public ActionResult NewPassword(FormCollection collection)
{
// SHould pass the user id in a safer way so that no one can modify the session id to change the password of someoneelse
// hiddenfield instead of session Uid?
int userId = Convert.ToInt32(Session["Uid"]);
var user = db.getUserById(userId);
String password1 = collection["password1"].ToString();
String password2 = collection["password2"].ToString();
//Validate password enter equal
if (!string.Equals(password1, password2))
{
TempData["Message"] = "<h5 style=\"color:red;\">Please make sure the two passwords are the same</h5>";
return(View());
}
user.U_Password = encoder.Encode(password2);
user.Active = true;
db.UpdateUser(user);
TempData["Message"] = "Your password was updated successfully.";
//return View();
return(RedirectToAction("MessageView", "Home"));
}
public ActionResult EditUser(FormCollection collection)
{
int id = (int)TempData["EditUserId"];
var y = db.getUserById(id);
int role = Convert.ToInt32(collection["role"]);
string email = collection["Email"];
string fname = collection["FirstName"];
string lname = collection["LastName"];
string phone = collection["Phone"];
//string birthday = collection["Birthday"];
DateTime birthday = Convert.ToDateTime(collection["Birthday"]);
//Yoga_User y = new Yoga_User();
y.Roles_Id = role;
y.U_Email = email;
y.U_First_Name = fname;
y.U_Last_Name = lname;
y.U_Phone = phone;
y.U_Birthday = birthday;
if (collection["active"] == null)
{
y.Active = false;
}
else
{
y.Active = true;
}
// see for password
//update db method
db.UpdateUser(y);
//ViewBag.StickyUser = user;
return(RedirectToAction("UserList"));
}
