
{
arg.IsValid = false;
}
}
catch (Exception ex)
{
throw ex;
}
}
***************BusinessLogic Lyer********************
/// <summary>
/// Change Password
/// </summary>
/// <param name="Has_PWDupdate"></param>
public void ChangePassword(Hashtable Has_PWDupdate)
{
try
{
Hashtable hsh = new Hashtable();
hsh.Add("@UserName", Has_PWDupdate["username"].ToString());
hsh.Add("@Password", Has_PWDupdate["password"].ToString());
DAMS_cls_DataAccess.ExecuteCommand("DAMS_SP_Password_Update", hsh);
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Check Whether Old Password is Exists
/// </summary>
/// <param name="CheckOldPWD"></param>
/// <returns></returns>
public bool CheckOldPassword(Hashtable CheckOldPWD)
{
try
{
Hashtable hsh = new Hashtable();
hsh.Add("@UserName", CheckOldPWD["username"].ToString());
bool isExist = false;
SqlDataReader drDAMS_PWDchange;
drDAMS_PWDchange = DAMS_cls_DataAccess.GetDataReader("DAMS_SP_IsOldPasswordExist", hsh);
//Check for row Count
if (drDAMS_PWDchange.HasRows)
{
//Read The UserName in datareader
while (drDAMS_PWDchange.Read())
{
if (drDAMS_PWDchange.GetValue(0).ToString() == CheckOldPWD["OldPassword"].ToString())
{
isExist = true;
}
else
{
isExist = false;
}
}
}
return isExist;
}
catch (Exception ex)
{
throw ex;
}
}