public ActionResult ChangePassword(PasswordModel password)
{
ViewBag.incorrect = false;
Customer customer = db.Customers.Where(x => x.Username == User.Identity.Name).First();
string temppassword = hashString(customer.salt + password.OldPassword);
int count = db.Customers.Where(x => x.Username == customer.Username && x.Password == temppassword).Count();
if (count == 1 && password.CurrentPassword == password.ConfirmPassword)
{
string salt = Crypto.GenerateSalt();
string hash = hashString(salt + password.ConfirmPassword);
db.usp_UpdateCustomerPassword(customer.CustomerID, salt, hash);
return(RedirectToAction("YourAccount", "Account", null));
}
else
{
ViewBag.incorrect = true;
}
return(View());
}
