public string ChangeInfo(string oldpassword, string firstname, string lastname, string email, string password) { if (Session["user"] == null) { return(string.Empty); } using (var db = new AuctionHouseDB()) { try { if (string.IsNullOrWhiteSpace(oldpassword)) { return("#Error: You must supply your old password!"); } User user = (User)Session["user"]; if (user.Password != oldpassword.ToMD5()) { return("#Error: Old password does not match your current one."); } user = db.FindUserById(user.ID); StringBuilder sb = new StringBuilder("Success: ["); if (!string.IsNullOrWhiteSpace(firstname)) { user.FirstName = firstname; sb.Append("First Name,"); } if (!string.IsNullOrWhiteSpace(lastname)) { user.LastName = lastname; sb.Append("Last Name,"); } if (!string.IsNullOrWhiteSpace(email) && db.FindUserByEmail(email) == null) { user.Email = email; sb.Append("Email,"); } if (!string.IsNullOrWhiteSpace(password)) { user.Password = password; sb.Append("Password,"); } sb[sb.Length - 1] = ']'; if (!ModelState.IsValid) { foreach (var state in ModelState.Values) { foreach (var error in state.Errors) { return("#Error: " + error.ErrorMessage); } } return("#Error: Unknown error."); } user.Password = user.Password.ToMD5(); db.Entry(user).State = EntityState.Modified; try { db.SaveChanges(); } catch { return("#Error: One or more fields are not in a correct format (eg. invalid email)."); } Session["user"] = user; return(sb.ToString()); } catch (Exception ex) { log.Error(ex.Message, ex); return("#Error: Unknown error occured."); } } }