Exemplo n.º 1
0
        public ActionResult UpdatePassword(User user, string oldPassword)
        {
            if (user == null || Session["User"] == null)
            {
                return(RedirectToAction("Index", "Home"));
            }

            string hashOldPass = PublicFunction.HashPassword(oldPassword);

            oldPassword = PublicFunction.HashPassword(hashOldPass);
            User sUser = (User)Session["User"];

            if (oldPassword != sUser.Password)
            {
                return(RedirectToAction("UserProfile"));
            }

            string hashNewPass = PublicFunction.HashPassword(user.Password);

            user.Password = PublicFunction.HashPassword(hashNewPass);

            string result = db.UpdateUserPassword(sUser.ID, user.Password);

            if (result == "Success")
            {
                Session["User"] = db.GetUser(sUser.Email, user.Password);
            }

            ViewBag.User = Session["User"];
            return(View("UserProfile"));
        }