public ActionResult ChangePassword(FormCollection f)
{
if (!user.IsManager())
{
return(View("Error"));
}
string curPass = f["CurrentPassword"];
string newPass = f["NewPassword"];
string confirmPass = f["ConfirmPassword"];
if (!newPass.Equals(confirmPass))
{
ViewBag.error = "New password and confirm password is not the same.\nPlease try again.";
}
else if (!managerDal.CheckPass(user.ID, curPass))
{
ViewBag.error = "Current password is not correct.\nPlease try again.";
}
else
{
managerDal.ChangePassword(user.ID, newPass);
ViewBag.success = "New password updated.";
}
return(View());
}
