0

i want to update the password when i login with a user account like this i created an account the data saved to the data base then i want to change the data for the same account basically change the password for that account so i tried this 

 public partial class User_Ditails : Form
{
    public OleDbConnection conect = new OleDbConnection();
    public User_Ditails()
    {
        InitializeComponent();
        conect.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Mhamad\Desktop\form\Sign_Up.mdb;
                                        Persist Security Info=False;";
    }

    private void button1_Click(object sender, EventArgs e)
    {
        OleDbDataAdapter ASDF = new OleDbDataAdapter ("SELECT COUNT(*) FROM Sign_Up WHERE UserName='"+UserName.Text+"' AND Password='"+Old_Pass.Text+"'",conect);
        DataTable DS = new DataTable();
        ASDF.Fill(DS);
        errorProvider1.Clear();
        if (DS.Rows[0][0].ToString() == "1")
        {

            if (New_Pass.Text==Confirm_Pass.Text)
            {
                if (New_Pass.Text.Length > 6)
                {


                    OleDbDataAdapter cc = new OleDbDataAdapter("update Sign_Up set Password='" + New_Pass.Text + "' where UserName='" + UserName.Text + "' and Password='" + Old_Pass.Text + "'", conect);
                    DataTable DF = new DataTable();
                    cc.Fill(DF);
                    errorProvider1.Clear();

                    MessageBox.Show("Password Has Changed", "Message", MessageBoxButtons.OK, MessageBoxIcon.Information);
                }
                else
                {
                    errorProvider1.SetError(New_Pass, "Set Minimun 6 Charector");
                }
            }
            else
            {
                errorProvider1.SetError(New_Pass, "UnMatch Password");
                errorProvider1.SetError(Confirm_Pass, "UnMatch Password");
            }
        }
        else
        {
            errorProvider1.SetError(UserName,"Incorrect UserName");
            errorProvider1.SetError(Old_Pass, "Incorrect Password");

        }

but i always get this error 

System.Data.OleDb.OleDbException: 'Syntax error in UPDATE statement.'

on this code cc.Fill(DF);

John wiliam
  • 11
  • 6
  • 1
    I don't see a problem with your update statement, but just in case you weren't aware the method you've used to create your update statement is extremely insecure and can be easily hacked. Please google 'what is SQL injection' to see why. – NibblyPig Mar 01 '19 at 16:23
  • 1
    Let's try to write the query into a string with `string.Format()`. It will help you to write correct queries beacuse you can visualize better formatting errors. – Dave Mar 01 '19 at 16:24
  • @NibblyPig its just my collage project they said just create a simple one thanks for advice – John wiliam Mar 01 '19 at 16:25
  • Password is a reserved keyword for MS-Access. You need square brackets around it if you want to use it in a column name And you should ASAP learn how to use parameterized queries – Steve Mar 01 '19 at 16:25
  • Second advice. You don't need an OleDbDataAdapter for those commands. It is enough to use an OleDbCommand with the ExecuteScalar and the ExecuteNonQuery methods – Steve Mar 01 '19 at 16:27
  • @Steve thanks that work i,m still new to programming there are not good methods for access data base so i watch sql there are diffrent thanks for helping – John wiliam Mar 01 '19 at 16:30
  • @JoKeRxbLaCk thank for helping too :) – John wiliam Mar 01 '19 at 16:30
  • Please read [Why do we always prefer using parameters in SQL statements?](https://stackoverflow.com/questions/7505808/). – Dour High Arch Mar 01 '19 at 16:40
  • @DourHighArch thanks i will try to use them its kinda hard that parametars and im new – John wiliam Mar 01 '19 at 17:05

0 Answers0