public string ChangeInfo(string oldpassword, string firstname, string lastname, string email, string password)
{
if (Session["user"] == null)
{
return(string.Empty);
}
using (var db = new AuctionHouseDB())
{
try
{
if (string.IsNullOrWhiteSpace(oldpassword))
{
return("#Error: You must supply your old password!");
}
User user = (User)Session["user"];
if (user.Password != oldpassword.ToMD5())
{
return("#Error: Old password does not match your current one.");
}
user = db.FindUserById(user.ID);
StringBuilder sb = new StringBuilder("Success: [");
if (!string.IsNullOrWhiteSpace(firstname))
{
user.FirstName = firstname;
sb.Append("First Name,");
}
if (!string.IsNullOrWhiteSpace(lastname))
{
user.LastName = lastname;
sb.Append("Last Name,");
}
if (!string.IsNullOrWhiteSpace(email) && db.FindUserByEmail(email) == null)
{
user.Email = email;
sb.Append("Email,");
}
if (!string.IsNullOrWhiteSpace(password))
{
user.Password = password;
sb.Append("Password,");
}
sb[sb.Length - 1] = ']';
if (!ModelState.IsValid)
{
foreach (var state in ModelState.Values)
{
foreach (var error in state.Errors)
{
return("#Error: " + error.ErrorMessage);
}
}
return("#Error: Unknown error.");
}
user.Password = user.Password.ToMD5();
db.Entry(user).State = EntityState.Modified;
try { db.SaveChanges(); }
catch { return("#Error: One or more fields are not in a correct format (eg. invalid email)."); }
Session["user"] = user;
return(sb.ToString());
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
