Edit

Share via


ChangePassword.OnChangingPassword(LoginCancelEventArgs) Method

Definition

Raises the ChangingPassword event before the user's password is changed by the membership provider.

protected:
 virtual void OnChangingPassword(System::Web::UI::WebControls::LoginCancelEventArgs ^ e);
protected virtual void OnChangingPassword (System.Web.UI.WebControls.LoginCancelEventArgs e);
abstract member OnChangingPassword : System.Web.UI.WebControls.LoginCancelEventArgs -> unit
override this.OnChangingPassword : System.Web.UI.WebControls.LoginCancelEventArgs -> unit
Protected Overridable Sub OnChangingPassword (e As LoginCancelEventArgs)

Parameters

e
LoginCancelEventArgs

A CancelEventArgs object containing the event data.

Examples

The following code example shows how to use an ASP.NET page that uses a ChangePassword control, and includes a handler for the ChangingPassword event named ChangingPassword. ChangingPassword compares the old password stored in the CurrentPassword property to the new password stored in NewPassword. If the two passwords are the same, changing the password fails.

The ChangePassword control sets the DisplayUserName property to true to enable the user to enter their user name. This means that the user does not have to log on to view the page.

The code example assumes that the ASP.NET Web site has been configured to use ASP.NET membership and Forms authentication, and that a user has been created whose name and password are known to you. For more information, see How to: Implement Simple Forms Authentication.

<%@ Page Language="C#" AutoEventWireup="True" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  void Page_Load(Object sender, EventArgs e)
  {
    //Manually register the event-handling methods.
    ChangePassword1.ChangingPassword += new LoginCancelEventHandler(this._ChangingPassword);
  }

  void _ChangingPassword(Object sender, LoginCancelEventArgs e)
  {
    if (ChangePassword1.CurrentPassword.ToString() == ChangePassword1.NewPassword.ToString())
    {
      Message1.Visible = true;
      Message1.Text = "Old password and new password must be different.  Please try again.";
      e.Cancel = true;
    }
    else
    {
      //This line prevents the error showing up after a first failed attempt.
      Message1.Visible = false;
    }
  }

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
  <title>ChangePassword including a ChangingPassword event handler</title>
</head>
<body>
  <form id="form1" runat="server">
  <div style="text-align:center">

    <h1>ChangePassword</h1>
    
    <asp:LoginView ID="LoginView1" Runat="server" 
      Visible="true">
      <LoggedInTemplate>
        <asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." />
        <br />
      </LoggedInTemplate>
      <AnonymousTemplate>
        You are not logged in
      </AnonymousTemplate>
    </asp:LoginView><br />
    
    <asp:ChangePassword ID="ChangePassword1" Runat="server"
      BorderStyle="Solid" 
      BorderWidth="1" 
      CancelDestinationPageUrl="~/Default.aspx" 
      DisplayUserName="true" 
      OnChangingPassword="_ChangingPassword"
      ContinueDestinationPageUrl="~/Default.aspx" >
    </asp:ChangePassword><br />
  
    <asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br />

    <asp:HyperLink ID="HyperLink1" Runat="server" 
      NavigateUrl="~/Default.aspx">
      Home
    </asp:HyperLink>
    
  </div>
  </form>
</body>
</html>
<%@ Page Language="VB" AutoEventWireup="True" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">

  Public Sub PageLoad(ByVal Sender As Object, ByVal e As EventArgs)
    'Manually register the event-handling methods.
    AddHandler ChangePassword1.ChangingPassword, AddressOf Me._ChangingPassword
  End Sub

  Public Sub _ChangingPassword(ByVal Sender As Object, ByVal e As LoginCancelEventArgs)
    If (ChangePassword1.CurrentPassword.ToString() = ChangePassword1.NewPassword.ToString) Then
      Message1.Visible = True
      Message1.Text = "Old password and new password must be different.  Please try again."
      e.Cancel = True
    Else
      'This line prevents the error showing up after a first failed attempt.
      Message1.Visible = False
    End If
  End Sub

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
  <title>ChangePassword including a ChangingPassword event handler</title>
</head>
<body>
  <form id="form1" runat="server">
  <div style="text-align:center">

    <h1>ChangePassword</h1>
    
    <asp:LoginView ID="LoginView1" Runat="server" 
      Visible="true">
      <LoggedInTemplate>
        <asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}." />
        <br />
      </LoggedInTemplate>
      <AnonymousTemplate>
        You are not logged in
      </AnonymousTemplate>
    </asp:LoginView><br />
    
    <asp:ChangePassword ID="ChangePassword1" Runat="server"
      BorderStyle="Solid" 
      BorderWidth="1" 
      CancelDestinationPageUrl="~/Default.aspx" 
      DisplayUserName="true" 
      OnChangingPassword="_ChangingPassword"
      ContinueDestinationPageUrl="~/Default.aspx" >
    </asp:ChangePassword><br />
  
    <asp:Label ID="Message1" Runat="server" ForeColor="Red" /><br />

    <asp:HyperLink ID="HyperLink1" Runat="server" 
      NavigateUrl="~/Default.aspx">
      Home
    </asp:HyperLink>
    
  </div>
  </form>
</body>
</html>

Remarks

The OnChangingPassword method is called before the membership provider specified in the MembershipProvider property is called to change the user's password.

Use the OnChangingPassword method to perform any processing that is necessary before changing the password, such as checking the new password to make sure it is not in a list of common passwords.

The OnChangingPassword method can cancel the ChangingPassword event by setting the Cancel property of the CancelEventArgs object passed as the e parameter to true.

Raising an event invokes the event handler through a delegate. For more information, see Server Event Handling in ASP.NET Web Forms Pages.

The OnChangingPassword method also allows derived classes to handle the event without attaching a delegate. This is the preferred technique for handling the event in a derived class.

Notes to Inheritors

When overriding the OnChangingPassword(LoginCancelEventArgs) method in a derived class, be sure to call the OnChangingPassword(LoginCancelEventArgs) method for the base class so that registered delegates receive the event.

Applies to

See also