public virtual ActionResult Login(LoginModel model) { if (!ModelState.IsValid) { return(CurrentUmbracoPage()); } if (!Members.Login(model.Username, model.Password)) { var member = Members.GetByUsername(model.Username); var viewData = new StoreViewData { Success = false }; if (member == null) { viewData.Messages = new[] { "Account does not exist for this email address." }; } else { var messages = new List <string> { "Login was unsuccessful with the email address and password entered." }; if (!member.GetPropertyValue <bool>("umbracoMemberApproved")) { messages.Add("This account has not been approved."); } if (member.GetPropertyValue <bool>("umbracoMemberLockedOut")) { messages.Add("This account has been locked due to too many unsucessful login attempts."); } viewData.Messages = messages; } ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); } return(model.SuccessRedirectUrl.IsNullOrWhiteSpace() ? Redirect("/") : Redirect(model.SuccessRedirectUrl)); }
public virtual ActionResult ChangePassword(ChangePasswordModel model) { if (!ModelState.IsValid) { return(CurrentUmbracoPage()); } var viewData = new StoreViewData(); if (!((model.Password.Length >= Membership.MinRequiredPasswordLength) && (model.Password.ToCharArray().Count(c => !char.IsLetterOrDigit(c)) >= Membership.MinRequiredNonAlphanumericCharacters))) { viewData.Success = false; viewData.Messages = new[] { string.Format("New password invalid. Minimum length {0} characters", Membership.MinRequiredPasswordLength) }; ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); } // change password seems to have a bug that will allow it to change the password even if the supplied // old password is wrong! // so use the login to check the old password as a hack var currentUser = Membership.GetUser(); if (!Members.Login(currentUser.UserName, model.OldPassword)) { viewData.Success = false; viewData.Messages = new[] { "Current password incorrect." }; ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); } if (!currentUser.ChangePassword(model.OldPassword, model.Password)) { viewData.Success = false; viewData.Messages = new[] { "Change password failed. Please try again." }; ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); } viewData.Success = true; viewData.Messages = new[] { "Password updated successfully" }; ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); }
public virtual ActionResult ForgotPassword(ForgotPasswordModel model) { if (!ModelState.IsValid) { return(CurrentUmbracoPage()); } var viewData = new StoreViewData(); var member = Members.GetByUsername(model.Username); if (member == null) { viewData.Success = false; viewData.Messages = new[] { "Unknown email address." }; ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); } var newPassword = Membership.GeneratePassword(Membership.MinRequiredPasswordLength, 0); var user = Membership.GetUser(model.Username); user.ChangePassword(newPassword, newPassword); // assumes you have set the SMTP settings in web.config and supplied a default "from" email var msg = new MailMessage { Subject = string.Format("New Password for {0}", Request.Url.Host), Body = string.Format("Your new password is: {0}", newPassword), IsBodyHtml = false }; msg.To.Add(new MailAddress(model.Username)); using (var smtpClient = new SmtpClient()) { smtpClient.Send(msg); } viewData.Success = true; viewData.Messages = new[] { "A new password has been emailed to you." }; ViewData["MerchelloViewData"] = viewData; return(CurrentUmbracoPage()); }
/// <summary> /// Gets the data of a store by its storeID. /// </summary> /// <param name="id">The storeID of a store</param> /// <returns>The StoreViewData object of the store</returns> public async Task <StoreViewData> ReadStoreViewDataByIdAsync(int id) { StoreViewData storeViewData = null; // Get the connection inside a using statement to properly dispose/close. using (var connection = new MySqlConnection(_SQLConnection)) { // Open the connection. connection.Open(); // Read store name, latitude/longitude, store description, and google place id of a store whose storeID == id. var sqlString = $"SELECT {Constants.StoreDAOStoreNameColumn}, " + $"{Constants.StoreDAOLatitudeColumn}, {Constants.StoreDAOLongitudeColumn}, " + $"{Constants.StoreDAOStoreDescriptionColumn}, {Constants.StoreDAOPlaceIdColumn} " + $"FROM {Constants.StoreDAOTableName} " + $"WHERE {Constants.StoreDAOStoreIdColumn} = @ID;"; using (var command = new MySqlCommand(sqlString, connection)) using (var dataTable = new DataTable()) { // Inject argument to query. command.Parameters.AddWithValue("@ID", id); var reader = await command.ExecuteReaderAsync().ConfigureAwait(false); dataTable.Load(reader); foreach (DataRow row in dataTable.Rows) { // Create StoreViewData with retrieved data and id. storeViewData = new StoreViewData(id, (string)row[Constants.StoreDAOStoreNameColumn], (double)row[Constants.StoreDAOLatitudeColumn], (double)row[Constants.StoreDAOLongitudeColumn], (string)row[Constants.StoreDAOStoreDescriptionColumn], (string)row[Constants.StoreDAOPlaceIdColumn]); } } } return(storeViewData); }