public JsonResult CreatePlayer(db_Player playerInfo) { var success = true; var errors = new List <string>(); if (!base.SanitizeHandle(playerInfo.Handle)) { success = false; errors.Add("Handles can only contain letters, numbers, _ and -."); } if (!base.SanitizePassword(playerInfo.Password)) { success = false; errors.Add("Passwords can only contain letters, numbers, and the following characters: _ - ! ? @ $ &"); } // If the sanitation methods have passed, we can safely use them in our DB methods if (success) { if (base.HandleExists(playerInfo.Handle)) { success = false; errors.Add("Handle already in use."); } if (success) { var unhashedPassword = playerInfo.Password; playerInfo.Salt = base.GenerateSalt(); playerInfo.Password = base.HashPassword(unhashedPassword, playerInfo.Salt); _playerRepo.AddNewPlayer(playerInfo); // Adding the player to the database with a random salt and hashed password } } var result = new { success, errors }; return(Json(result)); }