Imports System.Data
Imports System.Data.SqlClient
Partial Class co_ordinator_ChangePass
    Inherits System.Web.UI.Page
    Dim cs As String = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True"
    Protected Sub bnSubmit_Click(ByVal sender As Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles bnSubmit.Click
        Page.Validate("vg1")
        If Page.IsValid() Then
            Dim con As SqlConnection = New SqlConnection(cs)
            Dim cmd1 As SqlCommand = New SqlCommand("select UID from CORDPASSTAB where (UID=@uid)and(PASS=@pass) ", con)
            cmd1.Parameters.AddWithValue("@uid", txbUID.Text.ToString())
            cmd1.Parameters.AddWithValue("@pass", txbOldPass.Text.ToString())
            Try
                con.Open()
                Dim dr As SqlDataReader = cmd1.ExecuteReader()
                If dr.Read() Then
                    con.Close()
                    Dim cmd As SqlCommand = New SqlCommand("update CORDPASSTAB set PASS=@pass where(UID=@uid) ", con)
                    cmd.Parameters.AddWithValue("@uid", txbUID.Text.ToString())
                    cmd.Parameters.AddWithValue("@pass", txbPass.Text.ToString())
                    con.Open()
                    cmd.ExecuteNonQuery()
                    con.Close()
                    Response.Redirect("~/co-ordinator/Success.aspx?ID=" + Request.QueryString("ID").ToString())
                Else
                    lbError.Text = "Type correct password and User ID"
                End If

            Catch ex As Exception
                lbError.Text = lbError.Text.ToString() + ex.Message.ToString()
            End Try
        End If
    End Sub

    Protected Sub bnCancel_Click(ByVal sender As Object, ByVal e As System.Web.UI.ImageClickEventArgs) Handles bnCancel.Click
        Response.Redirect("~/co-ordinator/CordHome.aspx?ID=" + Request.QueryString("ID").ToString())
    End Sub
End Class