public ActionResult EditUserData(EditUserDataViewModel ViewModel) { // Check if POST action was done by currently logged user string LoggedUserName = User.Identity.GetUserName(); if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.AccountName == LoggedUserName).Count() > 0) { // Check if action was properly confirmed by password if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.Password == ViewModel.CurrentPassword).Count() > 0) { Account TmpAccount = db.Account.FirstOrDefault(x => x.AccountName == ViewModel.AccountName); // This variable will be set to true if enteren First or last name was different that the one in database. bool UserDataChanged = false; // Change First name if entered New First Name is different than the one in the db and is not empty. if (TmpAccount.FirstName != ViewModel.NewFirstName && ViewModel.NewFirstName != null) { TmpAccount.FirstName = ViewModel.NewFirstName; UserDataChanged = true; } // Change Last Name if entered New Last Name is different than the one in the db and is not empty. if (TmpAccount.LastName != ViewModel.NewLastName && ViewModel.NewLastName != null) { TmpAccount.LastName = ViewModel.NewLastName; UserDataChanged = true; } // If FirstName and/or LastName were changed save changes to the database and redirect to /Account/Details/ViewModel.AccountName if (UserDataChanged) db.SaveChanges(); return RedirectToAction("Details", "Account", new { AccountName = ViewModel.AccountName }); } // If wrong password was entered redirect to /Account/WrongPassword else return RedirectToAction("WrongPassword", "Account"); } // If post was done by not logged user redirect to: /Account/Details/ViewModel.AccountName else return RedirectToAction("Details", "Account", new { AccountName = ViewModel.AccountName }); }
public ActionResult EditUserData(string AccountName) { EditUserDataViewModel UserDataEdit = new EditUserDataViewModel(); // Check if currently logged user is the same as the one whose data is being edited if (User.Identity.GetUserName() == AccountName) { UserDataEdit.AccountName = AccountName; return View(UserDataEdit); } else return RedirectToAction("Details", "Account", new { AccountName = AccountName }); }