// POST: Account/ChangePassword/AccountName
public ActionResult ChangePassword(ChangePasswordViewModel ViewModel)
{
// Check if POST action was done by currently logged user
string LoggedUserName = User.Identity.GetUserName();
if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.AccountName == LoggedUserName).Count() > 0)
{
// Check if action was properly confirmed by password.
if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.Password == ViewModel.OldPassword).Count() > 0)
{
// Check if new password was properly confirmed.
if (ViewModel.NewPassword == ViewModel.ConfirmPassword)
{
// Find the record and change its password
Account ModifiedAccount = db.Account.FirstOrDefault(x => x.AccountName == ViewModel.AccountName);
ModifiedAccount.Password = ViewModel.NewPassword;
db.SaveChanges();
}
// At the end of the function go to Account/Details/CurrentUser.AccountName.
return RedirectToAction("Details", "Account", new { AccountName = ViewModel.AccountName });
}
else
return RedirectToAction("WrongPassword", "Account");
}
// If post was done by not logged user redirect to: /Account/Details/ViewModel.AccountName
else
return RedirectToAction("Details", "Account", new { AccountName = ViewModel.AccountName });
}
// GET: Account/ChangePassword/AccountName
public ActionResult ChangePassword(string AccountName)
{
ChangePasswordViewModel PasswordChange = new ChangePasswordViewModel();
// Check if currently logged user is the same as the one whose data is being edited
if (User.Identity.GetUserName()== AccountName)
{
PasswordChange.AccountName = AccountName;
return View(PasswordChange);
}
else
return RedirectToAction("Details", "Account", new { AccountName = AccountName });
}
