public ActionResult ChangePassword(User user) { string userID = GetUserID(); User oldInfo = userSql.GetUserByID(userID); var password = ModelState["Password"]; var confirmPassword = ModelState["ConfirmPassword"]; if (password == null || password.Errors.Any()) { TempData["change-error"] = "Invalid input: your password hasn't been changed."; return(View("ChangeUserInfo", oldInfo)); } else if (confirmPassword == null) { TempData["change-error"] = "Please enter your password twice; password hasn't been changed."; return(View("ChangeUserInfo", oldInfo)); } else if (confirmPassword.Errors.Any()) { TempData["change-error"] = "Passwords didn't match; password hasn't been changed."; return(View("ChangeUserInfo", oldInfo)); } userSql.UpdatePassword(user.Password, userID); user = userSql.GetUserByID(userID); TempData["change-success"] = "Password changed successfully"; return(RedirectToAction("ChangeInfoInit", user)); }