public ActionResult Activate(ActivateModel model) { string token; try { // Get the token from the RouteData token = SqlInjection.SafeSqlLiteral(Url.RequestContext.RouteData.Values["id"].ToString()); } // ReSharper disable EmptyGeneralCatchClause catch (Exception) // ReSharper restore EmptyGeneralCatchClause { return RedirectToAction("Index", "Home"); } if (String.IsNullOrEmpty(token) || token.Length != 32) { return RedirectToAction("Index", "Home"); } // Load in values from database model.GetValues(token); // Make Postal code upperCase, remove spaces and encrypt the string model.PostalCode = Crypt.StringEncrypt( SqlInjection.SafeSqlLiteral(StringManipulation.ToUpperFast(model.PostalCode)) .Replace(" ", string.Empty), model.Pepper); model.HouseNumber = Crypt.StringEncrypt(SqlInjection.SafeSqlLiteral(model.HouseNumber), model.Pepper); // If UpdateAccount fails show error page if (!model.UpdateAccount()) return View("Error"); // Make cookie for user Cookies.MakeCookie(model.Mail, model.Id.ToString(CultureInfo.InvariantCulture), "0"); return RedirectToAction("Account", "Logged"); }
public ActionResult Activate() { // Redirect if the user is logged in already if (IdentityModel.CurrentUserLoggedIn) { return RedirectToAction("Account", "Logged"); } var model = new ActivateModel { // Set default Gender = 0 }; string token; try { // Get the token from the RouteData token = SqlInjection.SafeSqlLiteral(Url.RequestContext.RouteData.Values["id"].ToString()); } // ReSharper disable EmptyGeneralCatchClause catch (Exception) // ReSharper restore EmptyGeneralCatchClause { return RedirectToAction("Index", "Home"); } // Redirect if the token is invalid or missing if (String.IsNullOrEmpty(token) || token.Length != 32) { return RedirectToAction("Index", "Home"); } if (!ActivateModel.CheckAccount(token)) return RedirectToAction("Account", "Logged"); // Get values form the database model.GetValues(token); return View(model); }