// POST: Account/ChangeEmail/AccountName public ActionResult ChangeEmail(ChangeEmailViewModel ViewModel) { // Check if POST action was done by currently logged user string LoggedUserName = User.Identity.GetUserName(); // Check if logged user is the same as the one whose email he wants to edit if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.AccountName == LoggedUserName).Count() > 0) { // Check if action was properly confirmed by password if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.Password == ViewModel.Password && x.Email == ViewModel.CurrentEmail).Count() > 0) { db.Account.FirstOrDefault(x => x.AccountName == ViewModel.AccountName).Email = ViewModel.NewEmail; db.SaveChanges(); return RedirectToAction("Details", "Account", new { AccountName = ViewModel.AccountName }); } // If wrong password was entered redirect to /Account/WrongPassword else return RedirectToAction("WrongPassword", "Account"); } // If post was done by not logged user redirect to: /Account/Details/ViewModel.AccountName else return RedirectToAction("Details", "Account", new { AccountName = ViewModel.AccountName }); }
// GET: Account/ChangeEmail/AccountName public ActionResult ChangeEmail(string AccountName) { ChangeEmailViewModel EmailChange = new ChangeEmailViewModel(); // Check if currently logged user is the same as the one whose data is being edited if (User.Identity.GetUserName()== AccountName) { EmailChange.AccountName = AccountName; return View(EmailChange); } else return RedirectToAction("Index", "Home"); }