retrieving password in vb 2008

Feb 13 2011 12:44 AM
good day! :)
we are currently creating a library system which includes a forgot password module..
but we are having difficulties in retrieving the passwords from our database.
could someone help us .. thank you in advance. :)

here is the code we've done..

-------------------------

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
002 
003        If ComboBox1.Text = "" Or TextBox1.Text = "" Or TextBox2.Text = "" Then
004            MessageBox.Show("Invalid Username and Password!", "Invalid", MessageBoxButtons.OK, MessageBoxIcon.Warning)
005            TextBox1.Text = ""
006            TextBox2.Text = ""
007            ComboBox1.Text = "Select"
008 
009            'for administrator
010 
011        ElseIf ComboBox1.Text = "Administrator" Then
012            Static iPassCount As Integer ' this will assure that the counter is visible only locally but not lost from call to call
013            If TextBox1.Text = "admin" And TextBox2.Text = "nimda" Then
014                Dim log As New LoginForm
015                log.Show()
016                iPassCount = 0 ' If passwor is ok then reset the counter
017                Me.Hide()
018 
019            Else
020                iPassCount += 1 ' increase the counter
021 
022                If iPassCount < 4 Then ' while less than 3 retries notify the user
023 
024                    MessageBox.Show("Invalid Username and Password for " & vbNewLine & ("              Administrator"), "Invalid", MessageBoxButtons.OK, MessageBoxIcon.Warning)
025 
026                Else ' almost 3 times failed to enter the password
027                    If MessageBox.Show("Do you want to retrieve your password?", "Forgot Password", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) = Windows.Forms.DialogResult.Yes Then
028                        Dim fp As New ForgotPassword
029                        fp.Show()
030                        Me.Hide()
031 
032                    End If
033                End If
034            End If
035 
036 
037 
038            'for librarian
039 
040        ElseIf ComboBox1.Text = "Librarian" Then
041 
042            Static iPassCount1 As Integer
043            If TextBox1.Text = "librarian" And TextBox2.Text = "librarian" Then
044                Dim log As New LoginForm
045                iPassCount1 = 0 ' If password is ok then reset the counter
046                log.Show()
047                Me.Hide()
048            Else
049                iPassCount1 += 1 ' increase the counter
050                If iPassCount1 < 4 Then ' while less than 3 retries notify the user
051                    MessageBox.Show("Invalid Username and Password for " & vbNewLine & ("              Librarian"), "Invalid", MessageBoxButtons.OK, MessageBoxIcon.Warning)
052                Else
053                    If MessageBox.Show("Do you want to retrieve your password?", "Forgot Password", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) = Windows.Forms.DialogResult.Yes Then
054                        Dim fp As New ForgotPassword
055                        fp.Show()
056                        Me.Hide()
057                    End If
058                End If
059            End If
060 
061            'for user
062 
063        ElseIf ComboBox1.Text = "User" Then
064 
065            Static iPassCount2 As Integer
066            Dim connection As New OleDbConnection
067            Dim userpassquery As New OleDbCommand
068            Dim datareader As OleDbDataReader
069 
070 
071            If TextBox1.Text = "" Or TextBox2.Text = "" Then
072                MsgBox("Please enter a Username and Password!")
073 
074            Else
075                connection.ConnectionString = connectionString
076                userpassquery.CommandText = "SELECT Username, LastName FROM Registration WHERE Username= '" & TextBox1.Text & "';"
077                connection.Open()
078 
079                userpassquery.Connection = connection
080 
081                datareader = userpassquery.ExecuteReader
082                datareader.Read()
083 
084 
085                'Done querying
086                'Check if username is in the database
087 
088 
089                'Username exists
090                If datareader.HasRows = True Then
091                    'Check if password is correct
092 
093 
094                    'Determine level of access
095                   
096                    Dim a As New user
097                    a.Show()
098 
099                    iPassCount2 = 0 ' If password is ok then reset the counter
100                    Me.Hide()
101 
102                    Else
103                    iPassCount2 += 1 ' increase the counter
104                    If iPassCount2 < 4 Then ' while less than 3 retries notify the user
105                        MessageBox.Show("Invalid Username and Password for " & vbNewLine & ("User"), "Invalid", MessageBoxButtons.OK, MessageBoxIcon.Warning)
106                    Else
107                        If MessageBox.Show("Do you want to retrieve your password?", "Forgot Password", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) = Windows.Forms.DialogResult.Yes Then
108                            Dim SecretQuestion As New OleDbCommand
109                            Dim connection1 As New OleDbConnection
110                            Dim datareader1 As OleDbDataReader
111 
112 
113                            ' almost 3 times failed to enter the password
114                            Dim strName As String
115 
116 
117                            strName = InputBox("Please enter your Username", "Retrieve")
118 
119                            Dim secret As New ForgotPassword
120                            Dim SecretAnswer As String
121                            secret.Show()
122                            Me.Hide()
123 
124                            connection1.ConnectionString = connectionString
125                            SecretQuestion.CommandText = "SELECT SecretQuestion FROM Registration WHERE Username= '" & strName & "';"
126                            SecretAnswer = "SELECT SecretAnswer FROM Registration WHERE Username= '" & strName & "';"
127                            connection1.Open()
128[i]
129 
130                            'forgot password label and textbox. please see the forgot password :)
131 
132                            ForgotPassword.Label3.Text = SecretQuestion.CommandText
133                            ForgotPassword.TextBox2.Text = SecretAnswer
134 
135                            SecretQuestion.Connection = connection1
136                            datareader1 = SecretQuestion.ExecuteReader
137                            datareader1.Read()
138 
139                            connection1.Close()
140                            connection1.Dispose()
141 
142                        End If
143[/i]
144 
145                    End If
146 
147 
148 
149                End If
150                connection.Close()
151                connection.Dispose()
152 
153            End If
154        End If
155 
156 
157 
158 
159    End Sub