Scribd
Upload
11 views18 pages

Practical - 8

Your ultimate guide! Explore this section for best practices and valuable resources to maximize your experience and get the most out of this initiative.

Uploaded by

princemadhubhai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views18 pages

Practical - 8

Your ultimate guide! Explore this section for best practices and valuable resources to maximize your experience and get the most out of this initiative.

Uploaded by

princemadhubhai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

CSE307:-ASP.

NET Core Programming 22DCS018 – Ayush Gajera

Practical - 8
Aim: Implement Registration, Login, Logout & change password features using ASP.NET and
ADO.NET (LINQ), (Use Dataset, Data Reader, XML Reader & Data Sources (SQL, Object &
XML) with Any Windows or Web Application).

Code:
Registration Form:
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
public partial class _Default : System.Web.UI.Page
{
protected void RegisterButton_Click(object sender, EventArgs e)
{
string connectionString =
System.Configuration.ConfigurationManager.ConnectionStrings["Users"].ConnectionString;
using (SqlConnection conn = new SqlConnection(connectionString))
{
string query = "INSERT INTO Users (Username, Password, Email) VALUES
(@Username, @Password, @Email)"
SqlCommand cmd = new SqlCommand(query, conn);
cmd.Parameters.AddWithValue("@Username", txtUsername.Text);
cmd.Parameters.AddWithValue("@Password", txtPassword.Text);
cmd.Parameters.AddWithValue("@Email", txtEmail.Text);
try
{
conn.Open();

Page 1 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
int rowsAffected = cmd.ExecuteNonQuery();

if (rowsAffected > 0)
{
Label1.Text = "Registration successful!";
}
else
{
Label1.Text = "Registration failed.";
}
}
catch (Exception ex)
{
Label1.Text = "Error: " + ex.Message;
}
}
}

Login.aspx
<%@ Page Language="C#" AutoEventWireup="true"
CodeBehind="login.aspx.cs" Inherits="Practical8.login" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<h2>Login</h2>
<asp:Label ID="lblMessage" runat="server"
ForeColor="Red"></asp:Label><br /><br />
Username: <asp:TextBox ID="txtUsername"

Page 2 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
runat="server"></asp:TextBox><br /><br />
Password: <asp:TextBox ID="txtPassword" TextMode="Password"
runat="server"></asp:TextBox><br /><br />
<asp:Button ID="btnLogin" Text="Login" runat="server"
OnClick="btnLogin_Click" /><br /><br />
<asp:HyperLink ID="hlRegister" runat="server"
NavigateUrl="~/Register.aspx">New User? Register Here</asp:HyperLink><br
/><br />
<asp:HyperLink ID="hlChangePassword" runat="server"
NavigateUrl="~/changepassword.aspx">Forgot Password? Change
Password</asp:HyperLink>
</div>
</form>
</body>
</html>

login.aspx.cs
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace Practical8
{
public partial class login : System.Web.UI.Page
{
protected void btnLogin_Click(object sender, EventArgs e)
{
string username = txtUsername.Text;

Page 3 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
string password = txtPassword.Text;
string connString =
WebConfigurationManager.ConnectionStrings["adoConnectionString"].Connectio
nString;
using (SqlConnection conn = new SqlConnection(connString))
string query = "SELECT UserID FROM Users WHERE Username =
@Username AND Password = @Password";
SqlCommand cmd = new SqlCommand(query, conn);
cmd.Parameters.AddWithValue("@Username", username);
cmd.Parameters.AddWithValue("@Password", password);
conn.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
reader.Read();
Session["UserID"] = reader["UserID"];
Response.Redirect("Home.aspx
}
else
{
lblMessage.Text = "Invalid username or password.";
}
conn.Close();
}
}
}

Home.aspx.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;

Page 4 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
using System.Web.UI.WebControls;
namespace Practical8
{
public partial class home : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (Session["UserID"] == null)
{
Response.Redirect("Login.aspx");
}
}
protected void btnLogout_Click(object sender, EventArgs e)
{
Session.Abandon();
Response.Redirect("Login.aspx");
}
}
}

Register.aspx.cs
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Web.UI;
using System.Web.UI.WebControls;
{
public partial class register : System.Web.UI.Page
{
protected void btnRegister_Click(object sender, EventArgs e)

Page 5 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
{
string username = txtUsername.Text;
string email = txtEmail.Text;
string password = txtPassword.Text;
string connString =
WebConfigurationManager.ConnectionStrings["adoConnectionString"].Conne
ctionString;
using (SqlConnection conn = new SqlConnection(connString))
{
string query = "INSERT INTO Users (Username, Email, Password)
VALUES (@Username, @Email, @Password)";
SqlCommand cmd = new SqlCommand(query, conn);
cmd.Parameters.AddWithValue("@Username", username);
cmd.Parameters.AddWithValue("@Email", email);
cmd.Parameters.AddWithValue("@Password", password);
conn.Open();
int result = cmd.ExecuteNonQuery();
conn.Close();
if (result > 0)
{
lblMessage.Text = "Registration successful!";
}
else
{
lblMessage.Text = "Registration failed.";
}
}
}
}

changepassword.aspx.cs
using System;
using System.Collections.Generic;

Page 6 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace Practical8
{
public partial class changepassword : System.Web.UI.Page
{
protected void btnChangePassword_Click(object sender, EventArgs e)
{
string username = txtUsername.Text;
string oldPassword = txtOldPassword.Text;
string newPassword = txtNewPassword.Text;
string connString =
WebConfigurationManager.ConnectionStrings["adoConnectionString"].Conne
ctionString;
using (SqlConnection conn = new SqlConnection(connString))
{
// Step 1: Validate username and old password
string validateQuery = "SELECT Password FROM Users WHERE
Username = @Username";
SqlCommand validateCmd = new SqlCommand(validateQuery,
conn);
validateCmd.Parameters.AddWithValue("@Username", username);
conn.Open();
SqlDataReader reader = validateCmd.ExecuteReader();
if (reader.Read())
{
string storedPassword = reader["Password"].ToString();
// Check if the old password matches

Page 7 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
if (storedPassword != oldPassword)
{
lblMessage.Text = "Old password is incorrect.";
conn.Close();
return;
}
}
else
{
lblMessage.Text = "Username not found.";
conn.Close();
return;
}
conn.Close();
string updateQuery = "UPDATE Users SET Password =
@NewPassword WHERE Username = @Username";
SqlCommand updateCmd = new SqlCommand(updateQuery, conn);
updateCmd.Parameters.AddWithValue("@NewPassword",
newPassword);
updateCmd.Parameters.AddWithValue("@Username", username);
conn.Open();
int result = updateCmd.ExecuteNonQuery();
conn.Close();
if (result > 0)
{
lblMessage.Text = "Password changed successfully!";
}
else
{
lblMessage.Text = "Failed to change password.";
}
}

Page 8 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
}
protected void Page_Load(object sender, EventArgs e)
{
// No need to check if the user is logged in since we're asking for
username and old password
}
}
}
Output:

Page 9 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
//

Page 10 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera

Practical - 9
Aim: Display User List and provide search/filter / update / delete facility (Use Data Controls like
Data List, Grid View, Detail View, Repeater, and List Bound Control)
Code:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default3.aspx.cs"
Inherits="Default3" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<h1>
Admin DashBoard</h1>
<asp:GridView ID="GridView1" runat="server" AllowPaging="True" AllowSorting="True"
AutoGenerateColumns="False" DataKeyNames="UserID" DataSourceID="SqlDataSource1">
<Columns>
<asp:CommandField ShowDeleteButton="True" ShowEditButton="True"
ShowSelectButton="True" />
<asp:BoundField DataField="UserID" HeaderText="UserID" InsertVisible="False"
ReadOnly="True" SortExpression="UserID" />
<asp:BoundField DataField="UserName" HeaderText="UserName"
SortExpression="UserName" />
<asp:BoundField DataField="Password" HeaderText="Password"
SortExpression="Password" />
<asp:BoundField DataField="Email" HeaderText="Email" SortExpression="Email" />
</Columns>
</asp:GridView>
<asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$
ConnectionStrings:Users %>" DeleteCommand="DELETE FROM [Users] WHERE [UserID] =
@UserID" InsertCommand="INSERT INTO [Users] ([UserName], [Password], [Email])
VALUES (@UserName, @Password, @Email)" SelectCommand="SELECT * FROM [Users]"
UpdateCommand="UPDATE [Users] SET [UserName] = @UserName, [Password] =
@Password, [Email] = @Email WHERE [UserID] = @UserID">
<DeleteParameters>

Page 11 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
<asp:Parameter Name="UserID" Type="Int32" />
</DeleteParameters>
<InsertParameters>
<asp:Parameter Name="UserName" Type="String" />
<asp:Parameter Name="Password" Type="String" />
<asp:Parameter Name="Email" Type="String" />
</InsertParameters>
<UpdateParameters>
<asp:Parameter Name="UserName" Type="String" />
<asp:Parameter Name="Password" Type="String" />
<asp:Parameter Name="Email" Type="String" />
<asp:Parameter Name="UserID" Type="Int32" />
</UpdateParameters>
</asp:SqlDataSource>
</form>
</body>
</html>

UserManagement.aspx
<%@ Page Language="C#" AutoEventWireup="true"
CodeBehind="UserManagement.aspx.cs" Inherits="practical9.UserManagement"%>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<h2>User Management</h2>
<asp:TextBox ID="txtSearch" runat="server" placeholder="Search by
Username"></asp:TextBox>
<asp:Button ID="btnSearch" runat="server" Text="Search"

Page 12 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
OnClick="btnSearch_Click" />
<br /><br />
<asp:GridView ID="gvUsers" runat="server"
AutoGenerateColumns="False" OnRowCommand="gvUsers_RowCommand">
<Columns>
<asp:BoundField DataField="UserID" HeaderText="User ID"
ReadOnly="True" />
<asp:BoundField DataField="Username" HeaderText="Username" />
<asp:BoundField DataField="Email" HeaderText="Email" />
<asp:TemplateField>
<ItemTemplate>
<asp:Button ID="btnEdit" runat="server" Text="Edit"
CommandName="EditUser" CommandArgument='<%# Eval("UserID") %>' />
<asp:Button ID="btnDelete" runat="server" Text="Delete"
CommandName="DeleteUser" CommandArgument='<%# Eval("UserID") %>' />
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView>
<asp:Label ID="lblMessage" runat="server"
ForeColor="Green"></asp:Label>
</div>
</form>
</body>
</html>

UserManagement.aspx.cs
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Data;
using System.Linq;
using System.Web;

Page 13 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
using System.Web.Configuration;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace practical9
{
public partial class UserManagement : System.Web.UI.Page
{
private string connString =
WebConfigurationManager.ConnectionStrings["adoConnectionString"].Conne
ctionString;
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
LoadUsers();
}
}
private void LoadUsers(string filter = "")
{
using (SqlConnection conn = new SqlConnection(connString))
{
string query = "SELECT * FROM Users";
if (!string.IsNullOrEmpty(filter))
{
query += " WHERE Username LIKE @Filter";
}
SqlCommand cmd = new SqlCommand(query, conn);
if (!string.IsNullOrEmpty(filter))
{
cmd.Parameters.AddWithValue("@Filter", "%" + filter + "%");
}
SqlDataAdapter da = new SqlDataAdapter(cmd);

Page 14 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
DataTable dt = new DataTable();
da.Fill(dt);
gvUsers.DataSource = dt;
gvUsers.DataBind();
}
}
protected void btnSearch_Click(object sender, EventArgs e)
{
string filter = txtSearch.Text.Trim();
LoadUsers(filter);
}
protected void gvUsers_RowCommand(object sender,
GridViewCommandEventArgs e)
{
if (e.CommandName == "EditUser")
{
int userId = Convert.ToInt32(e.CommandArgument);
Response.Redirect($"EditUser.aspx?UserID={userId}");
}
else if (e.CommandName == "DeleteUser")
{
int userId = Convert.ToInt32(e.CommandArgument);
DeleteUser(userId);
LoadUsers();
}
}
private void DeleteUser(int userId)
{
using (SqlConnection conn = new SqlConnection(connString))
{
string query = "DELETE FROM Users WHERE UserID =
@UserID";

Page 15 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
SqlCommand cmd = new SqlCommand(query, conn);
cmd.Parameters.AddWithValue("@UserID", userId);
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
lblMessage.Text = "User deleted successfully!";
}
}
}
}

EditUser.aspx.cs
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace practical9
{
public partial class EditUser : System.Web.UI.Page
{
private string connString =
WebConfigurationManager.ConnectionStrings["adoConnectionString"].Connectio
nString;
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
int userId = Convert.ToInt32(Request.QueryString["UserID"]);
LoadUser(userId);

Page 16 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
}
}
private void LoadUser(int userId)
{
using (SqlConnection conn = new SqlConnection(connString))
{
string query = "SELECT * FROM Users WHERE UserID = @UserID";
SqlCommand cmd = new SqlCommand(query, conn);
cmd.Parameters.AddWithValue("@UserID", userId);
conn.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
txtUsername.Text = reader["Username"].ToString();
txtEmail.Text = reader["Email"].ToString();
}
conn.Close();
}
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
int userId = Convert.ToInt32(Request.QueryString["UserID"]);
UpdateUser(userId);
}
private void UpdateUser(int userId)
{
using (SqlConnection conn = new SqlConnection(connString))
{
string query = "UPDATE Users SET Username = @Username, Email =
@Email WHERE UserID = @UserID";
SqlCommand cmd = new SqlCommand(query, conn);
cmd.Parameters.AddWithValue("@Username",

Page 17 of 18
CSE307:-ASP.NET Core Programming 22DCS018 – Ayush Gajera
txtUsername.Text.Trim());
cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim());
cmd.Parameters.AddWithValue("@UserID", userId);
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
lblMessage.Text = "User updated successfully!";
}
}
}
}

Output:

Page 18 of 18

You might also like