示例#1
0
        public ActionResult ResetPassword(string email, string token)
        {
            ResetpasswordForm resetpasswordForm = new ResetpasswordForm();

            resetpasswordForm.Email = email;
            resetpasswordForm.token = token;
            return(View(resetpasswordForm));
        }
示例#2
0
        public ActionResult ResetPassword(ResetpasswordForm model)
        {
            if (model.NewPassword == null)
            {
                ViewBag.message = "Password is required";
                return(View());
            }
            if (!model.NewPassword.Equals(model.NewPasswordConfirm))
            {
                ViewBag.message = "Password is mismatch.";
                return(View());
            }
            string           email   = model.Email;
            NewWebSubContext context = HttpContext.RequestServices.GetService(typeof(new_websub.NewWebSubContext)) as NewWebSubContext;

            using (MySqlConnection conn = context.GetConnection())
            {
                try
                {
                    conn.Open();
                    string         query = "select * from useraccounts where Email=@Email";
                    MySqlCommand   cmd   = new MySqlCommand(query, conn);
                    MySqlParameter param = new MySqlParameter("@Email", email);
                    param.MySqlDbType = MySqlDbType.VarChar;
                    cmd.Parameters.Add(param);

                    MySqlDataReader reader = cmd.ExecuteReader();
                    if (!reader.Read())
                    {
                        ViewBag.message = "This email is not valid.";
                        return(View());
                    }
                    string hashedToken = reader["Hashed_Token"].ToString();
                    reader.Close();
                    byte[] tmpToken       = ASCIIEncoding.ASCII.GetBytes(model.token);
                    byte[] tmpHash        = new MD5CryptoServiceProvider().ComputeHash(tmpToken);
                    string newHashedToken = ByteArrayToString(tmpHash);
                    if (!newHashedToken.Equals(hashedToken))
                    {
                        ViewBag.message = "Token is not valid";
                        return(View());
                    }

                    // reset new password
                    try
                    {
                        byte[] tmpPwd       = ASCIIEncoding.ASCII.GetBytes(model.NewPassword);
                        byte[] tmpPwdHash   = new MD5CryptoServiceProvider().ComputeHash(tmpPwd);
                        string newHashedPwd = ByteArrayToString(tmpPwdHash);

                        query             = "update useraccounts set Password=@Password where Email=@Email";
                        cmd               = new MySqlCommand(query, conn);
                        param             = new MySqlParameter("@Password", newHashedPwd);
                        param.MySqlDbType = MySqlDbType.VarChar;
                        cmd.Parameters.Add(param);

                        param             = new MySqlParameter("@Email", email);
                        param.MySqlDbType = MySqlDbType.VarChar;
                        cmd.Parameters.Add(param);
                        cmd.ExecuteNonQuery();
                        return(RedirectToAction(nameof(Login)));
                    }
                    catch (Exception ex2)
                    {
                        ViewBag.message = ex2.Message;
                        return(View());
                    }
                }
                catch (Exception ex)
                {
                    ViewBag.message = ex.Message;
                    return(View());
                }
            }
        }