public ActionResult ChangePassword()
{
if (!Navigator.IsUserLoggedIn(Session))
{
@ViewBag.Message = "Sorry! You need to login to view this page.";
return View("Message");
//return RedirectToAction("Login", "Account");
}
User user = (User)Session["user"];
ChangePasswordModel model = new ChangePasswordModel();
model.user_id = user.user_id;
model.username = user.username;
model.password = user.password;
ViewBag.ErrorMessage = "";
return View(model);
}
public ActionResult ChangePassword(ChangePasswordModel model)
{
if (!Navigator.IsUserLoggedIn(Session))
{
@ViewBag.Message = "Sorry! You need to login to view this page.";
return View("Message");
//return RedirectToAction("Login", "Account");
}
User user = (User)Session["user"];
String currentPasswordHash = StringUtils.GetMD5Hash(StringUtils.Reverse(model.currentPassword));
if (!currentPasswordHash.Equals(user.password))
{
ViewBag.ErrorMessage = "Current password is incorrect !";
return View(model);
}
if (user.password.Equals(StringUtils.GetMD5Hash(StringUtils.Reverse(model.newPassword))))
{
ViewBag.ErrorMessage = " New Password cannot be same as current Password !";
return View(model);
}
bool isSuccess = AccountDAL.ChangePassword(user.user_id, StringUtils.GetMD5Hash(StringUtils.Reverse(model.newPassword)));
if (isSuccess)
{
@ViewBag.Message = "Password Changed Successfully.";
return View("Message");
}
else
{
ViewBag.ErrorMessage = "Failed to change the password";
return View(model);
}
}
public ActionResult ChangeOthersPassword(ChangePasswordModel model)
{
if (!Navigator.IsUserLoggedIn(Session))
{
@ViewBag.Message = "Sorry! You need to login to view this page.";
return View("Message");
//return RedirectToAction("Login", "Account");
}
else if (!Navigator.UserRoleValidation(Session, "manager"))
{
@ViewBag.Message = "Access Denied ! You are not allowed to visit this page.";
return View("Message");
//return RedirectToAction("Login", "Account");
}
int userId = 0;
if (model.isApplicant)
userId = model.selectedApplicant;
else
userId = model.selectedStaff;
bool isSuccess = AccountDAL.ChangePassword(userId, StringUtils.GetMD5Hash(StringUtils.Reverse(model.newPassword)));
string userName = AccountDAL.GetUserName(userId);
if (isSuccess)
ViewBag.Message = "The password of " + userName + " has been changed successfully !";
else
ViewBag.Message = "Failed to modify the password of " + userName ;
return View("Message");
}
