Please help guys. It works perfectly when updating without the current password and the new password BUT if i will include to update the password, it throws an error. Here's my code:
protected void UpdateBtn_Click(object sender, EventArgs e)
{
connection.Open();
int queryStrId = Convert.ToInt32(Request.QueryString.Get("Id"));
string query = "";
// Works fine here..
if (CurrPass.Text == "" && NewPass.Text == "")
{
query = "UPDATE RegDetails SET Firstname = '" + FirstName.Text + "', Lastname = '" + LastName.Text + "', Gender = " + gender + ", AddressLocation = '" + Address.Text + "', Position = '" + Position.Text + "', CurrentStatus = " + status + ", Username = '" + Username.Text + "' WHERE Id = " + queryStrId;
}
// Does not work. Display error "ExecuteNonQuery: CommandText property has not been initialized". What's wrong with this?
else
{
if (CurrPass.Text != "" && NewPass.Text != "" && CurrPass.Text == currentPassword)
{
query = "UPDATE RegDetails SET Firstname = '" + FirstName.Text + "', Lastname = '" + LastName.Text + "', Gender = " + gender + ", AddressLocation = '" + Address.Text + "', Position = '" + Position.Text + "', CurrentStatus = " + status + ", Username = '" + Username.Text + "', Password = '" + NewPass.Text + "' WHERE Id = " + queryStrId;
}
}
SqlCommand commandUpdate = new SqlCommand(query, connection);
commandUpdate.ExecuteNonQuery();
connection.Close();
Response.Redirect("Details.aspx");
}
