| public verify ( string username ) : int | ||
| username | string | username of user to verify |
| return | int | |
public ActionResult ChangePassword(string currentPassword, string newPassword, string confirmPassword)
{
// Basic check to see if the user is Authenticated.
if (Session["Created"] == null && (Session["uid"] == null || Session["uid"].ToString().Equals("")))
{
return RedirectToAction("Index", "Home");
}
int uid;
if (Session["uid"] == null)
uid = (int)Session["Created"];
else
uid = (int)Session["uid"];
//confirm passwords match
if (!newPassword.Equals(confirmPassword))
{
ViewData["confirmPassword"] = "******";
return View();
}
if (newPassword == null || newPassword.Equals(""))
{
ViewData["confirmPassword"] = "******";
return View();
}
else if (newPassword.Length > 64)
{
ViewData["confirmPassword"] = "******";
return View();
}
//confirm current password is correct
userModel user = new userModel();
var userDetails = user.get_details(uid);
string username = userDetails.USERNAME;
if (user.verify(username, currentPassword) == 0)
{
ViewData["currentPassword"] = "******";
return View();
}
//write new password to db
user.changePassword(uid, newPassword);
//let them see all the links now that they've changed their password
if (Session["Created"] != null)
{
Session["uid"] = Session["Created"];
Session["Created"] = null;
}
return View("ChangepasswordSuccess");
}
public ActionResult Logon(String username, String password)
{
userModel user = new userModel();
var authenticated = user.verify(username, password);
var type = user.getUserType(authenticated);
if (authenticated != 0)
{
user = user.getUser(authenticated);
if (user.Expires_At != new DateTime())
{
if (user.Expires_At.CompareTo(DateTime.Now) < 0)
{
ViewData["Message"] = "User account has expired";
return View();
}
}
Session["user_type"] = type;
Session["sysadmin"] = "false";
if (user.Reset_Password_Key != null && user.Reset_Password_Key.Equals("Created"))
{
Session["Created"] = authenticated;
return RedirectToAction("ChangePassword", "User");
}
Session["uid"] = authenticated;
return RedirectToAction("Index", "Home");
}
else
{
authenticated = user.verify_as_sys_admin(username, password);
if (authenticated != 0)
{
Session["uid"] = authenticated;
Session["user_type"] = type;
Session["sysadmin"] = "true";
return RedirectToAction("Index", "SysAdmin");
}
else
{
ViewData["Message"] = "Username or password was incorrect";
return View();
}
}
}
public ActionResult ResetPassword(string email)
{
int uid;
userModel user = new userModel();
// if (email == null || System.Text.RegularExpressions.Regex.IsMatch(email, @"^(?("")("".+?""@)|(([0-9a-zA-Z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=
// [0-9a-zA-Z])@))(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,6}))$"))
// {
// ViewData["emailError"] = "Above field must contain a valid email address!";
// error = true;
// }
uid = user.verify(email);
if (uid == 0)
{
ViewData["outcome"] = "No account with this email address was found";
return View();
}
//generate new password
string newPassword = user.Password_Generator();
//store new password in db
user.changePassword(uid, newPassword);
//send new password in email
EmailController mail = new EmailController(email, newPassword, email);
string mailSuccess = mail.send();
if (!mailSuccess.Equals("Email sent successfully"))
{
ViewData["outcome"] = "An error occurred whilst trying to reset your password, please try again in a few moments or contact your System Administrator.";
}
else
ViewData["outcome"] = "Password successfully reset! Please check your email for your new password";
ViewData["emailError"] = mailSuccess;
return View();
}
