protected void ChangePasswordPushButton_Click(object sender, EventArgs e) { try { string sql = "SELECT USER_NAME, PASSWORD FROM MEMBER WHERE USER_NAME = '" + txtUserName.Text + "' AND PASSWORD = '******'"; SqlDataReader sdr; Profile pro = new Profile(); sdr = pro.ReturnMDetails(sql); if (sdr.Read() == true) { //Update New Password. Session["PASSWORD"] = txtNPassword.Text; bool status; status = pro.UpdatePassword(txtUserName.Text,txtNPassword.Text); if (status == false) { lblMsg.Visible = true; lblMsg.Text = "Password updation Failed"; return; } lblMsg.Visible = true; lblMsg.Text = "Password updated."; Response.Redirect("Home.aspx"); } else { lblMsg.Visible = true; lblMsg.Text = "Invalid Password."; return; } sdr.Close(); } catch (Exception ex) { throw ex; } }