The Forum has been Updated
The code has been upgraded to the latest .NET core version. Please check instructions in the Community Announcements about migrating your account.
Here's some code for another password change project.
The line in red is giving me a syntax error. Here's a sample output:
UPDATE TABLE1 SET PASSWORD='59830ebc3a4184110566bf1a290d08473dfdcbd492ce498b14cd1a5e2fa2e441' WHERE USERNAME='test1'
Code:
<%@ Language=VBScript%>
<%Response.Buffer = true%>
<!--#INCLUDE FILE="sha256.asp"-->
<%
set my_Conn = Server.CreateObject("ADODB.Connection")
my_Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:\db1.mdb"
if Request.Form("Change")="DoIt" then
strSql="SELECT USERNAME, PASSWORD FROM TABLE1 WHERE USERNAME='" & REQUEST.FORM("USERNAME") & "'"
set rsVerify=my_Conn.Execute(strSql)
if not rsVerify.EOF then
if sha256(Request.Form("oldpass"))<>rsVerify("password") then
Response.Write "Invalid password.<br>"
Fini
end if
else
Response.Write "Unknown user."
Fini
end if
rsVerify.Close
set rsVerify=Nothing
' Change password
if Request.Form("newpass")=Request.Form("newpass2") then
strSql="UPDATE TABLE1 SET PASSWORD='"& sha256(Request.Form("newpass")) & "' WHERE USERNAME='" & Request.Form("UserName") & "'"
my_Conn.Execute (strSql),,adCmdText + adExecuteNoRecords
else
Response.Write "Passwords do not match."
Fini
end if
end if
my_Conn.Close
set my_Conn=Nothing
Response.Write "<form action=""password.asp"" method=""post"">" & vbNewLine & _
" <input name=""Change"" type=""hidden"" value=""DoIt"">" & vbNewLine & _
" <table width=""50%"" bgcolor=""limegreen"" border=""1"" align=""center"" cellspacing=""0"" cellpadding=""0"">" & vbNewLine & _
" <tr valign=""middle"">" & vbNewLine & _
" <td width=""30%"" align=""right"" bgcolor=""skyblue"">Username: " & vbNewLine & _
" </td>" & vbNewLine & _
" <td width=""70%"" align=""left"" bgcolor=""white"">" & vbNewLine & _
" <input type=""text"" name=""username"" width=""50"" maxlength=""50"">" & vbNewLine & _
" </td>" & vbNewline & _
" </tr>" & vbNewLine & _
" <tr valign=""middle"">" & vbNewLine & _
" <td width=""30%"" align=""right"" bgcolor=""skyblue"">Current Password: " & vbNewLine & _
" </td>" & vbNewLine & _
" <td width=""70%"" align=""left"" bgcolor=""white"">" & vbNewLine & _
" <input type=""password"" name=""oldpass"" width=""50"" maxlength=""50"">" & vbNewLine & _
" </td>" & vbNewline & _
" </tr>" & vbNewLine & _
" <tr valign=""middle"">" & vbNewLine & _
" <td width=""30%"" align=""right"" bgcolor=""skyblue"">New Password: " & vbNewLine & _
" </td>" & vbNewLine & _
" <td width=""70%"" align=""left"" bgcolor=""white"">" & vbNewLine & _
" <input type=""password"" name=""newpass"" width=""50"" maxlength=""50"">" & vbNewLine & _
" </td>" & vbNewline & _
" </tr>" & vbNewLine & _
" <tr valign=""middle"">" & vbNewLine & _
" <td width=""30%"" align=""right"" bgcolor=""skyblue"">Confirm New Password: " & vbNewLine & _
" </td>" & vbNewLine & _
" <td width=""70%"" align=""left"" bgcolor=""white"">" & vbNewLine & _
" <input type=""password"" name=""newpass2"" width=""50"" maxlength=""50"">" & vbNewLine & _
" </td>" & vbNewline & _
" </tr>" & vbNewLine & _
" </table>" & vbNewLine & _
" <p align=""center"">" & vbNewLine & _
" <input type=""submit"" value=""Submit"">" & vbNewLine & _
" </p>" & vbNewLine & _
"</form>" & vbNewLine
Function Fini
Response.Flush
%>
<meta http-equiv="refresh" content="3;url=password.asp">
<%
End Function
%>
The line in red is giving me a syntax error. Here's a sample output:
UPDATE TABLE1 SET PASSWORD='59830ebc3a4184110566bf1a290d08473dfdcbd492ce498b14cd1a5e2fa2e441' WHERE USERNAME='test1'
Posted
Enclose password in parenthesis:
It must be one "of them" reserved words...
Code:
strSql="UPDATE TABLE1 SET [PASSWORD]='"& sha256(Request.Form("newpass")) & "' WHERE USERNAME='" & Request.Form("UserName") & "'"
Posted
I checked the list of reserved words, just in case, and it wasn't included. But if it fixes it, I'm all for it lol.
Posted
That fixed it, alright. Don't know why it isn't on any of the reserved word lists. Thanks.
Posted
It's a weird thing, cause it works from Access without it...
Posted
This is an OLD topic, but I was browsing and stumbled on this. Checked my restricted keyword mod and it turns out that "password" is restricted in Jet (not in Access). That's why it had the problem with the code.