public ActionResult ChangePassword(ExtendedAccount acc) { using (Trainee15Entities db = new Trainee15Entities()) { using (MD5 md5Hash = MD5.Create()) { string hash = Encryption.GetMd5Hash(md5Hash, acc.password); var userDetails = db.Accounts.SingleOrDefault(x => x.username == acc.username && x.password == hash); if (userDetails == null) { HttpCookie cookie = Request.Cookies["Profile"]; if (cookie != null) { ViewBag.username = cookie["username"].ToString(); } TempData["Message"] = "Wrong Username or Password."; return(View("ChangePassword")); } else { userDetails.password = hash; db.SaveChanges(); TempData["Message"] = "Password changed successfully!"; return(View("ChangePassword")); } } } }
public ActionResult Login(ExtendedAccount acc, FormCollection form) { using (Trainee15Entities db = new Trainee15Entities()) { using (MD5 md5Hash = MD5.Create()) { // Encode text password into MD5 hash. string hash = Encryption.GetMd5Hash(md5Hash, acc.password); HttpCookie cookie = new HttpCookie("Profile"); string f = form["RememberMe"]; if (f != null) { cookie["username"] = acc.username; // Encrypt MD5 password into ASCII and save to cookie. byte[] b = ASCIIEncoding.ASCII.GetBytes(acc.password); string EncryptedPassword = Convert.ToBase64String(b); cookie["password"] = EncryptedPassword; // Set expire timmer to cookie. cookie.Expires = DateTime.Now.AddDays(2); HttpContext.Response.Cookies.Add(cookie); } else { // Remove any cookie related to this website. cookie.Expires = DateTime.Now.AddDays(-1); HttpContext.Response.Cookies.Add(cookie); } var userDetails = db.Accounts.SingleOrDefault(x => x.username == acc.username && x.password == hash && x.User.status == true); if (userDetails == null) { TempData["Message"] = "Access denied: Username or password is incorrect or you don't have an account."; return(View("Index")); } else { // Store neccessary information in session that will be used in all websites without having to // continuously call the same information from database. Session["userID"] = userDetails.userID; Session["username"] = userDetails.username; Session["mainMenu"] = userDetails.User.Role.Menus.Where(x => x.level == 0 || x.level == 1).OrderBy(x => x.menuNo).ToList(); Session["subMenu"] = userDetails.User.Role.Menus.Where(x => x.level == 2).ToList(); return(RedirectToAction("Index", "Home")); } } } }