public ActionResult Index(LoginModel loginModel) { if (ModelState.IsValid) { var dao = new LoginDAO(); var result = dao.Login(loginModel.UserName, dao.GetMD5(loginModel.Password)); if (result == 1) { var user = dao.GetByUsername(loginModel.UserName); var userSession = new UserLogin(); userSession.UserID = user.ACCOUNT_Id; userSession.RoleGroup = user.ROLEGROUP.ROLEGROUP_Code; // Lấy danh sách quyền của người đăng nhập var listCredentials = dao.GetListCredential(user.ACCOUNT_Id); //Tạo session cho danh sách quyền Session.Add(CommonConstants.SESSION_CREDENTIALS, listCredentials); //Tạo session cho người dăng nhập. Session.Add(CommonConstants.USER_SESSION, userSession); return(RedirectToAction("Index", "Home")); } else if (result == 0) { SetAlert("Account does not exist!", "warning"); } else if (result == -1) { SetAlert("The account is locked!", "warning"); } else if (result == -2) { SetAlert("Incorrect password!", "warning"); } else if (result == -3) { SetAlert("Your faculty has been locked, please contact the marketing manager for more information.", "warning"); } else { SetAlert("Login information is incorrect!", "warning"); } } return(Redirect(Request.UrlReferrer.ToString())); }
public ActionResult ChangePassword(string ACCOUNT_Username, string OldPassword, string NewPassword, string ConfirmNewPassword) { if (ModelState.IsValid) { ACCOUNT aCCOUNT = new ACCOUNT(); var dao = new LoginDAO(); if (dao.CheckPassword(ACCOUNT_Username, dao.GetMD5(OldPassword))) { if (OldPassword != NewPassword) { if (NewPassword == ConfirmNewPassword) { aCCOUNT.ACCOUNT_Username = ACCOUNT_Username; aCCOUNT.ACCOUNT_Password = dao.GetMD5(NewPassword); var result = dao.UpdatePassword(aCCOUNT); if (result) { string content = System.IO.File.ReadAllText(Server.MapPath("~/Views/templates/ChangePassword.html")); content = content.Replace("{{username}}", ACCOUNT_Username); new MailHelper().SendMail(dao.GetByUsername(ACCOUNT_Username).ACCOUNT_Email, "University Magazine", content, "Authenticate information"); SetAlert("Password changed successfully!", "success"); } else { SetAlert("Password change failed!", "warning"); } } else { SetAlert("New passwords are not the same!", "warning"); } } else { SetAlert("Old password cannot match new password!", "warning"); } } else { SetAlert("Wrong password!", "warning"); } } return(RedirectToAction("Index")); }