public ActionResult ResetPassword() { HttpContext ctx = System.Web.HttpContext.Current; Customer cust = new Customer(); cust.GetFromStorage(ctx); if (!cust.LoggedIn(ctx)) { return RedirectToAction("Index", "Authenticate"); } string message = ""; try { string current = Request.Form["current"]; string newpw = Request.Form["new"]; string confirm = Request.Form["confirm"]; if (String.IsNullOrEmpty(current) || String.IsNullOrEmpty(newpw) || String.IsNullOrEmpty(confirm)) { throw new Exception("You must enter all password fields. Try Again"); } cust.ValidateCurrentPassword(current); cust.ValidatePasswords(newpw, confirm); cust.UpdatePassword(); message = "Your password was successfully updated."; } catch (Exception e) { message = e.Message; } return RedirectToAction("Password", new { message = message }); }