// POST: Account/Delete/AccountName
public ActionResult Delete(DeleteViewModel ViewModel)
{
if (ModelState.IsValid)
{
// Check if POST action was done by currently logged user
string LoggedUserName = User.Identity.GetUserName();
if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.AccountName == LoggedUserName).Count() > 0)
{
// Check if action was properly confirmed by password
if (db.Account.Where(x => x.AccountName == ViewModel.AccountName && x.Password == ViewModel.CurrentPassword).Count() > 0)
{
db.Account.Remove(db.Account.FirstOrDefault(x => x.AccountName == ViewModel.AccountName));
db.SaveChanges();
return RedirectToAction("Index", "Home");
}
// If wrong password was entered redirect to /Account/WrongPassword
else
return RedirectToAction("WrongPassword", "Account");
}
// If post was done by not logged user redirect to: /Account/Details/ViewModel.AccountName
else
return RedirectToAction("Index", "Home");
}
else
return View(ViewModel);
}
// GET: Account/Delete/AccountNamech
public ActionResult Delete(string AccountName)
{
DeleteViewModel ViewModel = new DeleteViewModel();
// Check if currently logged user is the same as the one whose data is being deleted
if (User.Identity.GetUserName() == AccountName)
{
ViewModel.AccountName = AccountName;
return View(ViewModel);
}
else
return RedirectToAction("Details", "Account", new { AccountName = AccountName });
}
