Hi samsmuthu,
After validation you need to check the password with 1234.
If it is 1234 then redirect to Change password page else redirect to the specified page.
Using this below article i have modified sample.
ChangePassword.aspx
<asp:TextBox runat="server" ID="txtPassword" TextMode="Password" />
<asp:Button Text="Chage Password" runat="server" OnClick="OnPasswordChange" />
Login Page Code
C#
protected void ValidateUser(object sender, EventArgs e)
{
int userId = 0;
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Validate_User"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", Login1.UserName);
cmd.Parameters.AddWithValue("@Password", Login1.Password);
cmd.Connection = con;
con.Open();
userId = Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
}
switch (userId)
{
case -1:
Login1.FailureText = "Username and/or password is incorrect.";
break;
case -2:
Login1.FailureText = "Account has not been activated.";
break;
default:
if (Login1.Password == "1234")
{
Session["UserId"] = userId;
Response.Redirect("ChangePassword.aspx");
}
else
{
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet);
}
break;
}
}
}
VB.Net
Protected Sub ValidateUser(sender As Object, e As EventArgs)
Dim userId As Integer = 0
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As New SqlConnection(constr)
Using cmd As New SqlCommand("Validate_User")
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", Login1.UserName)
cmd.Parameters.AddWithValue("@Password", Login1.Password)
cmd.Connection = con
con.Open()
userId = Convert.ToInt32(cmd.ExecuteScalar())
con.Close()
End Using
Select Case userId
Case -1
Login1.FailureText = "Username and/or password is incorrect."
Exit Select
Case -2
Login1.FailureText = "Account has not been activated."
Exit Select
Case Else
If Login1.Password = "1234" Then
Session("UserId") = userId
Response.Redirect("ChangePassword.aspx")
Else
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet)
End If
Exit Select
End Select
End Using
End Sub
ChangePassword Page Code
C#
protected void OnPasswordChange(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("UPDATE Users SET Password = @Password WHERE UserId = @Id"))
{
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim());
cmd.Parameters.AddWithValue("@Id", Session["UserId"]);
cmd.Connection = con;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
Response.Redirect("~/Login.aspx");
}
VB.Net
Protected Sub OnPasswordChange(ByVal sender As Object, ByVal e As EventArgs)
Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
Using con As SqlConnection = New SqlConnection(constr)
Using cmd As SqlCommand = New SqlCommand("UPDATE Users SET Password = @Password WHERE UserId = @Id")
cmd.CommandType = CommandType.Text
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim())
cmd.Parameters.AddWithValue("@Id", Session("UserId"))
cmd.Connection = con
con.Open()
cmd.ExecuteNonQuery()
con.Close()
End Using
End Using
Response.Redirect("~/Login.aspx")
End Sub
Screenshot
