password change rights

i am developing a windows application, my database is in MS-Access, i have made one form for the user to change its password. the form name is change password. Its working fine means that it is changing the password of the user and it is also not giving rights to any other user to change any user's password. But now i want that it should generate an error message if user tries to change the password of other user. As well as the user with admin rights have the right to change any user's password. Here i am posting my coding , Please help me with the coding. It is very neccessary, Change password form coding is: private void btnupdate_Click(object sender, EventArgs e) { try { ConnectionClass l_ConnectionClass = new ConnectionClass(); UserName = txtusername.Text; oldPassword = txtoldpwd.Text; newPassword = txtnewpwd.Text; ConfirmnewPassword = txtconfirmpwd.Text; DialogResult dlgResult = MessageBox.Show("Do you want to change your password.", "Continue?", MessageBoxButtons.YesNo, MessageBoxIcon.Question, MessageBoxDefaultButton.Button2); if (dlgResult == DialogResult.Yes) { l_ConnectionClass.changepassword(PublicVariables.OSUserID, UserName, oldPassword, newPassword, ConfirmnewPassword); MessageBox.Show("Password Successfully Changed"); ClearFields(); } else if (dlgResult == DialogResult.No) { ClearFields(); txtusername.Focus(); } } catch (Exception Ex) { MessageBox.Show("Connection Failed. Plz Check your Network Cable Connection", "Error", MessageBoxButtons.OK); } } i have made 3 users i.e Admin, Normal, Display, for that i have used userRole and user Role was saved at the time of user details in the database. I have used user role for my MDI form rights coding. User role are assigned by using this: public sealed class PublicVariables { public static Boolean CheckLoginFlag = false; public static int OSUserID = 0; public static int OSempID = 0; public static int OSantivirusID = 0; public static int OSmobID = 0; public static int OSEmpmailID = 0; public static int OSsystemID = 0; public static string UserRole = ""; public static Boolean IsUpdate = false; } I have defined the definition for change password in a common class. The Coding for it is: #region ChangePassword public void changepassword(int userId, string username, string useroldPwd, string usernewPwd, string usernewConPwd) { try { dbConnection = new OleDbConnection(); dbConnection.ConnectionString = strConnectionString; dbConnection.Open(); dbCommand = new OleDbCommand(); dbCommand.Connection = dbConnection; dbCommand.CommandType = CommandType.Text; dbCommand.CommandText = "update [tbluserlogin] set userPwd='" + usernewPwd + "',userConPwd='" + usernewConPwd + "' where userId=" + userId + " and userPwd='" + useroldPwd + "' and userName='" + username + "'"; dbCommand.ExecuteNonQuery(); } catch (Exception Ex) { MessageBox.Show(Ex.Message); } finally { connectionClose(); } } #endregion Please check this out and help me out.