Пример #1
0
        public ActionResult ChangePsd(ChangePsdView chang)
        {
            if (!ModelState.IsValid)
            {
                return(View(chang));
            }
            string UserMail = Helper.GetUserMail();
            int    UserID   = Models.AccountModels.UserID(UserMail);

            //先確認舊密碼是否正確
            AesCryptoServiceProvider aes = new AesCryptoServiceProvider();

            NewDrinkDB db = new NewDrinkDB();

            User   query = db.Users.Find(UserID);
            string Psd   = PasswordUtility.AESDecryptor(query.Password, aes.Key, aes.IV);

            if (Psd != chang.OldPassword)
            {
                ViewBag.Error = "密碼輸入錯誤";
                return(View(chang));
            }

            string NewPsd = PasswordUtility.AESEncryptor(chang.Password, aes.Key, aes.IV);
            var    result = db.Database.ExecuteSqlCommand(@"UPDATE users SET Password = '******', ConfirmPsd = '" + NewPsd + "' Where ID = '" + UserID + "';");

            //關閉連線
            db.Dispose();

            string BuyDrink   = Helper.GetUserBuyDrink();
            string OrderSet   = Helper.GetUserOrderSet();
            string Message    = Helper.GetUserMessage();
            string Callnotice = Helper.GetUserCallnotice();
            string ChangePsd  = Helper.GetUserChangePsd();

            string[] UserLimit = { BuyDrink, OrderSet, Message, Callnotice, ChangePsd };
            ViewBag.UserLimit   = UserLimit;
            TempData["message"] = "success";

            return(RedirectToAction("Index", "Home"));
        }