public ActionResult getAnswer(string answer, int EmployeeID)
{
PwReset pw = new PwReset();
SqlCommand command = new SqlCommand(DBConstants.get_answer, sqlconn);
command.CommandType = CommandType.StoredProcedure;
command.Parameters.AddWithValue("@employee_id", EmployeeID);
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataSet dataSet = new DataSet();
adapter.Fill(dataSet);
for (int i = 0; i < dataSet.Tables[0].Rows.Count; i++)
{
pw.answer = Convert.ToString(dataSet.Tables[0].Rows[i]["answer"]);
pw.password = Convert.ToString(dataSet.Tables[0].Rows[i]["employee_password"]);
}
if (pw.answer == answer)
{
return(View(pw));
}
else
{
return(View("wrongAnswer"));
}
}
public ActionResult getQuestion(int EmployeeID)
{
PwReset pw = new PwReset();
SqlCommand command = new SqlCommand(DBConstants.get_question, sqlconn);
command.CommandType = CommandType.StoredProcedure;
command.Parameters.AddWithValue("@employee_id", EmployeeID);
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataSet dataSet = new DataSet();
adapter.Fill(dataSet);
for (int i = 0; i < dataSet.Tables[0].Rows.Count; i++)
{
pw.question = Convert.ToString(dataSet.Tables[0].Rows[i]["secret_question"]);
}
return(View(pw));
}
public ActionResult ResetPassword()
{
PwReset pw = new PwReset();
return(View(pw));
}