public int ChangeMedicalPassword(ChangeMedicalPassword changeMedicalPassword)
{
Query = "UPDATE MedicalAccounts SET Password = @newPassword WHERE MedicalId = @medicalId AND Password = @oldPassword";
Command = new SqlCommand(Query, Connection);
Command.Parameters.AddWithValue("newPassword", changeMedicalPassword.NewPassword);
Command.Parameters.AddWithValue("medicalId", changeMedicalPassword.MedicalId);
Command.Parameters.AddWithValue("oldPassword", changeMedicalPassword.OldPassword);
Connection.Open();
int rowAffected = Command.ExecuteNonQuery();
Connection.Close();
return(rowAffected);
}
public ActionResult ChangePassword(ChangeMedicalPassword changeMedicalPassword)
{
if (User.IsInRole("Medical"))
{
changeMedicalPassword.MedicalId = GetMedicalData().MedicalId;
changeMedicalPassword.NewPassword = Crypto.Hash(changeMedicalPassword.NewPassword);
changeMedicalPassword.OldPassword = Crypto.Hash(changeMedicalPassword.OldPassword);
string message = aMedicalManager.ChangeMedicalPassword(changeMedicalPassword);
if (message == "Success")
{
ViewBag.Message = "Password has changed successfully";
}
else
{
ViewBag.ErrorMessage = message;
}
}
ViewBag.GetName = GetMedicalData().MedicalName;
return(View());
}
public string ChangeMedicalPassword(ChangeMedicalPassword changeMedicalPassword)
{
bool validOldPassword = aMedicalGateway.IsMedicalOldPasswordValid(changeMedicalPassword.MedicalId, changeMedicalPassword.OldPassword);
if (validOldPassword)
{
int rowAffected = aMedicalGateway.ChangeMedicalPassword(changeMedicalPassword);
if (rowAffected > 0)
{
return("Success");
}
else
{
return("Password changing failed.");
}
}
else
{
return("Old password is wrong. Please try again!");
}
}
