public string checkLoggin(string userName, string passWord)
{
//assigning username to variable
string username = userName;
string UserLevel="";
//assigning encripted password form text box & Encript
Encriptor enc = new Encriptor();
string password = enc.encript(passWord);
// encripted one
OdbcDataAdapter adpNameList = DB_Connect.ExecuteQuery("SELECT USER_USERNAME, ROLE_CODE FROM users_mast WHERE USER_USERNAME ='******' AND USER_PASSWORD = '******'");
adpNameList.SelectCommand.CommandType = CommandType.Text;
DataSet userList = new DataSet();
adpNameList.Fill(userList);
if (userList.Tables[0].Rows.Count == 1)
{
Console.Beep();
for (int i = 0; i < userList.Tables[0].Rows.Count; i++)
{
//get the user level from DB according to user name
UserLevel = userList.Tables[0].Rows[i][1].ToString();
}
}
else
{
UserLevel = "error";
}
return UserLevel;
}
protected void btnChange_Click(object sender, EventArgs e)
{
Utility utl = new Utility();
//get user level after compair passwords
string userLevel = utl.checkLoggin(Session["user"].ToString(), txtCurPas.Text);
if (userLevel != "error")
{
if (txtNewPass.Text == txtConfPass.Text)
{
//assigning encripted password form text box & Encript
Encriptor enc = new Encriptor();
string password = enc.encript(txtConfPass.Text.ToString());
//DB_Connect.InsertQuery("UPDATE users_mast SET USER_PASSWORD='******' WHERE USER_USERNAME='******'");
DB_Connect.InsertQuery("UPDATE users_mast SET USER_PASSWORD='******' WHERE USER_USERNAME='******'");
lblstatus.Text = "Password Changed.";
}
else
{
lblstatus.Text = "Passwords Doesnt Match";
}
}
else
{
lblstatus.Text = "Current Password Invalid";
}
}