public ActionResult ChangePassword(Models.ChagePassWDModel model)
{
int RoleID;
if (model.UserName.ToUpper() == Session["UserName"].ToString().ToUpper())
{
if (ModelState.IsValid && IsUserValid(model.UserName, model.OldPassword, out RoleID))
{
if (model.ConfirmPassword != model.NewPassword)
{
ModelState.AddModelError("", "The password confirmed does not match.");
return(View(model));
}
if (ModelState.IsValid)
{
if (Change_Password(model))
{
return(RedirectToAction("Index", "Home"));
}
}
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return(View(model));
}
public ActionResult ChangePassword()
{
Models.ChagePassWDModel model = new Models.ChagePassWDModel();
model.UserName = Session["UserName"].ToString();
return(View(model));
}
private bool Change_Password(Models.ChagePassWDModel model)
{
string strConnection = ConfigurationManager.ConnectionStrings["UsedConnection"].ConnectionString;
using (var conn = new SqlConnection(strConnection))
using (var cmd = conn.CreateCommand())
{
conn.Open();
cmd.CommandText = "UPDATE U_Users SET Password = @NewPassword WHERE UserName = @Uname AND Password = @Pwd";
cmd.Parameters.AddWithValue("@Uname", model.UserName);
cmd.Parameters.AddWithValue("@NewPassword", model.NewPassword);
cmd.Parameters.AddWithValue("@Pwd", model.OldPassword);
cmd.ExecuteNonQuery();
return(true);
}
}
