public ActionResult ForgotPassword(string username, string SecurityAnswer) { if (String.IsNullOrEmpty(SecurityAnswer)) { ViewData.ModelState.AddModelError("SecurityAnswer", "Please provide a password reset answer."); ViewData["username"] = username; return View("ForgotPassword", "~/Views/Shared/Site.Master"); } try { Provider.UnlockUser(username); var newpass = Provider.ResetPassword(username, SecurityAnswer); newpass = null; } catch (MembershipPasswordException) { ViewData.ModelState.AddModelError("SecurityAnswer", "Invalid password reset answer."); ViewData["username"] = username; return View("ForgotPassword", "~/Views/Shared/Site.Master"); } string em; int sUserID; var db = new UsersDataContext(); string ip = HttpContext.Request.UserHostAddress; if (ip.Length > 15) { ip = ip.Substring(0, 15); } var result = db.S1_Users_ForgotPassword_CreateForgotPassword(username, SecurityAnswer, ip).SingleOrDefault(); if (result != null) { string ForgotPasswordGUID; ForgotPasswordGUID = result.ForgotPassword.ToString(); CustomUserInfoForFP cuifp = Security.GetUserInfoForFPCustomSP(username); if (cuifp.HasRecord) { em = cuifp.Email; sUserID = cuifp.UserId; } else { //ViewData.ModelState.AddModelError("SecurityAnswer", "Unable to retrieve email address. Please try again."); ViewData.ModelState.AddModelError("*", "There was an error while trying to verify your account. Please refresh your browser and try again."); ViewData["username"] = username; return View("ForgotPassword", "~/Views/Shared/Site.Master"); } return RedirectToAction("ChangePass", "Account", new { id = ForgotPasswordGUID }); } else { //ViewData.ModelState.AddModelError("SecurityAnswer", "Password reset was unsuccessful. Please try again."); ViewData.ModelState.AddModelError("*", "There was an error while trying to verify your account. Please refresh your browser and try again."); ViewData["username"] = username; return View("ForgotPassword", "~/Views/Shared/Site.Master"); } }