473,394 Members | 1,706 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > reset password using asp and ms access

Join Bytes to post your question to a community of 473,394 software developers and data experts.

Reset Password using ASP and MS Access

Hi All,

I want to creat a script where I will allow user to reset their own password. I have tried different options but don't have any luck. Wonder what I want to do is kinda not valid or not.

ResetLogin.asp (where user will have to enter their username, old password, and new password).
[html]
<TR>
<TH ALIGN=LEFT> <FONT FACE="HELVETICA,HELV,ARIAL" SIZE=2>&nbsp;&nbsp;User Name: </FONT></TH>
<TD><INPUT CLASS="bluebox" NAME="Username" SIZE="25" TYPE="text" ID="Username"></TD>
</TR>

<TR>
<TH ALIGN=LEFT><FONT FACE="HELVETICA,HELV,ARIAL" SIZE=2>&nbsp;&nbsp;Old Password: </FONT></TH>
<TD><INPUT CLASS="bluebox" NAME="PassW" SIZE="25" TYPE="Password" ID="PassW"></TD>
</TR>

<TR>
<TH ALIGN=LEFT><FONT FACE="HELVETICA,HELV,ARIAL" SIZE=2>&nbsp;&nbsp;New Password: </FONT></TH>
<TD><INPUT CLASS="bluebox" NAME="NewPassW" SIZE="25" TYPE="Password" ID="NewPassW"></TD>
</TR>

<TR>
<TD ALIGN=CENTER COLSPAN=2> <INPUT CLASS="Table_Blue" TYPE="submit" NAME="Submit" VALUE="RESET/CHANGE PASSWORD"></TD>
</TR>[/html]
RCPassword.asp (this file will do the check of username, and password then update it. I am having problem to construct the portion to update the new password)
Expand|Select|Wrap|Line Numbers
  1. <%
  2. Dim Conn
  3. Dim RS
  4. Dim strSQl
  5. Dim strUsername
  6. Dim strPassW
  7. Dim strNewPassW
  8.  
  9. strUsername = trim(Request.Form("Username"))
  10. strPassW = trim(Request.Form("PassW"))
  11. strNewPassW = trim(Request.Form("NewPassW"))
  12.  
  13. If strUsername = "" OR _
  14. strPassW = "" OR _
  15. strNewPassW = "" Then
  16. Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
  17.  
  18. Else
  19.  
  20. Set Conn = Server.CreateObject("ADODB.Connection")
  21. Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
  22.  
  23. strSQL = "Select * FROM Accounts where Username='" & strUsername & "' and PassW='" & strPassW & "'"
  24. RS.Open strSQL, Conn
  25.  
  26. strSQL = "UPDATE Accounts SET NewPassW= '"& strPassW &"'"
  27. Conn.Execute(strSQL)
  28.  
  29. Response.Write ("Thank You")
  30.  
  31. End If
  32.  
  33. RS.Close
  34. Set RS = Nothing
  35.  
  36. Conn.Close
  37. Set Conn = Nothing
  38. %>
Jan 23 '08 #1
7 3459
nedu
65
Hi Frnd,

I thnk the password field name of u r table is "PassW" but in the update statement u r updating the different filed "NewPassW". Please check that and let us know . . .

Regards,
Nedu . M
Jan 23 '08 #2
Hi Nedu,

Thanks for your reply.

I thought NewPassW= '"& strPassW &"'" is you take the new password you enter then overwrite the existing one? Please help. Thanks again.
Jan 24 '08 #3
nedu
65
I think there is no need of newPassword field, only one password field is enough u shall replace the new pwd in that itself
Jan 24 '08 #4
Hi,

It still does not work. Can you try to see if you see the same problem? Thanks.
Jan 24 '08 #5
Nicodemas
164 Expert 100+
HotFlash, you need to SERIOUSLY look at what you are inputting. I have some advice for you, as well as some answers.

1.) Your first SQL statement is not even necessary. Get rid of it and the RS.open.

2.) Why are you updating a field called NewPassW? The password field you use to check if the user entered the right password is just: PassW. Change your second SQL statement to use PassW and not NewPassW.

3.) Your UPDATE SQL statement is too broad. If you do not put a WHERE clause on it, you will end up changing EVERY USER'S PASSWORD.

4.) You need to protect your scripts from SQL Injection Attacks. It is a form of hack. Remove malicious characters from all form input, i.e. apostrophes.
Jan 24 '08 #6
CroCrew
564 Expert 512MB
I agree with Nicodemas. You need to add more security. Try this code for your RCPassword.asp page instead of what you have.

Hope this helps~

Expand|Select|Wrap|Line Numbers
  1. <%
  2.     Set adoCon = Server.CreateObject("ADODB.Connection")
  3.     adoCon.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("Relative path to your Access database") 
  4.     Set rsUpdate = Server.CreateObject("ADODB.Recordset")
  5.  
  6.     xUsername = replace(Request.Form("Username"),"'","''")
  7.     xPassW = replace(Request.Form("PassW"),"'","''")
  8.     xNewPassW = replace(Request.Form("NewPassW"),"'","''")
  9.  
  10.     strSQL = "SELECT * FROM Accounts WHERE Username = '" & trim(xUsername) & "' AND PassW = '" & trim(xPassW) & "'"
  11.     rsUpdate.CursorType = 2
  12.     rsUpdate.LockType = 3
  13.     rsUpdate.Open strSQL, adoCon
  14.  
  15.     If Not (rsUpdate.EOF) Then
  16.         If ((StrComp(trim(xPassW), rsUpdate("PassW").value) = 0)) Then
  17.             rsUpdate.Fields("PassW") = trim(xNewPassW)
  18.             rsUpdate.Update    
  19.             Response.Write("Password has been updated.")
  20.             Response.end
  21.         End If
  22.     End If
  23.  
  24.     Response.Write("The combination of User Name and Current Password is bad.")
  25.  
  26.     rsUpdate.Close
  27.     Set rsUpdate = Nothing
  28.     adoCon.Close
  29.     Set adoCon = Nothing
  30. %>
  31.  
  32.  
Jan 24 '08 #7
Hi Crocrew/Nicodemas,

You guys are the BEST. Everything works fine. Thanks for your help. I have another (last issue) of my tiny project here and wonder if you guys can help me out. I found a script to upload file (MS word, etc...), and description to the MS Access. I got it work fine. I created a search feature to either search by record number or description OK. My question is, how can I view the file I uploaded to MS Access from the web browser?

FYI that MOPID = AutoNumber
Description = Text
Data = Ole Object
both of these fields are defined in the MS Access. Below is the script that I used. The description show up OK after the search however, how can i display the file I uploaded to the MS Access so when the user click on VIEW (below), it will open up the file. Thanks once again for your help.

WHILE NOT RS.EOF

Response.Write("<TR>")
Response.Write("<TD>" & RS("Description") & "&nbsp;</TD>")
Response.Write("<TD><A HREF=Data?MOPID=" & RS("MOPID") & ">View</A></TD>")
Response.Write("</TR>")

RS.MoveNext
Wend
Jan 24 '08 #8

Sign in to post your reply or Sign up for a free account.

Similar topics

3
Password Reset for Workstation Login
by: Ian | last post by:
Hi I know there are products out there that can do this like http://www.psynch.com/technology/ska.html What is the code that is used to Reset a Users password so the next time they logon to...
.NET Framework
0
reset passwords app only works if user has full control of object
by: John Gossett | last post by:
I have written an application in vb.net to reset user passwords in active directory. If I run the application as a user with full contol of the AD object I can reset the password. If I run the...
.NET Framework
0
password reset function is not working
by: serkan | last post by:
Guys, I am trying to get this password reset functionality wor for me but I am not successful at all. Please somebody help me. I get "Your password could not be reset - please try again later" so I...
General
0
how do I reset user "root" password ?
by: damontimm | last post by:
My setup: Mac OS 10.4.4; mysql 4.x ... everything was installed and working fine for some time. Today, I added drupal to my system and had to create a new database in mysql -- now I am having some...
MySQL Database
1
password reset email
by: Dabbler | last post by:
My password reset emails aren't getting through so I have two problems, getting the email to work and resetting the passwords from users who have already missed their reset email. My health...
ASP.NET
6
Active Directory Authentication - password reset not working correctly PLEASE HELP!
by: jarice1978 | last post by:
Hello, I have been scanning the internet for a few days now. That is not working. So now it is time to post! I have read a few other posts on here about authentication but they do not match...
.NET Framework
2
How to reset user's password without having to use PasswordRecovery
by: Homer | last post by:
Hi, I want to be able to reset a user's password and I do not want to use the PasswordRecovery control to reset and email it to the user. A while back, I thought I'd read an article that...
ASP.NET
2
Password Strength Meter Reset Problem
by: DarthPeePee | last post by:
Hello everyone. I am working on a Password Strength Meter and I am running into 1 problem that I would like to fix. When pressing the "Clear Password & Try Again" button, the password clears...
Javascript
1
Membership security. Forcing a Password Recovery/Reset?
by: jobs | last post by:
I'm using asp.net Membership security. Using the Password recovery control, users can reset/recover their passwords. Great. I've grid with all the users. I'd like to add a button so the admin of...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!