private void ChangePassword()
{
String refSourceString = String.Empty;
try
{
User currentUser = (User)HttpContext.Current.Session["CurrentUserSession"];
String oldPass = HttpContext.Current.Request.QueryString["OldPassword"];
String newPass = HttpContext.Current.Request.QueryString["NewPassword"];
string passwordOld = Enc.Encrypt(oldPass.Trim(), STATIC.StaticInfo.encString);
string passwordNew = Enc.Encrypt(newPass.Trim(), STATIC.StaticInfo.encString);
String savedPassword = currentUser.Password;
if (savedPassword == passwordOld)
{
ConnectionManager conManager = new ConnectionManager(ConnectionName.SysMan);
String sql = "Update [User] Set Password = '******' where UserCode = '" + currentUser.UserCode + "'";
conManager.ExecuteNonQueryWrapper(sql);
refSourceString = "True," + "Saved Successfully.";
}
else
{
refSourceString = "False," + "Old password do not match.";
}
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.ContentType = "text/plain";
HttpContext.Current.Response.Write(refSourceString);
HttpContext.Current.Response.Flush();
}
catch (Exception ex)
{
refSourceString = "False," + ex.Message;
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.ContentType = "text/plain";
HttpContext.Current.Response.Write(refSourceString);
HttpContext.Current.Response.Flush();
//throw ex;
}
}