Retriving User Password by Using Stored Procedure in ASP.NET


In this demonstration I will tell you how to retrieve user password by using Stored Procedure in ASP.NET. To perform this task I had created a UserLogin table in Sql Server and enter some values like following example demonstrate…

create table UserLogin

(

      userName varchar(20) not null,

      userPassword varchar(20) not null,

      primary key(userName , userPassword)

)  

--Enter some values in UserLogin tables --

insert into UserLogin values('aaaa','aaaa@123')

insert into UserLogin values('bbbb','bbbb@123')

insert into UserLogin values('cccc','cccc@123')

insert into UserLogin values('dddd','dddd@123')

Create a parametrized procedure which return user password on the basis of user name.

--Create an parametrize procedure to retrive user password from table based on username--

create procedure retriveUserPassword @userName varchar(20)

as

begin

      select userPassword from UserLogin where userName=@userName

end

Then create a function in c# which display user Password in form alert box.

//For retriving password from ql server using procedure you have to use

    //Two namespace named System.Data and System.Data.SqlClient.

    //At the click event of button write down following line of code.

 

    public void getUserPassword(string userName)

    {

        SqlConnection con = new SqlConnection();    //Create an SqlConnection object.

        //Pass the connection string to the SqlConnection object

        con.ConnectionString = "............";

        con.Open();  //Open the connection

        string procedureText = "retriveUserPassword";

        SqlCommand cmd = new SqlCommand(procedureText, con); //Create an SqlCommand object.

        cmd.CommandType = CommandType.StoredProcedure; //Change the behaviour of command text to stored procedure.

        cmd.Parameters.Add(new SqlParameter("@userName",userName));  //Pass value to the parameter that you have created in procedure.

        SqlDataReader dr = cmd.ExecuteReader();

        if (dr.Read())

        {

            Response.Write("<script>alert('Password is  :" + dr[0].ToString() + "')</script>");

        }

        else

        {

            Response.Write("<script>alert('User Name does not exist')</script>");

        }

        con.Close();

    }

Then finally call this method at the click event of RecoverPassword button and you get password in form alert() message box.

  1. using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Web;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Data.SqlClient;
    using System.Configuration;
    using System.Data;

    namespace Benzospharmacy
    {
        public partial class Passrec : System.Web.UI.Page
        {
            

            protected void Button1_Click(object sender, EventArgs e)

            {
       
                    public void getUserPassword(string userName)
                    {
            SqlConnection con = new SqlConnection();    //Create an SqlConnection object.
            //Pass the connection string to the SqlConnection object
            con.ConnectionString = "RegConnectionString ";
            con.Open();  //Open the connection
            string procedureText = "retriveUserPassword";
            SqlCommand cmd = new SqlCommand(procedureText, con); //Create an SqlCommand object.
            cmd.CommandType = CommandType.StoredProcedure; //Change the behaviour of command text to stored procedure.
            cmd.Parameters.Add(new SqlParameter("@userName",userName));  //Pass value to the parameter that you have created in procedure.
            SqlDataReader dr = cmd.ExecuteReader();
            if (dr.Read())
            {
                Response.Write("<script>alert('Password is  :" + dr[0].ToString() + "')</script>");
            }
            else
            {
                Response.Write("<script>alert('User Name does not exist')</script>");
            }
            con.Close();
        }
        }
       }

  1. Hi Noman,
    I had see this code and its looking fine. Could you please check that you have created parameter in procedure or not. If created procedure then check name of parameter. Parameter name in procedure and c# code, both have same name. Still if you did not able to solve your problem then please post your error that comes.

    Thanks.

  1. create procedure retriveUserPassword @userName varchar(20)

    as

    begin

          select Password from Registration where UserName=@userName

    end

  1. using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Web;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Data.SqlClient;
    using System.Configuration;
    using System.Data;

    namespace Benzospharmacy
    {
        public partial class Forgotpassword : System.Web.UI.Page
        {
            protected void Page_Load(object sender, EventArgs e)
            {

            }

            protected void Button1_Click(object sender, EventArgs e)
            {  //here error comes

                   public void getUserPassword(string UserName)
                    {
            SqlConnection con = new SqlConnection();    //Create an SqlConnection object.
            //Pass the connection string to the SqlConnection object
            con.ConnectionString = "RegConnectionString ";
            con.Open();  //Open the connection
            string procedureText = "retriveUserPassword";
            SqlCommand cmd = new SqlCommand(procedureText, con); //Create an SqlCommand object.
            cmd.CommandType = CommandType.StoredProcedure; //Change the behaviour of command text to stored procedure.
            cmd.Parameters.Add(new SqlParameter("@userName",UserName));  //Pass value to the parameter that you have created in procedure.
            SqlDataReader dr = cmd.ExecuteReader();
            if (dr.Read())
            {
                Response.Write("<script>alert('Password is  :" + dr[0].ToString() + "')</script>");
            }
            else
            {
                Response.Write("<script>alert('User Name does not exist')</script>");
            }
            con.Close();
            }
        }
    }
    }  //here error comes

  1. Error 1 } expected Forgotpassword.aspx.cs 21 10 Benzospharmacy
    Error 2 Type or namespace definition, or end-of-file expected Forgotpassword.aspx.cs 47 1 Benzospharmacy

  1. Hi Noman,
    Here main problem in your code is that you are creating method inside method which is incorrect. I had modified your code so that it works. Please check the updated code.

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Web;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Data.SqlClient;
    using System.Configuration;
    using System.Data;

    namespace Benzospharmacy
    {
        public partial class Forgotpassword : System.Web.UI.Page
        {
            protected void Page_Load(object sender, EventArgs e)
            {

            }

            public void getUserPassword(string UserName)
            {
                SqlConnection con = new SqlConnection();    //Create an SqlConnection object.
                //Pass the connection string to the SqlConnection object
                con.ConnectionString = "RegConnectionString ";
                con.Open();  //Open the connection
                string procedureText = "retriveUserPassword";
                SqlCommand cmd = new SqlCommand(procedureText, con); //Create an SqlCommand object.
                cmd.CommandType = CommandType.StoredProcedure; //Change the behaviour of command text to stored procedure.
                cmd.Parameters.Add(new SqlParameter("@userName", UserName));  //Pass value to the parameter that you have created in procedure.
                SqlDataReader dr = cmd.ExecuteReader();
                if (dr.Read())
                {
                    Response.Write("<script>alert('Password is  :" + dr[0].ToString() + "')</script>");
                }
                else
                {
                    Response.Write("<script>alert('User Name does not exist')</script>");
                }
                con.Close();
            }

            protected void Button1_Click(object sender, EventArgs e)
            {  //here error comes
                getUserPassword("aaaa");  //call method at click of button.
            }
        }
    }

    Hope this will help you.

    Thanks.
       

  1.         string str = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
            protected void Page_Load(object sender, EventArgs e)
            {

            }

            protected void btnSubmit_Click(object sender, EventArgs e)
            {
                try
                {
                    DataSet ds = new DataSet();
                    using (SqlConnection con = new SqlConnection(str))
                    {
                        con.Open();
                        SqlCommand cmd = new SqlCommand("SELECT VC_EMAILID,BG_PHONENO  FROM STU_RGISTION_TB WHERE VC_EMAILID='"+txtEmail.Text.Trim()+"'",con);
                    
                        SqlDataAdapter da = new SqlDataAdapter(cmd);
                        da.Fill(ds);
                        con.Close();
                    }
                    if (ds.Tables[0].Rows.Count > 0)
                    {
                        MailMessage Msg = new MailMessage();
                        // Sender e-mail address.
                        Msg.From = new MailAddress("jpchaudharyj@gmail.com");
                        // Recipient e-mail address.
                        Msg.To.Add(txtEmail.Text);
                        Msg.Subject = "Your Password Details";
                        Msg.Body = "Hi,<br/> Please check your login detailss<br/><br/> Your Username:" + ds.Tables[0].Rows[0]["VC_EMAILID"] + "<br/><br/> Your Password:" + ds.Tables[0].Rows[0]["BG_PHONENO"] + "<BR/><BR/>";
                      //  Msg.Body = "Hi, <br/>Please check your Login Detailss<br/><br/>Your Username: " + ds.Tables[0].Rows[0]["UserName"] + "<br/><br/>Your Password: " + ds.Tables[0].Rows[0]["Password"] + "<br/><br/>";
                        Msg.IsBodyHtml = true;
                        // your remote SMTP server IP.
                        SmtpClient smtp = new SmtpClient();
                        smtp.Host = "smtp.gmail.com";
                        smtp.Port = 587;
                        smtp.Credentials = new System.Net.NetworkCredential("emailid@gmail.com", "paswod");
                           smtp.EnableSsl = true;
                        smtp.Send(Msg);
                        //Msg = null;
                        lbltxt.Text = "Your Password Details Sent to your mail";
                        // Clear the textbox valuess
                        txtEmail.Text = "";
                    }
                    else
                    {
                        lbltxt.Text = "The Email you entered not exists.";
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("{0} Exception caught.", ex);
                }
            }

Leave Comment